Loading...
Loading...
Found 2,137 Skills
Test web implementations using Playwright MCP for E2E testing. Creates test reports in docs/testing/*.md. Supports email-based auth testing via Mailinator (registration, verification, password reset, notifications).
Web accessibility patterns and WCAG compliance — semantic HTML, ARIA attributes, keyboard navigation, color contrast, screen reader support, accessible forms, and testing strategies. Use when building accessible interfaces, auditing existing UIs, or establishing a11y standards.
Provides domain-specific best practices for Node.js development with TypeScript, covering type stripping, async patterns, error handling, streams, modules, testing, performance, caching, logging, and more. Use when setting up Node.js projects with native TypeScript support, configuring type stripping (--experimental-strip-types), writing Node 22+ TypeScript without a build step, or when the user mentions 'native TypeScript in Node', 'strip types', 'Node 22 TypeScript', '.ts files without compilation', 'ts-node alternative', or needs guidance on error handling, graceful shutdown, flaky tests, profiling, or environment configuration in Node.js. Helps configure tsconfig.json for type stripping, set up package.json scripts, handle module resolution and import extensions, and apply robust patterns across the full Node.js stack.
Expert skill for generating GitHub Copilot skills from ING-internal documentation repositories. Use this skill when asked to create a skill from any ING documentation-as-code repo, generate a knowledge base skill for an ING framework, convert ING tool documentation into a Copilot skill, or turn any docs/ folder into an expert skill file. Also trigger when the user mentions "skill from docs", "generate skill", "create skill from repo", or references ING-internal frameworks like Baker, Merak, Kingsroad, or similar. Includes evaluation framework, grading agents, and benchmark tools for testing generated skills.
Execute a comprehensive Flutter Project Health Audit. Analyzes tech stack, architecture, state management, testing, code quality, CI/CD, and documentation. Produces a Google Docs-ready report with section scores and weighted overall score. Use when the user asks to audit a Flutter project, run a health check, evaluate project quality, or assess technical debt. Triggers on: 'flutter audit', 'health audit', 'project audit', 'flutter health', 'tech debt assessment', 'project quality check'.
Create and scaffold plugin directories for Codex with a required `.codex-plugin/plugin.json`, optional plugin folders/files, and baseline placeholders you can edit before publishing or testing. Use when Codex needs to create a new local plugin, add optional plugin structure, or generate or update repo-root `.agents/plugins/marketplace.json` entries for plugin ordering and availability metadata.
Supply-chain testing via package-manager dependency confusion: when internal package names resolve to attacker-controlled public registries, leading to malicious install and script execution. Use for npm/pip/gem/Maven/Composer/Docker manifest review and authorized red-team supply-chain exercises.
Hash attack playbook. Use when exploiting length extension, MD5/SHA1 collisions, HMAC timing leaks, birthday attacks, or hash-based proof of work in CTF and authorized testing scenarios.
iOS pentesting playbook. Use when testing iOS applications for keychain extraction, URL scheme hijacking, Universal Links exploitation, runtime manipulation, binary protection analysis, data storage issues, and transport security bypass during authorized mobile security assessments.
LLM prompt injection playbook. Use when testing AI/LLM applications for direct injection, indirect injection via RAG/browsing, tool abuse, data exfiltration, MCP security risks, and defense bypass techniques.
Go testing patterns for Gentleman.Dots, including Bubbletea TUI testing. Trigger: When writing Go tests, using teatest, or adding test coverage.
Write, run, and analyze structured test suites for Agentforce agents. TRIGGER when: user writes or modifies test spec YAML (AiEvaluationDefinition); runs sf agent test create, run, run-eval, or results commands; asks about test coverage strategy, metric selection, or custom evaluations; interprets test results or diagnoses test failures; asks about batch testing, regression suites, or CI/CD test integration. DO NOT TRIGGER when: user creates, modifies, previews, or debugs .agent files (use developing-agentforce); deploys or publishes agents; writes Agent Script code; uses sf agent preview for development iteration; analyzes production session traces (use observing-agentforce).