Loading...
Loading...
Found 2,001 Skills
Technical guide for creating a new Paperclip agent adapter. Use when building a new adapter package, adding support for a new AI coding tool (e.g. a new CLI agent, API-based agent, or custom process), or when modifying the adapter system. Covers the required interfaces, module structure, registration points, and conventions derived from the existing claude-local and codex-local adapters.
Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths
Consult this skill when designing client-server systems or API architectures. Use when traditional web/mobile applications with centralized services, clear separation between client and server responsibilities needed. Do not use when selecting from multiple paradigms - use architecture-paradigms first. DO NOT use when: peer-to-peer dominates - consider dedicated P2P patterns.
Answer questions about OCSF (Open Cybersecurity Schema Framework). Use when the user asks about OCSF classes, objects, attributes, profiles, extensions, or event normalization.
Manage WeChat information and send messages. This function can only be activated with the MCP Server `WeChatMCP`. Please check the server status before using any tools in this MCP server
Review a GitLab Merge Request and provide findings, and post structured review comments with issue explanation plus pseudo code fixes. Use this skill when asked to review a Gitlab Merge request.
Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.
Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operational timelines before any offensive testing begins.
Use when SecItem calls fail — errSecDuplicateItem from unexpected uniqueness, errSecItemNotFound despite item existing, errSecInteractionNotAllowed in background, keychain items disappearing after app update, access group entitlement errors, or Mac keychain shim issues. Covers systematic error diagnosis with decision trees.
This skill should be used when the user asks to 'find a token on TRON', 'search TRC-20 token', 'token info on TRON', 'who holds this TRON token', 'is this TRON token safe', 'top TRON tokens', 'trending tokens on TRON', 'token market cap on TRON', 'holder distribution', 'verify TRON contract', or mentions searching for TRC-20 tokens, checking token metadata, holder analysis, contract verification, or discovering trending tokens on the TRON network. For live prices and K-line charts, use tron-market. For swap execution, use tron-swap.
Run Python quality checks with ruff, pytest, mypy, and bandit in deterministic order. Use WHEN user requests "quality gate", "lint", "verify code quality", "check python", or "pre-commit check". Use for pre-merge validation, CI/CD gating, or comprehensive code quality reports. Do NOT use for single-tool runs (run tool directly), debugging runtime bugs (use systematic-debugging), refactoring (use systematic-refactoring), or architecture review.
Expert in Terraform infrastructure-as-code with cloud deployment patterns