Loading...
Loading...
Found 5,962 Skills
Guides identity and access management—workforce and machine identity lifecycle, RBAC/ABAC/PBAC entitlement design, access reviews and recertification, SSO/SAML/OIDC federation, privileged access (PAM/JIT), cloud IAM least privilege (AWS/GCP/Azure concepts), service accounts and secrets hygiene, and separation of duties. Use for IAM, identity governance, access review, RBAC, least privilege, SSO federation, PAM, privileged access, cloud IAM policy, service account, or SoD—not full cloud landing zone architecture (enterprise-cloud-architect), broad cloud security controls (cloud-security-engineer), day-2 break-glass ticket execution only (cloud-system-administrator), pentest (penetration-tester), or legal/HR policy drafting only.
Guides supply chain management—sourcing and supplier qualification, procurement and PO governance, demand forecasting and inventory policy, logistics and fulfillment (3PL, Incoterms, lead times), supplier scorecards, cost and TCO analysis, supply risk and continuity, and SCM KPI dashboards. Use when designing supply strategy, running RFQs, setting safety stock, resolving stockouts or excess inventory, improving OTIF, dual-sourcing critical parts, or building supplier business reviews—not for contract legal redlines (commercial-counsel), vendor security assessments (information-security-engineer), DC construction delivery programs (senior-data-center-capacity-delivery-manager), compute GL and invoice reconciliation (compute-accounting-manager), SaaS quote-to-order (deal-operations-administrator), or enterprise strategy cases (business-consultant).
Guides FinOps analysis on AWS, GCP, and Azure—cost visibility and allocation, tagging and showback/chargeback models, rightsizing and waste removal, RI/Savings Plan/CUD recommendations, budgets and forecasts, anomaly detection, unit economics (cost per service/customer), and FinOps cadence with engineering accountability. Use when optimizing cloud spend, analyzing CUR/billing exports, building cost dashboards, explaining bill spikes, or improving allocation—not for GL mapping, capex, depreciation, or month-end ledger close (compute-accounting-manager), enterprise EA negotiation (enterprise-cloud-architect), hands-on resource provisioning (cloud-engineer), or hardware supply efficiency (data-center-compute-supply-efficiency).
[QwenCloud] Manage account auth and query usage/billing. Use for: login, logout, check usage, view billing, free tier quota, coding plan status, pay-as-you-go costs. Skip for: model browsing, non-account tasks.
Write a high-quality prompt for any LLM or AI assistant — Claude, Claude Code, ChatGPT, Gemini, Cursor, Windsurf, Copilot, or any coding / chat agent. Use this skill whenever the user asks to write, improve, refine, shorten, or rewrite a prompt; asks "how should I phrase this for [model]" or "what's a good prompt for [task]"; describes a task they want an AI to do but hasn't yet formulated it as a prompt; or pastes an existing prompt and asks for revision. Based on Boris's (Anthropic, Claude Code creator) prompt methodology — short and accurate prompts, plan-before-code, feedback loops, persistent context in files. The universal principles (short, plan-first, feedback-loop, no-padding) apply to any LLM; the Claude-Code-specific anchors (CLAUDE.md, @file, slash commands) only apply when the target is Claude Code. If the user's intent is unclear (target model, deliverable, scope, or whether the AI has a way to self-verify is missing), ask 1–3 targeted clarifying questions via AskUserQuestion before writing the prompt.
Performs a comprehensive security review of code changes in a GitHub PR or issue. Checks out the branch, analyzes changed files against a 9-category security checklist, and produces PASS/WARNING/FAIL verdicts. Use when reviewing pull requests for security vulnerabilities, hardcoded secrets, injection flaws, auth bypasses, or insecure configurations. Trigger keywords - security review, code review, appsec, vulnerability assessment, security audit, review PR security.
Mandatory only on the task-file path of `spec-loop-plan-task` after implementation approval. Use when implementation deviates from the approved task, when uncertainty must be clarified instead of guessed through, when new blocking questions arise, or before presenting the current task or subtask to the User. Governs clarification routing, canonical task updates when explicit User clarification, accepted review feedback, or explicit post-implementation User approval changes the current task definition, the post-implementation `Implementation notes` check, and whether the increment may move to `review`. May be applied in parallel with other implementation-related skills.
Use when designing or revising a company's commercial policy — the rules of engagement governing discounts off list price, approver thresholds, exception flows, and the deal framework that Deal Desk and AEs operate under. Covers discount matrix design (ARR band x term length x payment terms x strategic value), commercial policy design, exception policy, discount governance, approval thresholds, deal framework structure, and policy linting (contradictions, gaps, cliff edges, gaming surfaces). For Head of Commercial, Head of Deal Desk, VP Sales, or RevOps at the policy-design moment — NOT per-deal application (that is deal-desk) and NOT pricing model selection (that is pricing-strategist).
Streamlined plan for in-depth research; used when generating plan.json solely based on request.md to complete research scoping, report format discovery, structure design, dimension decomposition, key questions, search strategy, dependencies, execution sequence, and completion criteria in one go.
Battle-tested security checks for AI coding assistants — 29 categories covering OWASP Top 10, CWE Top 25, and ASVS Level 3
Use this skill when the user says "fill in data", "supplement data", "sync data", "update stats sheet", "fill in the data", or "sync". The core action is **batch sync**: Scan `01-Content Production/Pending Content/Short & Mid-length Videos/`, write all videos with complete YAML data to the stats sheet in one go and archive them to `02-Published Content/`. The data source is the YAML within the script files themselves (users have already filled in platform data in the files in advance), so there's no need for users to report numbers again in the conversation. Do NOT trigger this skill for: pattern analysis/review/viral content analysis (use li-analyzer), recording new topics (use li-recorder). Use when the user wants to "sync platform data" or "fill in stats" — the skill scans the pending folder and processes every video whose YAML is complete.
End-to-end data engineering pipeline using MinIO, Airbyte, PostgreSQL, DBT, and Airflow with medallion architecture (Bronze/Silver/Gold layers)