Loading...
Loading...
Found 435 Skills
Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).
Design and launch a product survey and produce a Survey Pack (brief, questionnaire/instrument, analysis plan, launch checklist, reporting outline). Use for customer surveys, onboarding surveys, NPS/CSAT/PMF, cancellation/churn, and feedback surveys.
Produce an LLM Build Pack (prompt+tool contract, data/eval plan, architecture+safety, launch checklist). Use for building with LLMs, GPT/Claude apps, prompt engineering, RAG, and tool-using agents.
Use when setting up, deploying, or operating vLLM Studio (env keys, controller/frontend startup, Docker services, branch workflow, and release checklists).
Create lead magnets and gated content to capture email subscribers and leads. Use when asked to design checklists, templates, calculators, mini-courses, whitepapers, or other downloadable content offers. Trigger phrases: "lead magnet", "gated content", "email capture", "content offer", "free download", "checklist", "template", "whitepaper", "swipe file", "content upgrade", "opt-in offer".
Framework for assessing IT service providers, technology vendors, and third-party partners. Creates structured risk assessments across financial, operational, compliance, security, and reputational dimensions with regulatory checklists (GDPR, DORA, NIS2, SOX). Use when: (1) Evaluating new vendors or technology providers, (2) Conducting third-party risk assessments for procurement, (3) Performing critical vendor due diligence for regulatory compliance, (4) Creating vendor onboarding documentation, (5) Establishing ongoing vendor monitoring processes, (6) Assessing vendor concentration risk, or (7) Generating executive-level vendor risk reports.
IPA guideline-compliant security diagnostic and review skill for Laravel/React applications. Use when performing security checks during code implementation or review. Diagnoses 11 vulnerability types (SQL injection, XSS, CSRF, etc.), provides safe code examples, and performs checklist-based validation. Works in conjunction with .claude/rules/security/ to provide concrete diagnostic workflows during implementation phases. Triggers when: (1) reviewing code for security vulnerabilities, (2) implementing authentication/authorization, (3) handling user input/output, (4) working with sessions/cookies, (5) processing files or executing commands, (6) creating forms or APIs, (7) performing security audits.
Use this skill when the user needs to test features before deployment, create test scenarios, find edge cases, or verify bug fixes. Covers manual testing workflows, cross-browser testing, edge case identification, and testing checklists for non-technical founders.
Email metrics to track, 2X levers, and structure checklist for cold outreach. Use when analyzing campaign performance, setting benchmarks, or optimizing email metrics.
Implement a project from its documentation and specification. Use when asked to "implement project", "continue implementation", "build from docs", "implement from spec", or when the user wants to progressively implement a documented project following a todo checklist. Reads docs/, creates implementation plans and todo lists, and implements incrementally with tests and commits.
Turn any workflow into a properly structured Claude Code skill — YAML frontmatter, phase-based instructions, real code blocks, and a verify checklist. Use when the user wants to package a repeated workflow, create a new skill, turn a process into a slash command, or publish to the skills directory. Triggers on requests like "make a skill", "create a skill", "turn this into a skill", "new skill for...", "package this as a skill", "build a skill", "I want to publish a skill", "help me write a skill", or any request to create a reusable Claude Code skill.
Validate systems and processes against GDPR/CCPA privacy regulations, privacy-by-design principles, ADA/WCAG accessibility standards, data processing agreements (DPAs), and provide compliance checklists with regulatory change monitoring guidance.