Loading...
Loading...
Found 10,562 Skills
Provides expertise on Chroma Cloud integration for semantic search and hybrid search applications. Use when the user is working with Chroma Cloud, CloudClient, managed collections, Schema(), Search(), hybrid search, or Chroma Cloud CLI workflows.
Guideline for designing, implementing, and verifying secure APIs following OWASP API Security Top 10 (2023) best practices. Use when the user wants to: (1) review API code or design for security vulnerabilities, (2) design a secure REST, GraphQL, or gRPC API architecture, (3) implement API authentication and authorization (OAuth2, JWT, API keys, mTLS), (4) configure rate limiting, input validation, or CORS, (5) audit API endpoints for BOLA, BFLA, or mass assignment vulnerabilities, (6) create API security checklists or verification plans, (7) fix API security bugs or harden existing APIs, (8) set up API security testing (OWASP ZAP, Schemathesis, Burp Suite), or (9) handle any API security concern including SSRF prevention, resource consumption limits, business flow protection, API inventory management, and secure third-party API consumption.
Walk the user through a PR as a single top-to-bottom narrative ordered by dependency/causal flow, with a heavy scrutiny pass for bugs, missing tests, scope creep, and security. Operates on a temp git worktree so it works while the main working tree is dirty. Use when the user asks to review a PR, walk through a PR, review a PR, or review one branch against another.
Apiiro CLI commands for querying the Guardian AI agent: ask security questions, get analysis and insights about a repository, and manage repository detection. Use this skill whenever the user wants AI-powered security analysis, security posture review, or wants to ask questions about their codebase's security. Also trigger when they need deep analysis of authentication flows, attack surfaces, or want an AI to explain security concepts. Even without mentioning "apiiro" or "guardian", trigger when the user asks things like "is this code secure?", "what's the attack surface here?", or "explain this vulnerability". For dedicated STRIDE threat modeling of a design or feature spec, use the apiiro-threat-model skill instead. For fixing a known risk, use apiiro-fix.
9 chemistry skills. Trigger: chemical structure analysis, reaction prediction, molecular modeling. Design: computational chemistry tools and cheminformatics workflows.
9 editing & proofreading skills. Trigger: polishing drafts, academic tone, proofreading, translation. Design: style checkers and editing workflows for clear, concise academic English.
Install and use China-focused education Agent Skills for textbook sync, exam prep, mistake review, daily practice, and teacher workflows with Hermes Agent
Roblox Luau Development Workflow for implementing, reviewing, and refactoring Roblox game scripts, ModuleScript, ServerScript, LocalScript, RemoteEvent/RemoteFunction, DataStore, and server/client layering. Use when working on Roblox, Luau, Roblox Studio code, Rojo-synced scripts, gameplay systems, UI scripts, replication, remotes, or Roblox services.
Create and optimize in-app paywalls, upgrade screens, upsell modals, and feature gates for SaaS products. Trigger phrases: "write paywall copy," "design an upgrade screen," "upsell modal," "feature gate," "freemium conversion," "trial expiration screen," "limit reached," "upgrade prompt," "in-app paywall," "paywall copy," "upgrade flow," "convert free users to paid," "paywall conversion rate," "paywall A/B test." Note: this skill covers in-app upgrade experiences, not public-facing pricing pages.
Use this skill whenever the user needs to manage VMs in VMware/vSphere/ESXi — it's the entry point for all VM operations. Directly handles: power on/off, clone, snapshot, migrate, deploy from OVA or templates, run commands inside VMs, batch operations, cluster management, and vCenter alarm acknowledgment. Always use this skill for any "power on", "clone", "deploy", "migrate", "batch", "guest exec", "alarm", or VM lifecycle task when the context is explicitly VMware, vSphere, or ESXi. Do NOT use for read-only queries (use vmware-monitor), NSX networking (use vmware-nsx), storage/iSCSI/vSAN (use vmware-storage), or Kubernetes cluster lifecycle (use vmware-vks). For multi-step workflows use vmware-pilot. For load balancing/AVI/AKO use vmware-avi.
Review generated or changed WooCommerce code — extensions, payment and shipping integrations, checkout customizations, and order/product logic — before it ships. Best used reactively after an agent writes, edits, or reviews code touching WooCommerce APIs: wc_get_order, wc_get_orders, wc_get_product, WC() cart or session, woocommerce_* hooks, Store API endpoints, payment gateways, order or product meta, HPOS, subscriptions, or bookings. Use on 'review this Woo plugin', 'is this HPOS compatible', or after tasks like 'write a WooCommerce extension', 'add a checkout field', 'hook into the order flow', or 'update stock'. Enforces HPOS-safe order access, CRUD over direct meta, feature-compatibility declarations, server-side checkout validation, money-handling discipline, and hooks over template overrides. DO NOT USE for WordPress code without WooCommerce APIs (use wp-guard), generic code review (use clean-code-guard), test review (use test-guard), or store configuration and admin-screen questions.
Scraper de MarketWatch: quotes, financials (income/balance/cash flow), SEC filings, analyst estimates, options chain, historical OHLCV. Sin API key.