Loading...
Loading...
Found 9,298 Skills
A qualitative research assistant tool based on Braun & Clarke's Reflexive Thematic Analysis framework. Supports two input modes: (1) Provide raw interview text directly → The skill completes initial TA coding for each document, then proceeds to theme identification after summarization; (2) Provide existing initial coding pool → Directly enter the process of clustering, review, and naming suggestions. Outputs a structured candidate theme table, clearly marking codes with ambiguous boundaries and naming suggestions to be decided by researchers. This skill is triggered when users mention terms such as "thematic analysis", "theme coding", "help me cluster codes", "extract themes from codes", "Braun Clarke", "candidate themes", "how to categorize these codes into themes", "help me check the theme structure", "conduct thematic analysis on interviews". Note the difference from grounded-coding: grounded-coding focuses on category construction and theoretical relationships for procedural grounded theory; thematic-analysis focuses on semantic theme identification following the Braun & Clarke approach, outputting theme structures rather than theoretical propositions.
Soroban smart contract development on Stellar (Rust SDK). Covers project setup, contract structure, storage types, authorization, cross-contract calls, events, error handling, testing (unit, integration, fuzz, property, mutation, fork, differential), security patterns and vulnerability classes, advanced architecture patterns (upgrades, factories, governance, DeFi primitives), and common pitfalls. Use when writing, testing, securing, or shipping Soroban contracts.
Use this skill when the user asks about Goldsky Edge — the managed RPC endpoint service for EVM chains. Triggers on: 'Edge RPC', 'Goldsky RPC endpoint', 'edge.goldsky.com', 'eth_getLogs is slow', 'RPC rate limit', 'hedged requests', 'flashblocks', 'HyperEVM system transactions', 'x402 pay-per-request RPC', 'Goldsky Edge pricing', 'Edge dashboard', 'gs_edge_ API key', 'rpc-edge'. Also use this skill when the user wants a resilient, low-latency JSON-RPC endpoint for EVM chains (Ethereum, Base, Arbitrum, Optimism, Polygon zkEVM, BSC, Avalanche, Berachain, HyperEVM, Monad, Sei, Sonic, Unichain, zkSync, etc.), is debugging RPC errors like -32005/-32012/-32014/-32015/-32016, or is comparing providers (Alchemy, Infura, QuickNode, Ankr) against Edge. For questions about self-hosting eRPC or custom eRPC configuration beyond what Edge exposes, point them at https://docs.erpc.cloud/llms.txt. Do NOT trigger on Goldsky Mirror, Turbo, or Subgraph pipeline questions — those belong to their respective skills.
Full UGC ad video pipeline — generates a character image on Higgsfield, then creates a Seedance 2.0 video from it. Orchestrates the complete flow from image prompt to finished UGC video. Use when the user wants to create a UGC ad video end-to-end, or wants to take a generated image from Higgsfield's image tab into video creation. Triggers on "create a UGC video", "make a UGC ad", "UGC pipeline", "turn this into a UGC video", or any request combining image generation with video creation for ads/UGC content. Requires Playwright MCP tools.
Handle iii engine and SDK errors across Node, Python, Rust, and browser workers. Use when interpreting error codes, retryability, RBAC denial, timeouts, handler failures, or SDK-specific exception surfaces.
Discover, choose, install, and learn iii workers from the worker registry. Use when the task needs a worker-backed capability such as harness, shell, sandbox, database, storage, MCP, ACP, image processing, or future workers published to workers.iii.dev.
Manage Harness Software Supply Chain Assurance (SSCA) via MCP. Configure automated SBOM generation with CycloneDX or SPDX formats, set up artifact signing and attestation with Cosign, define supply chain security policies using OPA, and track SLSA provenance levels. Use when asked to generate SBOMs, sign artifacts, enforce supply chain policies, track software provenance, or manage SLSA compliance. Do NOT use for OPA pipeline governance policies (use create-policy instead) or vulnerability scanning (use security-report instead). Trigger phrases: SBOM, software bill of materials, supply chain security, SLSA, artifact signing, cosign, provenance, attestation, CycloneDX, SPDX, supply chain policy.
Revenue playbook for getting a mobile or web subscription app from zero to early MRR. Use when users ask how to make revenue, reach $1K MRR, monetize an app, get first users, improve ASO, plan TikTok/Reels/Shorts or Reddit acquisition, design a paywall, choose freemium vs trial, price subscriptions, reduce churn, or build a simple growth loop for an app.
Guideline for designing, implementing, and verifying secure APIs following OWASP API Security Top 10 (2023) best practices. Use when the user wants to: (1) review API code or design for security vulnerabilities, (2) design a secure REST, GraphQL, or gRPC API architecture, (3) implement API authentication and authorization (OAuth2, JWT, API keys, mTLS), (4) configure rate limiting, input validation, or CORS, (5) audit API endpoints for BOLA, BFLA, or mass assignment vulnerabilities, (6) create API security checklists or verification plans, (7) fix API security bugs or harden existing APIs, (8) set up API security testing (OWASP ZAP, Schemathesis, Burp Suite), or (9) handle any API security concern including SSRF prevention, resource consumption limits, business flow protection, API inventory management, and secure third-party API consumption.
UE5.6/UE5.7 UI development workflow using UMG and Slate integration. Use when requests involve Widget Blueprint setup, Slate host widgets, lifecycle binding, input and focus handling, tooltip behavior, or viewport clamping logic.
Apiiro CLI commands for querying the Guardian AI agent: ask security questions, get analysis and insights about a repository, and manage repository detection. Use this skill whenever the user wants AI-powered security analysis, security posture review, or wants to ask questions about their codebase's security. Also trigger when they need deep analysis of authentication flows, attack surfaces, or want an AI to explain security concepts. Even without mentioning "apiiro" or "guardian", trigger when the user asks things like "is this code secure?", "what's the attack surface here?", or "explain this vulnerability". For dedicated STRIDE threat modeling of a design or feature spec, use the apiiro-threat-model skill instead. For fixing a known risk, use apiiro-fix.
Create visual presentations, slide decks, and explanatory diagrams in Excalidraw. Use when user asks to create a presentation, slide deck, visual explainer, pitch deck, comparison diagram, process flow, or any multi-slide visual content. Supports two output modes — generating .excalidraw JSON files OR injecting slides directly into excalidraw.com via Chrome browser automation (clipboard JS injection + paste). Combines presentation design expertise with Excalidraw technical implementation.