Loading...
Loading...
Found 1,747 Skills
Reviews Forge apps for security vulnerabilities, architecture issues, cost inefficiencies, performance problems, and trigger/scheduling waste before deployment. Use when the user says "review my Forge app", "check my app", "pre-deploy check", "is my app ready to deploy", "audit my Forge app", "check for security issues", "check performance", "review manifest", "check my Forge app for problems", "app review", "optimize my Forge app costs", "reduce invocations", "why is my app expensive", "check my triggers", or any request to evaluate a Forge app's quality, safety, cost efficiency, or readiness. Also triggers when users ask about Forge best practices, permission scopes, resolver optimization, storage efficiency, cold start reduction, frontend offloading, trigger filtering, scheduled trigger frequency, N+1 API calls, bulk API usage, verbose logging, or Forge platform pricing.
Query HTX spot account balances, valuations, transaction history, and move funds between internal HTX accounts. Requires API key (read permission; transfers need write).
Autonomous experiment loop that optimizes any file by a measurable metric. Inspired by Karpathy's autoresearch. The agent edits a target file, runs a fixed evaluation, keeps improvements (git commit), discards failures (git reset), and loops indefinitely. Use when: user wants to optimize code speed, reduce bundle/image size, improve test pass rate, optimize prompts, improve content quality (headlines, copy, CTR), or run any measurable improvement loop. Requires: a target file, an evaluation command that outputs a metric, and a git repo.
Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a skill directory or git repo URL for malicious code, (3) pre-install security gate for Claude Code plugins, OpenClaw skills, or Codex skills, (4) scanning Python scripts for dangerous patterns like os.system, eval, subprocess, network exfiltration, (5) detecting prompt injection in SKILL.md files, (6) checking dependency supply chain risks, (7) verifying file system access stays within skill boundaries. Triggers: "audit this skill", "is this skill safe", "scan skill for security", "check skill before install", "skill security check", "skill vulnerability scan".
WhatsApp Web automation via Playwright and Chrome CDP. Use when the user needs to open WhatsApp Web, launch the WhatsApp Web browser, verify phone numbers on WhatsApp, send WhatsApp messages, read recent chat messages or chat history, read the last reply from a contact, list chats in the sidebar, count chats, count pinned chats, list unread chats, count unread messages, check if a number is registered on WhatsApp, add a new WhatsApp contact, save a number to contacts, automate WhatsApp Web login, or perform bulk number verification. Triggers include requests to "open WhatsApp Web", "buka WhatsApp Web", "launch WhatsApp", "check this number on WhatsApp", "send a WhatsApp message", "verify WhatsApp numbers", "read WhatsApp messages", "list WhatsApp messages", "show recent WhatsApp chat", "ambil pesan WhatsApp", "open WhatsApp chat", "batch check numbers", "list my WhatsApp chats", "ada berapa chat", "berapa pinned chat", "show pinned chats", "ada berapa chat yang belum dibaca", "unread chats", "pesan yang belum dibaca", "how many unread messages", "X bales apa", "apa chat terakhir X", "chat terakhir dari X", "last reply from X", "what did X say", "what did X reply", "add to contacts", "save contact", "add new contact", "simpan kontak", "tambah kontak", "save this number", "pin chat", "unpin chat", "pin this chat", "sematkan chat", "lepas sematan", "pin X", "unpin X", "create group", "new group", "buat grup", "bikin grup baru", "make a whatsapp group", "delete group", "hapus grup", "bubarkan grup", "kick all members", "keluar dan hapus grup", "teardown group", "exit group", "leave group", "keluar grup", "keluar dari grup", "delete chat", "hapus chat", "clear chat", "remove this chat", or any task requiring programmatic WhatsApp Web interaction. For any "open/launch/buka WhatsApp Web" request, run `scripts/login.py` WITHOUT `--wait` — the script exits immediately after opening the window so the agent stays responsive. Never use `--wait` unless the user explicitly asks the agent to wait for them to sign in. For reading messages, run `scripts/read_messages.py --from <name>`. For the last reply from a contact (prompts like "X bales apa"), run `scripts/last_reply.py --from <name>`; add `--any-direction` if the user wants the very last message regardless of who sent it (prompts like "apa chat terakhir X"). For listing chats, run `scripts/list_chats.py`. For pinned chats, run `scripts/list_pinned.py`. For unread chats, run `scripts/list_unread.py`. For adding a contact (prompts like "add this number to contacts", "simpan jadi kontak"), ALWAYS ask the user for First Name, Last Name (optional), and whether to sync the contact to the phone before running `scripts/add_contact.py --phone <number> --first-name <first> [--last-name <last>] [--sync]`. For pinning or unpinning a chat (prompts like "pin chat Ezra", "sematkan chat X", "unpin X"), run `scripts/pin_chat.py --to <name-or-number>` or add `--unpin` to unpin. WhatsApp Web allows at most 3 pinned chats — if the pin action becomes a no-op with `already=true`, tell the user the chat is already pinned; if pinning fails due to the 3-pin cap, tell the user they need to unpin something first. For exiting a group without deleting it from the chat list (prompts like "keluar grup X", "leave group X"), ALWAYS ask the user to confirm first ("Keluar dari grup X? Grup tetap ada di chat list sampai kamu hapus manual."), then run `scripts/exit_group.py --name <group-name> --confirm`. For deleting a chat from the sidebar (prompts like "hapus chat Ezra", "delete chat X", "clear chat"), ALWAYS ask the user to confirm first ("Hapus chat X dari sidebar? Ga bisa di-undo."), then run `scripts/delete_chat.py --to <name-or-number> --confirm`. For active groups you want fully gone, prefer `scripts/delete_group.py` (kick-all + exit + delete) over calling exit + delete-chat separately. For deleting a group (prompts like "hapus grup X", "bubarkan grup"), ALWAYS ask the user to confirm first ("This will kick every member, exit the group, and remove it from your chat list. Lanjut?"). Only after the user confirms, run `scripts/delete_group.py --name <group-name> --confirm`. The script refuses to run without `--confirm`. After it returns, report the `status` field back — "deleted" = fully gone; "exited" = you're out but delete didn't finalize; "partial" = something failed mid-way. Also surface the `skipped` list so the user knows which members couldn't be kicked (usually because the caller isn't admin). For creating a new group (prompts like "buat grup baru", "create a group"), ALWAYS ask the user for the group name AND the members. Members can be many — accept comma-separated input and ask again (repeatably) if the user has more to add, stopping when they signal done. Then run `scripts/create_group.py --name <name> --members <a,b,c> [--members ...]`. After the script returns, check the `failed` array — if any member failed to match a contact, tell the user which ones so they can add them manually later. Always keep responses to the user friendly and non-technical (say "Opening WhatsApp Web..." instead of "Starting Chrome with CDP").
Manuscript Verification and Export for Novels, suitable for user requests such as "Help me check my finished novel", "Export formats suitable for Qidian/Fanqie", "Check for typos", "Detect sensitive words", "Organize into publishable version", "Help me export novel publishing format", "Check novel typos", "Sensitive word detection", "Finished novel inspection", "Export adapted to Qidian format", "Fanqie Novel format export", "Novel typesetting organization", "Multi-platform format export", etc. It is responsible for full technical text verification (typos, punctuation, grammatical errors) and compliance checks, and exports publishing formats adapted to various platforms. **Sub-Agents are used for parallel verification during batch processing, with each Agent responsible for a maximum of 3 chapters**
Live developer experience audit. Uses the browse tool to actually TEST the developer experience: navigates docs, tries the getting started flow, times TTHW, screenshots error messages, evaluates CLI help text. Produces a DX scorecard with evidence. Compares against /plan-devex-review scores if they exist (the boomerang: plan said 3 minutes, reality says 8). Use when asked to "test the DX", "DX audit", "developer experience test", or "try the onboarding". Proactively suggest after shipping a developer-facing feature. (gstack) Voice triggers (speech-to-text aliases): "dx audit", "test the developer experience", "try the onboarding", "developer experience test".
Use when asked to brainstorm, evaluate whether an idea is worth building, run office hours, or think through a new product idea or design direction before any code is written.
Design and evaluate vaccine candidates using computational immunology tools. Covers epitope prediction (MHC-I/II binding via IEDB), population coverage analysis, antigen selection, adjuvant matching, and immunogenicity assessment. Integrates IEDB for epitope prediction, UniProt for antigen sequences, PDB/AlphaFold for structural epitopes, BVBRC for pathogen proteomes, and literature for clinical precedent. Use when asked about vaccine design, epitope prediction, immunogenicity, MHC binding, T-cell epitopes, B-cell epitopes, or population coverage for vaccine candidates.
Use when evaluating ideas in voting phase. Be aggressive - score misaligned or poor ideas low enough to veto, score weak proposals below approval, score strong aligned ideas high. First check directive, then vote.
Use when a PR is submitted and ready for peer review, to evaluate another agent's work against task requirements and code quality standards
Post-earnings analysis skill — generates institutional-grade earnings update reports (8–12 page DOCX) and structured conversation summaries for companies under coverage. Covers beat/miss analysis, segment breakdown, margin trends, guidance assessment, updated estimates, and valuation. Supports US, HK, and A-share markets. Use this skill whenever the user wants a post-earnings analysis or quarterly-results writeup, even if they do not say "earnings update" verbatim. Triggers: "earnings update", "quarterly results", "Q1/Q2/Q3/Q4 results", "earnings report", "post-earnings analysis", "beat/miss", "guidance update", "财报分析", "业绩更新", "季度业绩", "季报", "年报", "盈利分析", "财报点评", "財報分析", "業績更新", "季度業績", "季報", "年報", "財報點評".