Loading...
Loading...
Found 910 Skills
Validate SKILL.md frontmatter and .feature-radar/ files against format rules. Runs validate.sh, reports errors/warnings, and auto-fixes issues. MUST use this skill after editing any SKILL.md or .feature-radar/ file — catches format bugs like the 1024-char description limit before they break skill registration. Use when: - User says "validate", "check format", "lint skills", "run validation" - You just edited a SKILL.md (description, name, or body) — run proactively - You created or modified files in .feature-radar/ — run proactively - Before committing changes that touch skills/ or .feature-radar/ - User asks "are my skills valid?", "verify skills", "check skill format" IMPORTANT: Use this proactively after ANY edit to skills/ or .feature-radar/ files, even if the user doesn't ask for it. Format validation prevents silent breakage.
Enable, configure, and query Elasticsearch security audit logs. Use when the task involves audit logging setup, event filtering, or investigating security incidents like failed logins.
Review content against your brand voice, style guide, and messaging pillars, flagging deviations by severity with specific before/after fixes. Use when checking a draft before it ships, when auditing copy for voice consistency and terminology, or when screening for unsubstantiated claims, missing disclaimers, and other legal flags.
Generate a response to a common legal inquiry using configured templates, with built-in escalation checks for situations that shouldn't use a templated reply. Use when responding to data subject requests, litigation hold notices, vendor legal questions, NDA requests from business teams, or subpoenas.
Rapidly triage an incoming NDA and classify it as GREEN (standard approval), YELLOW (counsel review), or RED (full legal review). Use when a new NDA arrives from sales or business development, when screening for embedded non-solicits, non-competes, or missing carveouts, or when deciding whether an NDA can be signed under standard delegation.
Generate SOX sample selections, testing workpapers, and control assessments. Use when planning quarterly or annual SOX 404 testing, pulling a sample for a control (revenue, P2P, ITGC, close), building a testing workpaper template, or evaluating and classifying a control deficiency.
Evaluates interfaces, components, screens, and flows against universal UX/UI principles (heuristics, UX laws, Gestalt, cognitive psychology, accessibility) and delivers concrete, prioritized improvements. Use whenever the user shares UI code, screenshots, components, or mockups and wants feedback — even if they don't use the words "critique" or "review". Also trigger when the user asks "what's wrong with this UI", "how can I improve this", "review my component", "does this look right", "give me feedback on this design", or shares any interface and asks for thoughts. Trigger for partial slices too (a single button, form, or card) — not only full screens.
Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review, incident response, and infrastructure security for any project.
Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.
Token integration and implementation analyzer based on Trail of Bits' token integration checklist. Analyzes token implementations for ERC20/ERC721 conformity, checks for 20+ weird token patterns, assesses contract composition and owner privileges, performs on-chain scarcity analysis, and evaluates how protocols handle non-standard tokens. Context-aware for both token implementations and token integrations.
Comprehensive web quality audit covering performance, accessibility, SEO, and best practices. Use when asked to "audit my site", "review web quality", "run lighthouse audit", "check page quality", or "optimize my website".
Use when you have lint errors, formatting issues, or before committing code to ensure it passes CI.