Loading...
Loading...
Found 5,506 Skills
Design behavior change using the B=MAP framework. Use when designing onboarding flows, improving conversion, building habits, increasing feature adoption, or understanding why users don't take desired actions.
Design habit-forming products using the Hook cycle. Use when building engagement loops, improving retention, designing notifications, or creating products users return to without external prompting.
Postgres-backed observability and policy store for the skill system. Provides tables for policy profiles (effect allowlists), skill execution runs, and step-level events. Use when setting up the skill system database or querying execution history.
Ghost Security - Software Composition Analysis (SCA) scanner. Scans dependency lockfiles for known vulnerabilities, identifies CVEs, and generates findings with severity levels and remediation guidance. Use when the user asks about dependency vulnerabilities, vulnerable packages, CVE checks, security audits of dependencies, or wants to scan lockfiles like package-lock.json, yarn.lock, go.sum, or Gemfile.lock.
Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.
This skill should be used when the user asks to "validate a finding", "check if a vulnerability is real", "triage a security finding", "confirm a vulnerability", "determine if a finding is a true positive or false positive", or provides a security finding for review. It validates security vulnerability findings by tracing data flows, verifying exploit conditions, analyzing security controls, and optionally testing attack vectors against a live application.
You must use this when conducting PRISMA-standard systematic reviews, protocol development, or Risk of Bias assessment.
Scan codebase for security vulnerabilities including secrets, insecure dependencies, and unsafe code patterns. Use when performing automated security scans.
Enforces the discipline of thinking about tests, features, and maintainability BEFORE writing implementation code. Use when starting new classes/methods, refactoring existing code, or when asked to "think about tests first", "design for testability", "what tests do I need", "test-first approach", or "TDD thinking". Promotes simple, maintainable designs by considering testability upfront. Works with any codebase requiring test coverage and quality standards.
Implements conditional visibility for Home Assistant dashboard cards using state, numeric_state, screen, user, time, and/or conditions via Conditional Card wrapper and per-card visibility property. Use when asked to "hide card when", "show only if", "user-specific dashboard", "mobile vs desktop cards", "conditional visibility", or "show card based on state/time/user".
Configures automated infrastructure monitoring with mobile alerts (ntfy.sh and Home Assistant) and implements auto-recovery for common failures. Use when setting up monitoring, configuring mobile notifications, enabling auto-recovery, or troubleshooting alert delivery. Triggers on "setup monitoring", "configure alerts", "mobile notifications", "enable auto-recovery", "monitoring not working", or "not getting alerts". Works with ntfy.sh push notifications, Docker container health checks, Bash monitoring scripts, and optional Home Assistant automation integration.
Creates minimalist, mobile-first Home Assistant dashboards using Mushroom cards (13+ types) including entity, light, climate, chips, and template cards with card-mod styling support. Use when building modern HA dashboards, creating compact mobile interfaces, styling entity cards, using chips for status indicators, or combining Mushroom with card-mod for custom CSS.