Loading...
Loading...
Found 845 Skills
Set up gbrain for this coding agent: install the CLI, initialize a local PGLite or Supabase brain, register MCP, capture per-remote trust policy. One command from zero to "gbrain is running, and this agent can call it." Use when: "setup gbrain", "connect gbrain", "start gbrain", "install gbrain", "configure gbrain for this machine". (gstack)
How humans and AI compose in content workflows. Where AI legitimately participates, where humans must own, hybrid workflow patterns, voice ownership preservation, the AI slop problem, disclosure and transparency, team calibration, and the ethics of intellectually honest AI-assisted content production. Triggers on AI content workflow, AI-assisted writing, hybrid content production, AI in editorial, AI slop, AI disclosure, AI usage policy, AI content ethics, voice preservation with AI, team AI calibration. Also triggers when content feels generic despite quality tools, when team AI usage has drifted into inconsistency, or when a regulated or trust-sensitive context requires explicit AI policy.
Best practices and rules for securing FiveM resources against cheaters and exploits. Use this skill when writing or reviewing server-side and client-side code to ensure malicious events, unauthorized entity creations, and client trust issues are prevented. Focuses on strict server authority and safe event handling.
Registers functions and triggers on the iii engine across TypeScript, Python, and Rust. Use when creating workers, registering function handlers, binding triggers, or invoking functions across languages.
Debugs why session recordings aren't appearing in the local dev environment. Use when a developer reports that local replay ingestion isn't working, recordings aren't showing up despite /s calls, or the replay pipeline seems broken after hogli start. Covers the full local pipeline: SDK capture, Caddy proxy, capture-replay (Rust), Kafka, ingestion-sessionreplay (Node), recording-api (Node), SeaweedFS, and common failure modes like orphaned processes, stuck phrocs workers, and trigger misconfiguration.
AI agent skill for CompressO — a free, open-source, offline desktop tool for batch video and image compression built with Tauri + React. Use when the user needs to compress, trim, convert, or embed subtitles into video/image files locally without any network dependency. Covers installation (Homebrew, DMG, MSI, AppImage, DEB), build from source (Rust + Node.js + pnpm), and guidance on FFmpeg/pngquant/jpegoptim/gifski pipelines. Triggers on: compresso, compress video, compress image, batch compression, ffmpeg compression, tauri desktop compression, offline video compress.
Use when writing or refactoring proof-carrying code in MoonBit, especially for Why3-backed specifications, abstraction functions, representation invariants, proof assertions, recursive verified data structures, or reducing trusted proof bridges.
Checkout optimization — Checkout Extensibility, custom fields, express payments, trust elements
ZOLOZ product integration and support specialist. Use this skill whenever the user mentions ZOLOZ, eKYC, RealID, Real ID, Connect, Face Capture, Face Compare, ID Recognition, ID Network, NFC Reader, CN Authority, AML screening, Deeper, RealDoc, GeoTrust Locator, or any identity verification / biometric / document recognition product from Ant Group. Also trigger when users mention ZOLOZ-related concepts like gateway signing, transaction IDs, checkresult, initialize API, metaInfo, ZLZFacade, ZLZRequest, or ZOLOZ Portal. This skill covers product questions, technical integration, API troubleshooting, SDK issues, Portal operations, and pricing — use it broadly for anything ZOLOZ-related.
Hunting skill for business logic vulnerabilities. Built from 12 public bug bounty reports. Covers coupon-race-stacking (Instacart, Stripe, Reverb), negative-quantity-in-cart price tampering (Upserve, Eternal/Zomato), decimal/fraction price-field overflow (Shipt), client-side checkout amount trust on PayPal redirect (WordPress.org), price-per-unit mass-assignment (Krisp), and archived-price swap / cart-TOCTOU (Stripe). Use when hunting business logic — heavy emphasis on financial-impact-demonstrated cases.
Apply when wiring validation, error handling, or framework adapters. Concentrate guards at system boundaries (CLI, config, network, external APIs); trust internal types and keep business logic in pure functions.
Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work.