Loading...
Loading...
Found 606 Skills
MCP server for JavaScript reverse engineering in real browser environments with hooks, breakpoints, network tracing, deobfuscation, and environment reconstruction.
Guide AI agents through TypeScript coding best practices including type safety, error handling, code organization, and architecture patterns. This skill should be used when generating TypeScript code, reviewing TypeScript files, creating new TypeScript modules, refactoring JavaScript to TypeScript, or when the user asks about TypeScript patterns, types, or coding standards. Keywords: typescript, types, coding standards, best practices, type safety, generics, architecture, refactoring.
Authentication patterns for The Boring JavaScript Stack — session-based auth with password, magic links, passkeys (WebAuthn), two-factor authentication (TOTP/email/backup codes), password reset, and OAuth. Use this skill when implementing or modifying any authentication flow in a Sails.js application.
Finds all REFACTOR markers in codebase, validates associated ADRs exist, identifies stale markers (30+ days old), and detects orphaned markers (no ADR reference). Use during status checks, before feature completion, or for refactor health audits. Triggers on "check refactor status", "marker health", "what's the status", or PROACTIVELY before marking features complete. Works with Python (.py), TypeScript (.ts), and JavaScript (.js) files using grep patterns to locate markers and validate against ADR files in docs/adr/ directories.
Analyze CVE vulnerabilities in Java and JavaScript components, determine false positives, and provide upgrade recommendations. Use this when users provide a CVE number and affected object, e.g., CVE-2024-38816 and spring-webmvc-5.3.39.jar. Supports false positive analysis, compatibility risk assessment, and standard report generation.
Guide for building WebMCP tools — client-side JavaScript tools that expose web application functionality to AI agents via the browser's navigator.modelContext API.
Build TypeScript clients for SpacetimeDB. Use when connecting to SpacetimeDB from web apps, Node.js, Deno, Bun, or other JavaScript runtimes.
Use when hotwire (Turbo and Stimulus) for building modern reactive Rails applications without complex JavaScript frameworks.
Tests web applications for Cross-Site Scripting (XSS) vulnerabilities by injecting JavaScript payloads into reflected, stored, and DOM-based contexts to demonstrate client-side code execution, session hijacking, and user impersonation. The tester identifies all injection points and output contexts, crafts context-appropriate payloads, and bypasses sanitization and CSP protections. Activates for requests involving XSS testing, cross-site scripting assessment, client-side injection testing, or JavaScript injection vulnerability testing.
This skill should be used when the user asks to "set up ESLint", "configure ESLint rules", "fix ESLint errors", "migrate to flat config", or needs guidance on JavaScript/TypeScript linting best practices.
Senior frontend engineering expertise for building high-quality web interfaces. Use this skill when writing, reviewing, or optimizing frontend code - HTML, CSS, JavaScript, TypeScript, components, layouts, forms, or interactive UI. Triggers on web performance optimization (Core Web Vitals, bundle size, lazy loading), accessibility audits (WCAG, ARIA, keyboard navigation, screen readers), code quality reviews, component architecture decisions, testing strategy, and modern CSS patterns. Covers the full frontend spectrum from semantic markup to production performance.
Validate a published or draft-preview WordPress post in a real browser using Playwright. Checks rendered title, heading structure, image loading, OG/meta tags, JavaScript errors, and responsive layout at mobile/tablet/desktop breakpoints. When Chrome DevTools MCP is available, can use it for live browser inspection as an alternative to Playwright. Use for "validate wordpress post", "check live post", "verify published post", "wordpress post looks right", "check og tags", or "responsive check wordpress". Do NOT use for source markdown validation (use pre-publish-checker), SEO keyword analysis (use seo-optimizer), or uploading content (use wordpress-uploader).