Loading...
Loading...
Found 303 Skills
Manage project dependencies across languages including npm install, package versioning, dependency conflicts, security scanning, and lock files. Use when dealing with dependencies, version pinning, semantic versioning, or resolving conflicts.
This skill should be used when the user asks to "research code", "how does X work", "where is Y defined", "who calls Z", "trace code flow", "find usages", "review a PR", "explore this library", "understand the codebase", or needs deep code exploration. Handles both local codebase analysis (with LSP semantic navigation) and external GitHub/npm research using Octocode tools.
Installs and configures Prettier, ESLint, EditorConfig, and other code quality tools to enforce consistent code style across the team. Generates config files, npm scripts, editor settings recommendations, and CI integration suggestions. Use when users request "setup prettier", "add eslint", "configure code formatting", or "enforce code style".
Run a local Supabase reset, database tests, and type generation in sequence. Use when the user asks to run `supabase db reset`, `supabase test db`, and `npm run gen-types` for this repo.
Use this skill when scaffolding a new PixiJS v8 project with the create-pixi CLI or adding PixiJS to an existing project. Covers npm/yarn/pnpm/bun create commands, interactive vs non-interactive flows, bundler vs creation template categories, available template presets (bundler-vite, bundler-webpack, bundler-esbuild, bundler-import-map, creation-web, framework-react, extension-default), Node version requirements, `npm install pixi.js` for existing projects, post-scaffold dev flow, and the Vite top-level-await production-build gotcha. Triggers on: create pixi.js, npm create, npm install pixi.js, scaffold, template, bundler-vite, bundler-webpack, creation-web, framework-react, new project, existing project, getting started, quick start.
Standardizes development environment setup across machines by generating tool version configs (Node, Python, Ruby), package manager configs (pnpm, Volta, asdf, mise), environment variable templates, and setup scripts with onboarding documentation. Use when users need to "setup dev environment", "standardize tooling", "configure version managers", or "create onboarding scripts".
Runs available security scanning tools against the current project and produces a consolidated markdown report. Auto-detects installed tools (gitleaks, semgrep, grype, npm audit, bandit, pip-audit, gosec, govulncheck, cargo audit, bundle-audit) and activates language-specific scanners based on project files. Gracefully skips missing tools and provides installation hints. By default scans the entire target directory. Pass --full to make the intent explicit (useful in workflows that combine full-codebase and diff-only scans). Use when running security scans, checking for vulnerabilities, detecting leaked secrets in git history, or validating security posture before commits or releases. Pairs with security-review for a complete security workflow.
Migrate Node.js projects to Bun with compatibility analysis. Use when converting existing npm/pnpm/yarn projects to Bun or auditing dependencies for Bun compatibility.
Check dependencies for known vulnerabilities using npm audit, pip-audit, etc. Use when package.json or requirements.txt changes, or before deployments. Alerts on vulnerable dependencies. Triggers on dependency file changes, deployment prep, security mentions.
Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling.
This skill should be used when the user asks to "run npm test after 30 minutes", "git commit after 1 hour", "wait 2h then deploy", "sleep 45m and run build", "after 10m run prettier", or provides a duration followed by a shell command to execute later.
Track and check updates for all OpenClaw dependencies: managed skills (GitHub/ClewHub), bundled skills, workspace skills, npm packages, pip packages, and CLI tools. Use when user asks "check for updates", "dependency status", "are my skills up to date", "什么需要更新", "检查依赖", "检查更新", or wants a dependency health report. Triggers on: dependency check, skill updates, outdated packages, version drift.