Loading...
Loading...
Found 435 Skills
Use when you need to execute R3 (Prototype Generation) in the product requirement Spec process of sdlc-dev, generate requirements/prototype.md based on requirements/prd.md (including task flow + page structure + ASCII wireframe + AC mapping + walkthrough script), and avoid proceeding with generation without context/PRD, using Open Questions instead of verification checklists, or using non-ASCII formats that make the prototype untraceable and unreviewable.
Diagnoses what makes code complex and why, using the three-symptom two-root-cause framework. Use when code feels harder to work with than it should but the specific problem is unclear. This skill identifies WHETHER complexity exists and WHERE it comes from. Not for scanning a checklist of known design smells (use red-flags) or evaluating a specific module's depth (use deep-modules).
Audits Move contracts for security vulnerabilities before deployment using 7-category checklist. Triggers on: 'audit contract', 'security check', 'review security', 'check for vulnerabilities', 'security audit', 'is this secure', 'find security issues'.
Use this skill when diagnosing, configuring, or monitoring NICs for AF_XDP / XDP workloads. Covers driver detection, hardware queue configuration, offload control (GSO/GRO/TSO/LRO), VLAN offloads, Flow Director (FDIR) rules, CPU core pinning and NUMA awareness, hardware queue and drop monitoring, BPF program inspection with bpftool, kernel tracing via ftrace, perf profiling and flamegraphs, IRQ-to-queue-to-core mapping, and a quick diagnostic checklist.
LOAD THIS SKILL when: auditing Effect TypeScript compliance, user mentions 'effect scan', 'effect audit', 'effect best practices check', 'scan-effect-solutions'. Contains Effect compliance audit checklist covering tsconfig, services, data modeling, error handling, config, testing, runtime usage, and Option/Either anti-patterns.
Proof-driven exploitation with 4-level evidence system, bypass exhaustion protocol, mandatory evidence checklists, and strict EXPLOITED/POTENTIAL/FALSE_POSITIVE classification.
Generate an onboarding checklist and first-week plan for a new hire. Use when someone has a start date coming up, building the pre-start task list (accounts, equipment, buddy), scheduling Day 1 and Week 1, or setting 30/60/90-day goals for a new team member.
Produces Go/No-Go deployment checklists with SQL verification queries, rollback procedures, and monitoring plans. Use when PRs touch production data, migrations, or risky data changes.
Use when structuring, formatting, evaluating, or reviewing a Technology Innovation Management (TIM) project report for Carleton University — provides report rules, chapter guidance, literature review expectations, research method templates, and a compliance-audit checklist.
AI-assisted UI generation patterns for json-render, v0, Bolt, and Cursor workflows. Covers prompt engineering for component generation, review checklists for AI-generated code, design token injection, refactoring for design system conformance, and CI gates for quality assurance. Use when generating UI components with AI tools, rendering multi-surface MCP visual output, reviewing AI-generated code, or integrating AI output into design systems.
Use when you need to execute I1 (Implementation Plan) in the Spec Pack of sdlc-dev, convert requirements/design into `{FEATURE_DIR}/implementation/plan.md` (the single source of truth for execution checklist and status, SSOT), and provide an unambiguous task list for subsequent I2 execution.
Expert ISO 27001 compliance assistant for security and compliance teams. Use this skill whenever a user asks about ISO 27001 or ISO/IEC 27001, including any of the following: gap analysis, auditing, compliance assessments, control checklists, policy writing, document generation, Statement of Applicability (SoA), risk assessment, risk registers, risk treatment plans, Annex A controls, ISMS implementation, clause requirements, certification readiness, transitioning from 2013 to 2022, control implementation guidance, incident response policies, access control policies, supplier security, or any information security management system (ISMS) topic. Trigger even if the user doesn't say "skill" — any ISO 27001 or ISMS question should use this skill.