Loading...
Loading...
Found 534 Skills
KWCode (天工开物) — a CLI coding agent optimized for local open-source models (8B-30B), featuring deterministic expert pipelines, BM25+AST code location, runtime debugging, and a self-improving flywheel — all running fully offline.
Diagnoses and fixes slow Neo4j Cypher queries by reading execution plans, identifying bad operators (AllNodesScan, CartesianProduct, Eager, NodeByLabelScan), and prescribing fixes (indexes, hints, query rewrites, runtime selection). Use when a query is slow, when EXPLAIN or PROFILE output needs interpretation, when dbHits or pageCacheHitRatio are poor, when cardinality estimation diverges from actuals, or when deciding between slotted/pipelined/parallel runtimes. Covers USING INDEX / USING SCAN / USING JOIN hints, db.stats.retrieve, SHOW QUERIES, SHOW TRANSACTIONS, TERMINATE TRANSACTION. Does NOT write new Cypher from scratch — use neo4j-cypher-skill. Does NOT cover GDS algorithm tuning — use neo4j-gds-skill. Does NOT cover index/constraint creation syntax details — use neo4j-cypher-skill references/indexes.md.
This skill should be used when the user wants to check whether an agent skill is portable across providers. Common triggers include "is this skill cross-provider safe", "will my skill work in cursor", "audit skill compatibility", "check if this loads in codex", and "which providers support this skill". Spawns one agent per provider in parallel using bundled provider-doc snapshots (refreshed on cadence — never fetched at runtime) and produces a compatibility matrix plus a COMPAT.md report. Skip when authoring a new skill (use skill-creator) or rerunning baselines (use skill-eval).
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Mandatory unless the user explicitly opts out. Use when non-trivial work on features, bug fixes, refactorings, or changes to code, tests, configuration, dependencies, runtime assets, or design requires explicit planning before implementation.
Check whether AutoDeploy YAML configs were actually applied by analyzing server logs and optionally graph dumps (AD_DUMP_GRAPHS_DIR). Use when the user wants to verify config application, debug config issues, or check if AutoDeploy transforms (piecewise CUDA graph, multi-stream, sharding, fusion, etc.) were applied or fell back. Triggers on: "check config", "verify config", "ad-conf-check", "were my configs applied", "config not working", "check if piecewise is enabled", "check log for config", or any request to compare AD YAML settings against runtime behavior.
Craft high-quality natural-language image prompts for any modern text-to-image or image-edit model that accepts flowing English. Trigger when the user wants help writing, rewriting, improving, or translating an English natural-language image prompt — including "write me an image prompt", "improve this image prompt", "describe this scene for an image model", or "convert these tags into a natural language prompt". Do NOT trigger for requests that are purely about dispatching to an image API, choosing samplers/schedulers, picking LoRAs, or setting up ControlNet — those belong to a runtime skill.
Use when planning A/B tests in LaunchDarkly, Optimizely, or similar platforms. Sizes the experiment (sample size, MDE, runtime), drafts hypothesis + success metrics + guardrails, and produces a launch checklist + rollback plan.
Eight-axis judgment code review for the current diff — Correctness, Simplification, Tests, Documentation, Style, Intent, Design/API, Performance (+ Coherence on metadata changes). Five-phase pipeline scope → deterministic tool battery (npx/uvx-preferred, zero-install for the JS + Python majority) → 8 parallel LLM axis reviewers → Haiku validators on sub-80 findings (verbatim rubric, ≥80 threshold) → synthesis with no-silent-drop + Conventional Comments JSONL. Every report closes with "What I did NOT check" (security → /security-review, runtime perf, flaky detection). Opt-in flags `--verify-build`, `--mutation-test`, `--reconcile`, `--apply-safe`. Public-skill posture — zero auto-install, graceful skip on missing native tools.
Grounding an assistant in your app with assistant-ui copilots (@assistant-ui/react). Use when steering assistant behavior with useAssistantInstructions, feeding lazy app-state context via useAssistantContext({ getContext }), exposing rendered components with makeAssistantVisible(Component, { clickable, editable }), building two-way interactable state with useAssistantInteractable and Interactables(), or registering instructions and tools imperatively through useAui().modelContext().register({ getModelContext }). Reach for this when the assistant should read the current page, click or edit UI, or read and update component state through auto-generated update_{name} tools. For LLM tools and tool-call UI use the tools skill; for runtime and thread state use the runtime skill.
Interactive debugging mode that generates hypotheses, instruments code with runtime logs, and iteratively fixes bugs with human-in-the-loop verification. Only for hard-to-diagnose bugs; in those cases, remind the user that debug-mode is available, and never proactively activate this skill.
Local Docker execution for TAO SDK job containers using the host Docker daemon and NVIDIA GPU runtime. Use when running TAO jobs on the current machine or a directly attached Docker host. Trigger phrases include "run locally", "local Docker", "use my GPU", "run on my machine", "host Docker daemon".