Loading...
Loading...
Found 60 Skills
Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.
Golang skills orchestrator — always active on any Golang coding, review, debug, or setup task. Reads the task context and loads the most relevant skills from samber/cc-skills-golang, often multiple at once: writing a gRPC service loads golang-grpc + golang-testing + golang-error-handling; debugging a panic loads golang-troubleshooting + golang-safety; auditing security loads golang-security + golang-lint + golang-safety. Also: disambiguates competing clusters when two skills seem to overlap (performance vs benchmark vs troubleshooting, samber/lo vs mo vs ro, DI cluster, safety vs security), and configures CLAUDE.md or AGENTS.md to force-trigger skills in a project (/golang-how-to configure).
Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.
Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.
Use when building cloud-native apps. Keywords: kubernetes, k8s, docker, container, grpc, tonic, microservice, service mesh, observability, tracing, metrics, health check, cloud, deployment, 云原生, 微服务, 容器
Exclusive skill set for the GoFrame development framework. Provides a complete framework usage guide for Go language developers, covering best practices for core components such as command-line management, configuration management, logging components, error handling, data validation, type conversion, cache management, template engines, database ORM, and I18n internationalization. Includes project engineering structure specifications, development model guidelines, solutions to common problems, and rich practical code examples. Suitable for building various Go projects such as RESTful APIs, gRPC microservices, and web applications, helping developers quickly master the features of the GoFrame framework and improve development efficiency and code quality.
Exclusive skill set for the GoFrame development framework. Provides comprehensive framework usage guidelines for Go language developers, covering best practices for core components such as command-line management, configuration management, logging components, error handling, data validation, type conversion, cache management, template engines, database ORM, and I18n internationalization. Includes project engineering structure specifications, development mode guidelines, common problem solutions, and rich practical code examples. Suitable for building various Go projects such as RESTful APIs, gRPC microservices, web applications, and CLI tools, helping developers quickly master GoFrame framework features, improve development efficiency and code quality.
Expert API architect specializing in RESTful API design, GraphQL, gRPC, and API security. Deep expertise in OpenAPI 3.1, authentication patterns (OAuth2, JWT), rate limiting, pagination, and OWASP API Security Top 10. Use when designing scalable APIs, implementing API gateways, or securing API endpoints.
Production backend systems development. Stack: Node.js/TypeScript, Python, Go, Rust | NestJS, FastAPI, Django, Express | PostgreSQL, MongoDB, Redis. Capabilities: REST/GraphQL/gRPC APIs, OAuth 2.1/JWT auth, OWASP security, microservices, caching, load balancing, Docker/K8s deployment. Actions: design, build, implement, secure, optimize, deploy, test APIs and services. Keywords: API design, REST, GraphQL, gRPC, authentication, OAuth, JWT, RBAC, database, PostgreSQL, MongoDB, Redis, caching, microservices, Docker, Kubernetes, CI/CD, OWASP, security, performance, scalability, NestJS, FastAPI, Express, middleware, rate limiting. Use when: designing APIs, implementing auth/authz, optimizing queries, building microservices, securing endpoints, deploying containers, setting up CI/CD.
Implements concurrent Go patterns using goroutines and channels, designs and builds microservices with gRPC or REST, optimizes Go application performance with pprof, and enforces idiomatic Go with generics, interfaces, and robust error handling. Use when building Go applications requiring concurrent programming, microservices architecture, or high-performance systems. Invoke for goroutines, channels, Go generics, gRPC integration, CLI tools, benchmarks, or table-driven testing.
Discover and call remote schema-exposed interfaces with UXC. Use when an agent or skill needs to list operations, inspect operation schemas, and execute OpenAPI, GraphQL, gRPC, MCP, or JSON-RPC calls via one CLI contract.
Guideline for designing, implementing, and verifying secure APIs following OWASP API Security Top 10 (2023) best practices. Use when the user wants to: (1) review API code or design for security vulnerabilities, (2) design a secure REST, GraphQL, or gRPC API architecture, (3) implement API authentication and authorization (OAuth2, JWT, API keys, mTLS), (4) configure rate limiting, input validation, or CORS, (5) audit API endpoints for BOLA, BFLA, or mass assignment vulnerabilities, (6) create API security checklists or verification plans, (7) fix API security bugs or harden existing APIs, (8) set up API security testing (OWASP ZAP, Schemathesis, Burp Suite), or (9) handle any API security concern including SSRF prevention, resource consumption limits, business flow protection, API inventory management, and secure third-party API consumption.