Loading...
Loading...
Found 9,224 Skills
Performs multiple sequence alignment of proteins with EBI Clustal Omega. Use when you need to align multiple sequences to assess similarity, domain conservation, or key residue conservation. Supports up to 4000 sequences and a maximum file size of 4 MB. Do not use to search for homologous proteins in a database (use MMseqs2, BLAST), align non-protein sequences (DNA, RNA), perform structural alignment (use Foldseek, PyMOL), or if you only have a single sequence.
Guides technical program management for security coordinated vulnerability disclosure (CVD)— disclosure policy, intake and triage SLAs, researcher coordination, fix/remediation tracking, embargo and publication timelines, CVE/advisory coordination, bug bounty program operations, and cross-functional gates (security engineering, legal, comms, product). Use when running a CVD or responsible disclosure program, disclosure calendar, bounty ops, or unblocking multi-team remediation for reported vulnerabilities—not for hands-on pentest (offensive-security-analyst), SOC triage (defensive-security-analyst), vuln scanning in CI (devsecops), enterprise security strategy (cybersecurity), generic non-security programs (technical-program-manager), or contract redlines (commercial-counsel).
Guides FinOps analysis on AWS, GCP, and Azure—cost visibility and allocation, tagging and showback/chargeback models, rightsizing and waste removal, RI/Savings Plan/CUD recommendations, budgets and forecasts, anomaly detection, unit economics (cost per service/customer), and FinOps cadence with engineering accountability. Use when optimizing cloud spend, analyzing CUR/billing exports, building cost dashboards, explaining bill spikes, or improving allocation—not for GL mapping, capex, depreciation, or month-end ledger close (compute-accounting-manager), enterprise EA negotiation (enterprise-cloud-architect), hands-on resource provisioning (cloud-engineer), or hardware supply efficiency (data-center-compute-supply-efficiency).
Performs a comprehensive security review of code changes in a GitHub PR or issue. Checks out the branch, analyzes changed files against a 9-category security checklist, and produces PASS/WARNING/FAIL verdicts. Use when reviewing pull requests for security vulnerabilities, hardcoded secrets, injection flaws, auth bypasses, or insecure configurations. Trigger keywords - security review, code review, appsec, vulnerability assessment, security audit, review PR security.
Analyzes Kubernetes resource usage metrics and historical data to suggest optimal CPU and Memory requests and limits. Use to reduce cloud costs, prevent OOMKills, and improve overall cluster reliability by right-sizing your deployments.
Tests WebSocket API implementations for security vulnerabilities including missing authentication on WebSocket upgrade, Cross-Site WebSocket Hijacking (CSWSH), injection attacks through WebSocket messages, insufficient input validation, denial-of-service via message flooding, and information leakage through WebSocket frames. The tester intercepts WebSocket handshakes and messages using Burp Suite, crafts malicious payloads, and tests for authorization bypass on WebSocket channels. Activates for requests involving WebSocket security testing, WS penetration testing, CSWSH attack, or real-time API security assessment.
Read-only Python utilities for Jira, Confluence, and Bitbucket integration. Provides read access to issues, search, workflows, pages, pull requests, commit history, and more. Use when users need to query Atlassian products like "get a Jira issue", "search Confluence pages", "view pull request details", or "get commit history". This variant excludes all write operations for token efficiency and safety.
7-phase frontend design review with accessibility (WCAG 2.1 AA), responsive testing, visual polish. Use for PR reviews, UI audits, or encountering contrast issues, broken layouts, accessibility violations, inconsistent spacing, missing focus states.
Generate security compliance reports using Harness SCS and STO via MCP. Analyze vulnerabilities, SBOMs, and manage exemptions. Use when user says "security report", "vulnerabilities", "SBOM", "security scan", "compliance check", or asks about application security.
Accessibility patterns for React and Next.js — semantic HTML, ARIA attributes, form labeling, keyboard navigation, focus management, and screen reader support. Use when building any interactive UI component or form.
Semantic HTML5, SEO fundamentals, alt texts, progressive enhancement, SPA considerations, device capability detection, and user context awareness. Good HTML is the foundation of accessibility, SEO, and resilient UI. Use when building any web UI, reviewing markup quality, or optimising for search and accessibility.
This skill should be used when the user asks to "set up oodle integration", "onboard to oodle", "integrate kubernetes with oodle", "connect AWS to oodle", "install oodle collector", or mentions setting up observability with Oodle. Discovers the environment, recommends matching integrations from available setup specs, and executes step-by-step installation. Not for querying existing metrics, logs, or traces (use /oodle-metrics-query, /oodle-logs, /oodle-traces instead).