Loading...
Loading...
Found 8,042 Skills
WooYun business logic vulnerability methodology — 22,132 real cases across 6 domains (authentication bypass, authorization bypass, payment tampering, information disclosure, logic flaws, misconfiguration) and 33 vulnerability classes. It can be used for ANY security testing, auditing, or code review of web apps, APIs, or business systems, even without explicit "security" keywords. Triggers: penetration testing, security audit, vulnerability, bug bounty, payment security, IDOR, password reset, weak credentials, unauthorized access, race condition, parameter tampering, code review, penetration testing, security audit, vulnerability mining, payment security, privilege escalation, logic vulnerability, business security, SRC, code audit. It also triggers on implicit intent: "test this endpoint", "find bugs", "can I bypass this", "help me test this interface", "can this parameter be modified", "help me find bugs".
Creates Elastic Cloud Serverless projects (Elasticsearch, Observability, or Security) via the REST API, saves credentials to file, and bootstraps a scoped Elasticsearch API key. Use when creating a new serverless project, provisioning a search or observability environment, or spinning up a new Elastic Cloud project.
Control browser automation through HTTP API. Supports page navigation, element interaction (click, type, select), data extraction, accessibility snapshot analysis, screenshot, JavaScript execution, and batch operations.
Audits codebases for common security vulnerabilities that AI coding assistants introduce in "vibe-coded" applications. Checks for exposed API keys, broken access control (Supabase RLS, Firebase rules), missing auth validation, client-side trust issues, insecure payment flows, and more. Use this skill whenever the user asks about security, wants a code review, mentions "vibe coding", or when you're writing or reviewing code that handles authentication, payments, database access, API keys, secrets, or user data — even if they don't explicitly mention security. Also trigger when the user says things like "is this safe?", "check my code", "audit this", "review for vulnerabilities", or "can someone hack this?".
Professional 12306 train ticket schedule inquiry skill, supporting accurate station selection, date specification and train information retrieval. Using verified browser operation SOP processes and direct URL parameter query strategy to ensure the accuracy of query results. Suitable for scenarios where users need to query train schedules, ticket availability, train times and other 12306-related inquiries.
Schema.org structured data audit and generation optimized for AI discoverability — detect, validate, and generate JSON-LD markup
Write, review, and adapt SQL for PolarDB-X 2.0 Distributed Edition (Enterprise Edition) in AUTO mode, properly handle differences between PolarDB-X and MySQL (such as partitioned tables, Global Secondary Index (GSI), Columnar Index (CCI), Sequence, distributed transactions, table groups, TTL tables, etc.). Suitable for scenarios where you need to generate SQL to run on PolarDB-X, migrate MySQL SQL to PolarDB-X, or debug PolarDB-X SQL compatibility issues.
Helps implement coss UI components correctly. Use when building UIs with coss primitives (buttons, dialogs, selects, forms, menus, tabs, inputs, toasts, etc.), migrating from shadcn/Radix to coss/Base UI, composing trigger-based overlays, or troubleshooting coss component behavior. Covers imports, accessibility, Tailwind styling, and common pitfalls.
Use this skill for Angular apps needing Excel-like UI using the Syncfusion Spreadsheet Component. Trigger for creating, viewing, editing Excel (.xlsx, .xls, .xlsb) and CSV files; embedding spreadsheet editors; data binding from APIs/JSON; using formulas, charts, validation, filtering, or conditional formatting. Also trigger when users reference spreadsheet files ("open xlsx", "load Excel file", "add Syncfusion spreadsheet", "bind data to spreadsheet"). Do NOT trigger for standalone file processing without UI components.
Implements Syncfusion WPF Multi Column Dropdown (SfMultiColumnDropDownControl) for displaying searchable dropdown lists with grid view. Use this when creating dropdowns with multiple columns, autocomplete functionality, or filterable data grids in combo boxes. Supports data binding, column configuration, multi-row selection, and popup customization.
Implement Syncfusion WPF CardView for card-based data display with grouping, sorting, filtering, and editing. Use this when implementing card panels, binding data with ItemsSource, or customizing card layouts in WPF. Covers CardViewItem population, GroupCards, CanSort, CanFilter, CanEdit, EditItemTemplate, HeaderTemplate, ItemTemplate, and SfSkinManager theming.
eBPF skill for Linux observability and networking. Use when writing eBPF programs with libbpf or bpftrace, attaching kprobes/tracepoints/XDP hooks, debugging verifier errors, working with eBPF maps, or achieving CO-RE portability across kernel versions. Activates on queries about eBPF, bpftool, bpftrace, XDP programs, libbpf, verifier errors, eBPF maps, or kernel tracing with BPF.