Loading...
Loading...
Found 489 Skills
Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.
Multi-stage builds for optimized, minimal production images with build/runtime separation
Maintains development environment instructions in the project README.md using nixomatic. When the user asks to build, compile, test, lint, format, type-check, run, or set up a project, or when a command fails because a tool or runtime is not installed, analyze project files to determine required packages and use nix develop with a nixomatic.com URL. Ensure the README.md documents how to reproduce the environment with both nix develop and docker run nixos/nix.
Gas optimization patterns for Solidity smart contracts. Use when optimizing contract deployment costs, runtime gas usage, or storage efficiency. Covers storage packing, custom errors, immutable variables, calldata optimization, loop patterns, assembly usage, and Solady gas-optimized alternatives. Triggers on tasks involving gas optimization, storage layout, deployment cost reduction, or EVM efficiency.
Rust project implementation guide for multi-crate workspace projects. Covers workspace config, toolchain (nightly + rustfmt + clippy + cranky + cargo-deny), strict lint rules (no unsafe/unwrap/expect/panic), error handling (thiserror + anyhow), async runtime (Tokio), TLS (rustls + aws-lc-rs), CI/CD (GitHub Actions with test/build/docker/SBOM), and coding conventions. Use when scaffolding, developing, or reviewing Rust applications.
Guides the agent through an Apple App Store preflight review for Capacitor apps before submission or after rejection. Covers guideline checklist selection, App Store metadata review, Capacitor and iOS project inspection, privacy manifests, Sign in with Apple, entitlements, and common rejection patterns. Do not use for Google Play review, generic store publishing only, or non-Apple mobile runtimes.
Implements and debugs browser Web Neural Network API integrations in JavaScript or TypeScript web apps. Use when adding navigator.ml checks, MLContext creation, MLGraphBuilder flows, device selection, tensor dispatch and readback, or explicit fallback paths to ONNX Runtime Web or other local runtimes. Don't use for model training, server-side ML inference, or cloud AI APIs.
AnyCap CLI -- capability runtime for AI agents. One CLI for image generation, image read, video analysis, audio analysis, music composition, text-to-speech, web search, web crawling, file download, static site hosting, and cloud file storage. Use when the agent needs to generate images, analyze images, video, or audio, produce audio/music, search or crawl the web, download remote files, deploy static sites, or store and share files. Also use when the agent needs to authenticate with AnyCap (login, API key, credentials), or when encountering errors from AnyCap to submit feedback via 'anycap feedback'. Trigger on mentions of AnyCap, multimodal capabilities, AI-generated media, page hosting, or drive storage.
Databricks SQL query optimizer: analyzes a slow SQL query, rewrites it for speed using SQL-level optimizations only, validates byte-for-byte result equivalence, and benchmarks both versions with statistical significance testing. Use this skill whenever the user wants to optimize, speed up, tune, or benchmark a SQL query on Databricks. Trigger on: "/databricks-sql-autotuner", "optimize this SQL", "make this query faster", "tune my Databricks query", "benchmark SQL on Databricks", "speed up this spark SQL", "SQL performance on Databricks", "EXPLAIN this query", "why is my query slow on Databricks", "SQL query optimization Databricks", or whenever a user pastes a SQL query and mentions performance, slowness, or runtime.
Guide for planning and auditing SEO for AI tool, SaaS, and product-led websites. Powered by AnyCap -- the capability runtime that equips AI agents with web search and web crawl through a single CLI. Use when Codex needs to define SEO ICPs, map search intent to page types, inspect live SERPs, write page briefs for tool/comparison/alternatives/pricing/tutorial pages, prioritize technical SEO foundations, plan citations or backlinks, or decide whether programmatic SEO is safe and worthwhile. Trigger on mentions of AI tool SEO, SaaS SEO, product-led SEO, search intent, page type mapping, vs pages, alternatives pages, pricing pages, directory submissions, backlink plans, citations, or pSEO.
Apply when designing VTEX IO configuration apps with the configuration builder or when a service app must receive structured configuration through runtime context. Covers the separation between service apps and configuration apps, schema.json and configuration.json, settingsType, and reading injected configuration through ctx.vtex.settings. Use for shared service configuration, decoupled configuration lifecycle, or reviewing whether app settings should be replaced by a configuration app.
Generate Frida hook scripts using modern Frida API. Activate when the user wants to write Frida scripts, hook functions at runtime, trace calls/arguments/return values, intercept native or ObjC/Java methods, or dump memory and exports.