Loading...
Loading...
Found 1,398 Skills
NestJS reference skill: modules, controllers, providers, DTOs with class-validator, TypeORM/Prisma, guards, interceptors, pipes, queues (BullMQ), WebSockets, microservices, testing, OpenAPI, and CLI scaffolding. Use when the task touches NestJS application code and should follow the project's module-based architecture.
Use this when user provides a Yii2 codebase for analysis or migration planning. Provides 6-phase workflow: scan, capability extraction, dependency analysis, requirements extraction, semantic indexing, and migration roadmap. Apply when user mentions Yii2, PHP legacy modernization, or framework migration to NestJS
Amazon PPC campaign builder and optimizer for sellers. Two modes: (A) Build — design a complete campaign structure from scratch with keyword groupings, bid calculations, and negative keyword lists, (B) Optimize — audit existing campaigns using search term reports, identify keyword funnel opportunities, calculate bid adjustments, and generate a week-by-week action plan. Integrates with amazon-keyword-research for keyword input. No API key required. Use when: (1) setting up Amazon PPC campaigns for a new product, (2) auditing existing campaign performance and ACoS, (3) optimizing keyword bids and negative keywords, (4) building Auto/Manual/Exact campaign structures, (5) analyzing search term reports for opportunities, (6) calculating break-even ACoS and target ACoS, (7) scaling profitable campaigns to Sponsored Brands or Display.
Ultra-lightweight channel for refactor processes - used when changes are clearly too small to go through the full scan → design → apply three-stage workflow. AI directly identifies 1-3 low-risk optimization points, confirms with the user once, modifies in-place using classic methods, and validates itself by running tests. No scan checklist, no design documentation, no multi-step human verification required. Trigger scenarios: User says "quick refactor", "small refactor", "simply optimize XX function", "modify directly", "skip the extra steps", and the scope of changes is clearly localized to a single function / single component with test coverage for self-validation.
Onboard a new repository or a repository with scattered documents into the CodeStable system. Two paths are automatically determined: the empty repository path (no spec-type documents or codestable/ directory in the repository) builds the skeleton from scratch; the migration path (the repository already has scattered documents or partial codestable/ structure) first generates an audit report + migration mapping plan, which is finalized after user confirmation one by one. This skill only does two things: "build the skeleton" and "organize existing documents". Once the skeleton is built, all sub-workflows can run directly. Trigger scenarios: Users say "Use CodeStable in this project", "Build CodeStable structure", "Initialize CodeStable", "Migrate to CodeStable".
Enter this sub-process when conducting code optimization — handle tasks where 'behavior remains unchanged, structure changes' (structure / performance / readability). Shift single-module internal optimization from 'AI random refactoring' to 'first scan to generate a checklist, confirm each item with the user, execute step-by-step according to the method library, and require manual approval for each step'. Trigger scenarios: Users mention phrases like 'optimize it / refactor / rewrite / split it / poor performance / code is too long' without any accompanying behavior changes. Do not handle new requirements (route to feature), bugs (route to issue), or cross-module architecture restructuring (route to architecture + decisions).
Scans code for performance and scalability issues — N+1 queries, missing indexes, unbounded queries, memory inefficiencies, caching gaps, algorithmic complexity, concurrency bugs, and frontend performance problems. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "performance audit", "performance check", "N+1 detection", "query optimization", "slow code", "performance review".
Code review and audit system with specialized sub-skills covering SOLID principles, security, performance, architecture, error handling, testing, code smells, design patterns, and framework best practices. Generates severity-scored findings with copy-pasteable fix prompts. Strictly read-only — never modifies user code. Use when user says "review", "audit", "code review", "check my code", "security scan", "code smells", "SOLID check".
Scans code for security vulnerabilities — injection flaws, authentication gaps, XSS vectors, mass assignment, CSRF, insecure deserialization, sensitive data exposure, broken access control, and misconfigurations. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "security scan", "security audit", "vulnerability check", "find security issues".
Explain code as a scannable blog post
Spec-driven E2E test creation: plan what to test through structured discovery phases, then scaffold a local Shiplight test project and write YAML tests by walking through the app in a browser.
This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD pipelines. It addresses configuring baseline, full, and API scans against running applications, interpreting ZAP findings, tuning scan policies, and establishing DAST quality gates in GitHub Actions and GitLab CI.