Loading...
Loading...
Found 70 Skills
Use when managing dependencies with Bun's package manager. Covers installing packages, workspaces, lockfiles, and migrating from npm/yarn/pnpm to Bun.
Expert guidance for using aube, a fast Rust-based Node.js package manager compatible with pnpm, npm, yarn, and bun lockfiles.
Refactor high-complexity React components in Dify frontend. Use when `pnpm analyze-component --json` shows complexity > 50 or lineCount > 300, when the user asks for code splitting, hook extraction, or complexity reduction, or when `pnpm analyze-component` warns to refactor before testing; avoid for simple/well-structured components, third-party wrappers, or when the user explicitly wants testing without refactoring.
Full-stack web development with Next.js and Turborepo. Stack: Next.js 14+ (App Router, RSC, Server Actions, PPR, SSR, SSG, ISR), Turborepo (monorepo, pipelines, remote caching), RemixIcon (3100+ icons). Capabilities: server components, API routes, middleware, caching strategies, build optimization, monorepo management. Actions: create, build, deploy, optimize Next.js apps, setup monorepo, configure caching. Keywords: Next.js, App Router, Server Components, RSC, Server Actions, SSR, SSG, ISR, PPR, Turborepo, monorepo, remote cache, build pipeline, parallel execution, workspace, pnpm, icons. Use when: building Next.js apps, implementing SSR/SSG, setting up monorepos, optimizing build performance, configuring caching strategies, managing shared dependencies.
Smart dependency updates across ecosystems (npm/bun/pnpm, uv/poetry, cargo). Use when upgrading dependencies, fixing vulnerabilities, or performing proactive maintenance. Supports intelligent batching, risk assessment, and outcome tracking for continuous improvement.
Standardizes development environment setup across machines by generating tool version configs (Node, Python, Ruby), package manager configs (pnpm, Volta, asdf, mise), environment variable templates, and setup scripts with onboarding documentation. Use when users need to "setup dev environment", "standardize tooling", "configure version managers", or "create onboarding scripts".
Security auditing for code vulnerabilities (OWASP Top 10, XSS, SQL injection) and dependency scanning (pnpm audit, Snyk). Use when handling user input, adding authentication, before deployments, or resolving CVEs.
Generic tRPC implementation guide. Works with any framework (Next.js, Express, Fastify, Hono, Bun) and any package manager (pnpm, npm, yarn, bun).
Usage specifications for the Zerone CLI toolset. It covers four core functions: API interface code generation (zerone api), font icon management (zerone font_grabber), frontend project scaffolding (create-zerone), and work log generation (zerone log). This skill should be used in the following scenarios: generating API modules, generating interface code, updating interfaces, pnpm api, adding backend interface modules, iconfont font icons, updating icons, pnpm font, icon usage, creating frontend projects, pnpm create zerone, scaffolding initialization, daily work reports, weekly reports, monthly reports, zerone log. It should even be triggered when the user only mentions keywords such as "interface", "icon", "new project", "daily/weekly report".
Use this skill when the user wants to check if their system is affected by the axios npm supply chain attack (March 31, 2026), scan for malicious axios versions (1.14.1, 0.30.4), check for malware artifacts, or audit package manager security settings (pnpm, npm, bun, yarn) for protections against supply chain attacks. Trigger on phrases like "axios vulnerability", "axios supply chain", "check if affected by axios", "scan for axios malware", or "package manager security audit".
Use Bun instead of Node.js, npm, pnpm, or vite. Provides command mappings, Bun-specific APIs, and development patterns.
Use when the user wants to automate WeChat mini-program upload, preview, or npm packaging via CI/CD, generate deployment scripts, set up miniprogram-ci workflows, or create preview QR codes automatically. Trigger whenever the user mentions "上传小程序", "预览", "CI 部署", "miniprogram-ci", "自动化上传", "发布小程序版本", "生成预览二维码", "打包npm", "pack-npm", "构建npm依赖", "GitHub Actions 小程序", "pnpm 小程序部署", or asks to integrate WeChat mini-program with continuous integration pipelines (GitHub Actions, GitLab CI, etc.).