Loading...
Loading...
Found 2,247 Skills
Comprehensive code review checklist for Go projects. Evaluates code quality, idiomatic patterns, error handling, naming, package structure, and test coverage. Use when reviewing Go code, PRs, or before merging changes. Trigger examples: "review this code", "check this PR", "code review", "review Go file". Do NOT use for security-specific audits (use go-security-audit) or performance-specific analysis (use go-performance-review).
Comprehensive Android mobile application penetration testing skill with full ADB shell access to rooted devices. This skill should be used when performing security assessments on Android applications including static analysis, dynamic analysis, runtime manipulation, traffic interception, and vulnerability identification. Triggers on requests to pentest Android apps, test mobile security, analyze APKs, bypass security controls, or perform OWASP Mobile Top 10 assessments. (user)
GitHub data collection patterns for workflow agents. Covers search query construction by intent, date range handling, repository scope narrowing, preferences.md integration, cross-repo intelligence, parallel stream collection model, and auto-recovery for empty results. Use when building agents that search GitHub for issues, PRs, discussions, releases, security alerts, or CI status.
Execute a single task from a Jira task plan using a structured pipeline of specialist subagents: planning, testing, refactoring, implementation, documentation, code-quality review, architecture review, security audit, and requirements verification. The user must specify which task number to execute. Use when the user says "execute task 3", "work on task 2", "implement task 1", "start task 5 for PROJECT-1234", or "run task N". Also triggered by the orchestrating-jira-workflow skill as Phase 5 of the end-to-end pipeline (called once per task). Requires that the task plan exists at docs/<TICKET_KEY>-tasks.md. Executes ONLY the specified task — never continues to the next one without explicit user approval.
Expert knowledge for Azure Functions development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building HTTP/queue/event-triggered Functions, Durable orchestrations, containerized Functions, CI/CD, or Dapr/OpenAI integrations, and other Azure Functions related development tasks. Not for Azure App Service (use azure-app-service), Azure Logic Apps (use azure-logic-apps), Azure Container Apps (use azure-container-apps), Azure Kubernetes Service (AKS) (use azure-kubernetes-service).
Manage the full lifecycle of ADBPG Supabase projects. Use for listing/querying projects, create, pause/resume, reset password, API Keys, and security IP management. Triggers: "Supabase", "supabase project", "spb-xxx", "ADBPG Supabase"
Use when you have a rough product idea and want a complete PRD without sitting through an interactive grilling. Claude walks the full decision tree (edge cases, modules, schema, testing, security), self-answers with software-engineering best practices, streams the Q&A live so you can override, and writes the PRD locally with an option to push as a GitHub issue.
End-to-end XRPL development playbook. Covers XRP Ledger dApp development including project scaffolding (create-xrp), wallet integration (xrpl-connect), client SDKs, transactions, tokens, NFTs, DEX/AMM, cross-chain interoperability (Axelar), and security best practices.
Source code security audit using backward taint analysis, slot type classification, render context verification, and 3-phase parallel review producing an exploitation queue.
Run a formal, multi-dimensional code review of a pull request. Reads the PR diff, classifies change types, dispatches parallel reviewers by dimension (correctness, consistency, docs-sync, plus conditional security/edge-cases/UX/performance/structure/maintainability), and synthesizes findings into an actionable punch list. Use when the user asks to review a PR, run /deep-review, mark a PR as ready for review, or requests a formal/thorough code review.
Scan code changes for security vulnerabilities using STRIDE threat modeling, validate findings for exploitability, and output structured results for downstream patch generation. Supports PR review, scheduled scans, and full repository audits.
Analyze binary exploitation techniques including buffer overflows and ROP chains using pwntools Python library. Covers checksec analysis, gadget discovery with ROPgadget, and exploit development for CTF and authorized security assessments.