Loading...
Loading...
Found 256 Skills
CLI tool to fetch trending news and hot topics from 66 sources across 44 platforms. Returns structured news items with titles, URLs, and metadata. USE FOR: - Fetching trending/hot news from Chinese and international platforms - Monitoring hot topics across social media, tech, finance, and news sites - Getting structured news data as JSON for further processing - Listing available news sources Requires npm install. Some sources need env vars (PRODUCTHUNT_API_TOKEN). Some sources may be blocked by Cloudflare (linuxdo).
Dev Container を最短で導入/更新するためのブートストラップ。stack を自動判定(node/python/rust)し、テンプレート適用または安全更新を行う。既存 .devcontainer がある場合はバックアップ後にマージ。Chat オプション: stack (auto|node|python|rust), packageManager (npm|pnpm|yarn), mode (safe|overwrite), includeTools (true|false), addCI (true|false)。
Catalog of MSBuild anti-patterns with detection rules and fix recipes. Only activate in MSBuild/.NET build context. Use when reviewing, auditing, or cleaning up .csproj, .vbproj, .fsproj, .props, .targets, or .proj files. Each anti-pattern has a symptom, explanation, and concrete BAD→GOOD transformation. DO NOT use for non-MSBuild build systems (npm, Maven, CMake, etc.).
Use this skill when building command-line interfaces, designing CLI argument parsers, writing help text, adding interactive prompts, managing config files, or distributing CLI tools. Triggers on argument parsing, subcommands, flags, positional arguments, stdin/stdout piping, shell completions, interactive menus, dotfile configuration, and packaging CLIs as npm/pip/cargo/go binaries.
Runs available security scanning tools against the current project and produces a consolidated markdown report. Auto-detects installed tools (gitleaks, semgrep, grype, npm audit, bandit, pip-audit, gosec, govulncheck, cargo audit, bundle-audit) and activates language-specific scanners based on project files. Gracefully skips missing tools and provides installation hints. By default scans the entire target directory. Pass --full to make the intent explicit (useful in workflows that combine full-codebase and diff-only scans). Use when running security scans, checking for vulnerabilities, detecting leaked secrets in git history, or validating security posture before commits or releases. Pairs with security-review for a complete security workflow.
Scan project dependencies for CVEs, outdated packages, and license compliance across npm, pip, cargo, go, maven, and other ecosystems. Use for vulnerability scanning, SBOM generation, supply chain analysis, and automated dependency updates.
Track and check updates for all OpenClaw dependencies: managed skills (GitHub/ClewHub), bundled skills, workspace skills, npm packages, pip packages, and CLI tools. Use when user asks "check for updates", "dependency status", "are my skills up to date", "什么需要更新", "检查依赖", "检查更新", or wants a dependency health report. Triggers on: dependency check, skill updates, outdated packages, version drift.
TypeScript best practices, type safety, and toolchain standards. Use when: - Writing or reviewing TypeScript code - Setting up TypeScript projects or tsconfig - Choosing state management patterns - Configuring build tools (tsup, Vitest) - Avoiding type gymnastics or any-abuse Keywords: TypeScript, tsconfig, strict mode, no-any, pnpm, Vitest, tsup, TanStack Query, discriminated unions, type safety, ESLint
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
Modern Node.js development with Bun, Vite, Vue 3, Pinia, and TypeScript. Covers JavaScript/TypeScript projects, high-performance tooling, and modern frameworks. Use when user mentions Node.js, Bun, Vite, Vue, Pinia, npm, pnpm, JavaScript runtime, or building frontend/backend JS applications.
Use when working with fundamental CLI tools and utilities that are essential for software development across all languages and platforms. Covers shells, version control, system package managers, containers, remote access, HTTP clients, data processing, and build runners. USE FOR: CLI tools, developer tooling, shell scripting, version control, system package managers, containers, remote access, build automation, text processing, choosing cross-platform dev tools DO NOT USE FOR: language-specific package managers (use language-specific skills like npm/pip/cargo), IDE configuration, language-specific build tools (use language-specific skills)
Освойте enterprise-разработку на TypeScript с типобезопасными паттернами, современными инструментами и интеграцией с фреймворками. Этот навык предоставляет всестороннее руководство по TypeScript 5.9+, охватывая основы системы типов (дженерики, маппинг типов, условные типы, оператор satisfies), enterprise-паттерны (обработка ошибок, валидация с помощью Zod), NestJS для масштабируемых API и LangChain.js для AI-приложений. Используйте при создании типобезопасных приложений, миграции кодовых баз с JavaScript, настройке современных инструментов (Vite 7, pnpm, ESLint, Vitest), внедрении продвинутых паттернов типизации или сравнении TypeScript с подходами Java/Python.