Loading...
Loading...
Found 22 Skills
Automated code review assistant that analyzes GitHub pull requests and code changes. Use when: (1) user shares a GitHub PR URL and wants a code review, (2) you need to review code for bugs, security issues, or best practices, (3) performing automated code quality checks before merging, (4) analyzing code diffs for potential improvements.
Create GitHub PRs in Conventional Commits format. OWASP Top 10 security checks are mandatory; PR creation will be aborted if issues are found. Generate a PR body including Summary/Test plan/Design. Trigger with commands like "Create PR", "Pull Request", or `gh pr create`. Use the contribute-skill for contributions to upstream repositories.
Pre-commit code quality review workflow. Use before committing changes to verify code quality, security, testing coverage, and adherence to project conventions. Supports both automated checking and interactive review modes.
Review Dojo code for best practices, common mistakes, security issues, and optimization opportunities. Use when auditing models, systems, tests, or preparing for deployment.
Audit applications against your platform engineering constitution. Use when validating that code, configurations, and deployments align with organizational infrastructure standards.
Trust Wallet API for crypto data — token search, prices, trending tokens, swap quotes, market data, security checks, address validation, asset info, and coin status across 100+ blockchains. Use whenever the user asks about crypto prices, token info, swap rates, market cap, trending coins, token risk, honeypot detection, address validation, or wants to call the Trust Wallet / tws.trustwallet.com API directly. Covers HMAC-SHA256 authentication, supported chains, and all REST endpoints.
Scan extension source code for Chrome Web Store rejection risks. Generates report with issues, root causes, and fixes. Use when: review, pre-submit, rejection, CWS compliance, store review.
Decode and inspect JSON Web Tokens (JWTs) without verification. Use when the user provides a JWT string and wants to see its header, payload, or claims — e.g. "decode this JWT", "what's in this token", "inspect this JWT", "show me the claims", "parse this token". Also triggers on raw JWT strings (three base64url segments separated by dots).
Full agent verification suite. Runs security, patterns, quality, and language-specific checks. Use when asked to "verify agent", "verify my agent", "audit agent", or "full verification".
Disaster recovery drill exercises and security checklists for web application projects (SPA, SSR, full-stack web apps). Focused on solo/indie developers using free-tier infrastructure (Vercel, Supabase, Cloudflare, Netlify, Railway, etc.). Bridges big-tech best practices (NIST, Google SRE DiRT, ISO 22301) to indie scale. Use when the user mentions drills, disaster recovery, security audit, incident simulation, project health check, resilience testing, backup strategies, secret rotation, or incident response for web projects. Not for mobile apps, desktop software, CLI tools, or games.