Loading...
Loading...
Found 550 Skills
Annie Duke's Decision Quality framework applied to a business decision. Spawns a team of specialist agents — Resulting Auditor, Calibrator, Pre-Mortem Analyst, Quit Strategist, Process Architect — who each apply a distinct lens from Duke's framework to evaluate whether a decision is sound regardless of outcome. The lead synthesizes into a stacking analysis: which biases are operating, which process flaws exist, and the honest Duke verdict. Use when the user says "duke this", "is this a good bet", "should I quit", "evaluate this decision", or faces any high-stakes choice under uncertainty and wants rigorous decision-process analysis. Works as a standalone analysis or after /office-hours.
Adapts experiences across cultures and languages — not just translation, but cultural reconception. Part of the Intent design strategy system. When a product enters a new market, everything is in play: information density, navigation patterns, color meaning, icon comprehension, date formats, trust signals, payment flows, and the fundamental assumptions about how people make decisions. Trigger when: planning international expansion, auditing i18n readiness, adapting designs for RTL languages, reviewing cultural assumptions in a design, preparing localization test plans, or when someone says "we need to launch in [country]" and the plan is "just translate it." Also trigger for compliance reviews across markets (GDPR, PIPL, accessibility laws).
Create parametric OpenSCAD 3D models of workshop tools (drill presses, vacuums, saws, etc.) for workshop layout planning. Use when asked to "model a tool", "create OpenSCAD for [tool]", "add [tool] to workshop", or when planning workshop layouts that need tool representations. Supports brand-accurate colors (Bosch, Festool, Makita, DeWalt, Milwaukee) and standardized code structure with customizer parameters.
Run a comprehensive WCAG accessibility audit covering perceivable, operable, understandable, and robust principles. Use this skill whenever the user wants to audit accessibility, review WCAG compliance, fix accessibility issues, prepare for accessibility certification, address an accessibility lawsuit risk, or systematically improve a site's accessibility. Triggers on accessibility audit, WCAG audit, a11y audit, accessibility compliance, ADA compliance, screen reader test, keyboard navigation, accessibility report, fix accessibility, axe scan. Also triggers when accessibility issues have been reported and need systematic remediation.
Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication on endpoints, weak password policies, credential stuffing susceptibility, token leakage in URLs or logs, and session management flaws. The tester evaluates JWT implementation, API key handling, OAuth flows, and session token entropy to identify authentication bypasses. Maps to OWASP API2:2023 Broken Authentication. Activates for requests involving API authentication testing, token validation assessment, credential security testing, or API auth bypass.
Uses Postman to perform structured API security testing by building collections that test for OWASP API Security Top 10 vulnerabilities including authentication bypass, authorization flaws, injection, and data exposure. The tester creates environments with multiple user roles, writes test scripts for automated security validation, and integrates Postman with OWASP ZAP and Newman for CI/CD security testing. Activates for requests involving Postman security testing, API security collection, automated API testing, or OWASP API testing with Postman.
Guide for configuring the Infisical Agent — a client daemon that manages token lifecycle and renders secrets via Go templates without modifying application code. Covers the full YAML config format, all 6 auth methods (Universal Auth, Kubernetes, AWS IAM, Azure, GCP ID Token, GCP IAM), sinks, template functions (listSecrets, listSecretsByProjectSlug, getSecretByName, dynamicSecret), polling, on-change commands, and caching. Use this skill when someone asks about: Infisical Agent, agent config file, agent templates, rendering secrets to files, sidecar secret injection, token renewal, infisical agent command, or 'how do I use the Infisical Agent to inject secrets'.
Encrypted credential vault keyed off the agent's Alien Agent ID private key. Store, retrieve, list, and remove external-service credentials (GitHub PAT, Slack token, AWS keys, etc.) without ever hardcoding secrets. Use when the user asks to save, fetch, or remove a service credential, or whenever a downstream tool needs an external-service secret that should not appear in shell history, source files, or process arguments.
Deploy to 9 cloud providers — AWS, Vercel, Netlify, Railway, Fly.io, Heroku, DigitalOcean, Linode, Cloudflare. Provider selection, deployment patterns, cost comparison.
Connect to the Zhihe AI Legal Large Model Platform for legal research. This skill should be used when users need to conduct legal issue research, look up laws and regulations, retrieve similar cases, or obtain legal research reports. A Zhihe AI platform membership account is required.
Use this skill when working on infrastructure, DevOps, CI/CD, Kubernetes, cloud deployment, observability, or cost optimization. Activates on mentions of Kubernetes, Docker, Terraform, Pulumi, OpenTofu, GitOps, Argo CD, Flux, CI/CD, GitHub Actions, observability, OpenTelemetry, Prometheus, Grafana, AWS, GCP, Azure, infrastructure as code, platform engineering, FinOps, or cloud costs.
Multi-cloud security assessment skill for AWS, Azure, and GCP. This skill should be used when performing cloud security audits, scanning for misconfigurations, testing IAM policies, auditing storage permissions, and identifying privilege escalation paths. Triggers on requests to audit cloud security, scan AWS/Azure/GCP, check cloud misconfigurations, or perform cloud penetration testing.