Loading...
Loading...
Found 1,580 Skills
Analiza cambios staged en git para detectar bugs, vulnerabilidades de seguridad, malas prácticas, y genera descripciones detalladas de commits con mensaje en formato Conventional Commits. Usa este skill siempre que el usuario quiera revisar cambios antes de commitear o pushear, analizar un diff staged, detectar bugs o malas prácticas en código que está por commitear, generar un mensaje o descripción de commit, o hacer code review previo al commit. Se activa con frases como "revisá mis cambios staged", "analiza mi commit", "qué bugs tiene lo que cambié", "generame el mensaje de commit", "review antes de push", "detecta errores en mis cambios", "haceme un análisis antes de commitear", o "necesito una descripción para mi commit". NO usar para: code review de archivos sueltos sin contexto de commit, configurar linters, escribir tests, debugging de producción, o crear código nuevo. Este skill es específicamente para el momento previo al commit.
Scaffold signin and signup authentication endpoints for a project. Use when the user wants to add authentication, create login/register flows, or set up auth from scratch.
Backend development specialist covering API design, database integration, microservices architecture, and modern backend patterns. Use when user asks about API design, REST or GraphQL endpoints, server implementation, authentication, authorization, middleware, or backend service architecture. Do NOT use for database-specific schema design or query optimization (use moai-domain-database instead) or frontend implementation (use moai-domain-frontend instead).
Universal coding patterns, constraints, TDD workflow, atomic todos
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.
Identify storage buckets that are publicly accessible and may contain sensitive data.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
Extract and decode Supabase-related JWTs from client-side code, cookies, and local storage patterns.
List all tables exposed via the Supabase PostgREST API to identify the attack surface.
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
Expert in Kanidm modern identity management system specializing in user/group management, OAuth2/OIDC, LDAP, RADIUS, SSH key management, WebAuthn, and MFA. Deep expertise in secure authentication flows, credential policies, access control, and platform integrations. Use when implementing identity management, SSO, authentication systems, or securing access to infrastructure.
Professional Skills and Methodologies for Command Injection Vulnerability Testing