Loading...
Loading...
Found 701 Skills
Turso (Limbo) database helper — an in-process SQLite-compatible database written in Rust. Formerly known as libSQL / libsql. Replaces @libsql/client, libsql-experimental for Turso use cases. Works in Node.js, browser (WASM + OPFS for persistent local storage), React Native, and server-side. Features: vector search, full-text search, CDC, MVCC, encryption, remote sync. SDKs: JavaScript (@tursodatabase/database), Browser/WASM (@tursodatabase/database-wasm), React Native (@tursodatabase/sync-react-native), Rust (turso), Python (pyturso), Go (tursogo). This skill contains all SDK documentation needed to use Turso — do NOT search the web for Turso/libsql docs.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Ultracite is a zero-config linting and formatting preset for JavaScript/TypeScript projects. Use when: (1) Setting up or initializing Ultracite in a project (ultracite init), (2) Running linting or formatting commands (check, fix, doctor), (3) Writing or reviewing JS/TS code in a project that uses Ultracite — to follow its code standards, (4) Troubleshooting linting/formatting issues, (5) User mentions 'ultracite', 'lint', 'format', 'code quality', or 'biome/eslint/oxlint' in a project with Ultracite installed.
Authenticate to Azure services using Azure Identity SDK for JavaScript (@azure/identity). Use when configuring authentication with DefaultAzureCredential, managed identity, service principals, or interactive browser login.
Scan code repositories for security threats including data exfiltration, backdoors, malicious code injection, dependency chain risks, and sensitive file access. Use this skill when users want to audit a codebase (especially TypeScript/JavaScript/Node.js projects) for security vulnerabilities, detect hidden malware, review npm dependencies for supply-chain attacks, check for credential leaks, or perform a pre-deployment security review. Triggers on requests like "scan for malicious code", "security audit", "check for backdoors", "review dependencies for vulnerabilities", "detect data exfiltration".
WHEN: User is building Go/Templ web apps, using templUI components, converting sites to Templ, or asking about templ syntax, Script() templates, HTMX/Alpine integration, or JavaScript in templ WHEN NOT: Non-Go projects, general web development without templ
Configure and operate BiomeJS in JavaScript/TypeScript projects, including installation, `biome.json` setup, formatter/linter/check workflows, VCS integration, and CI usage. Use when users ask to adopt Biome, tune rules/includes, set up monorepo/shared configs, or troubleshoot Biome command behavior.
Web page and website scraping with Firecrawl API. Use this skill when scraping web articles, blog posts, documentation pages, paywalled content, or JavaScript-heavy sites. Triggers on requests to scrape websites, extract article content, convert pages to markdown, or handle anti-bot protection.
Use when creating OpenCode plugins that hook into command, file, LSP, message, permission, server, session, todo, tool, or TUI events - provides plugin structure, event API specifications, and implementation patterns for JavaScript/TypeScript event-driven modules
Create and manage PNPM workspaces following Constructive standards. Use when asked to "create a monorepo", "set up a workspace", "configure pnpm", or when starting a new TypeScript/JavaScript project with multiple packages.
Coding conventions enforcement agent. Auto-invoked when writing new code, reviewing code quality, adding headers, or checking documentation compliance across Python, TypeScript/JavaScript, and C#/.NET.
When the user wants to choose or optimize rendering strategy for SEO. Also use when the user mentions "SSR," "SSG," "CSR," "ISR," "static rendering," "dynamic rendering," "server-side rendering," "client-side rendering," "JavaScript rendering," "pre-rendering," "prerender," "content in initial HTML," or "crawler visibility."