Loading...
Loading...
Found 9,298 Skills
Scan GitHub Actions workflow files for security vulnerabilities by reading the YAML and reporting findings directly — no external tools, no installation, no shell execution. Use this skill whenever the user shares a `.github/workflows/` file, pastes workflow YAML, asks for a CI/CD security review, mentions `pull_request_target`, `workflow_run`, action pinning, `GITHUB_TOKEN` permissions, pwn requests, template injection, cache poisoning, secret exfiltration, supply chain risk, or any GitHub Actions hardening topic. Also trigger when the user is hardening an OSS repo, doing a CI/CD red team assessment, evaluating a target for supply-chain scanning, or writing publicly about CI/CD security. Bias toward triggering this skill rather than answering from memory — CI/CD security defaults are wrong almost everywhere and the rules are unintuitive.
Generate a complete multichannel outbound campaign — a full sequence of LinkedIn and email messages — from a natural-language brief. Use whenever the user wants to write an outreach campaign, create a prospecting sequence, draft a multichannel sequence, write cold emails and LinkedIn messages, build a social-selling, employee-advocacy or cold-outbound campaign, or rewrite an existing campaign. Triggers on: 'write me a campaign', 'build a sequence', 'multichannel campaign', 'cold outbound sequence', 'social selling', 'employee advocacy', 'post engagers outreach', 'webinar follow-up', 'LinkedIn + email sequence'. Produces 3 angle options, then the full sequence with every message ready to copy, calibrated to the campaign type and channel mix, and self-checked against copywriting quality standards. For SDR, BDR, RevOps, Growth, Head of Sales/Marketing and founders running outbound. Maintained by La Growth Machine.
Validar prompts dirigidos a agentes de IA (Claude Code, Cursor, Copilot, etc.) contra reglas de redacción efectiva. Calcular un porcentaje de efectividad del prompt y devolver sugerencias de mejora concretas, más una propuesta de prompt reescrito. Cubre verbos no imperativos, lenguaje conversacional, acciones vagas, términos subjetivos, alcance difuso, prohibiciones implícitas, intenciones múltiples y nombres genéricos. Las reglas de detalle técnico (alcance, nombres exactos) se aplican solo a prompts de implementación; en prompts funcionales (user stories, descripciones de comportamiento) se marcan N/A. Usar siempre que el usuario pida validar, revisar, auditar, mejorar, corregir o "pulir" un prompt antes de enviarlo a un agente, o cuando pegue un prompt y pida feedback sobre cómo está redactado.
Resolve `/flag` style requests into the right LaunchDarkly flag lookup flow. Use when the user types `/flag`, asks to quickly find a flag by name/key, wants a direct flag detail summary, or needs fast disambiguation between similar flags.
Golang package and module documentation and exploration via `godig`, a pkg.go.dev API client (CLI + MCP server) — package docs, API references, symbols, code examples, available versions, importers (who imports a package), licenses, and known vulnerabilities. Read-only, no auth. Use for looking up any Go/Golang library's documentation, API signatures, usage examples, which versions exist, whether a dependency has CVEs, or who imports a package — prefer this over Context7 for any Go package or module. Triggers on: how to use a Go library, Go API docs, import usage, code examples, pkg.go.dev. Not for upgrading dependencies (→ See `samber/cc-skills-golang@golang-dependency-management` skill) or choosing a library (→ See `samber/cc-skills-golang@golang-popular-libraries` skill).
WeCom Smart Document (formerly known as Smart Homepage, smartpage) management skill. Provides capabilities for creating Smart Documents (publishing local Markdown files as Smart Documents) and exporting content (asynchronously exporting to Markdown). Applicable scenarios: (1) Create one or more local Markdown files as Smart Documents (2) Asynchronously export Smart Document content to Markdown. Supports locating documents via docid or document URL. This skill is triggered when the user explicitly mentions "Smart Document" or "Smart Homepage", or when the link is in the format `https://doc.weixin.qq.com/smartpage/xxx`. Note: For regular documents (`/doc/*`), use `wecomcli-doc`; for online spreadsheets (`/sheet/*`), use `wecomcli-sheet`; for smart spreadsheets (`/smartsheet/*`), use `wecomcli-smartsheet`.
Perform a focused SEO audit on JavaScript concept pages to maximize search visibility, featured snippet optimization, and ranking potential
Build AI agents with Cloudflare Agents SDK on Workers + Durable Objects. Provides WebSockets, state persistence, scheduling, and multi-agent coordination. Prevents 23 documented errors. Use when: building WebSocket agents, RAG with Vectorize, MCP servers, or troubleshooting "Agent class must extend", "new_sqlite_classes", binding errors, WebSocket payload limits.
Build document Q&A with Gemini File Search - fully managed RAG with automatic chunking, embeddings, and citations. Upload 100+ file formats, query with natural language. Use when: document Q&A, searchable knowledge bases, semantic search. Troubleshoot: document immutability, storage quota (3x), chunking config, metadata limits (20 max), polling timeouts, displayName dropped (Blob uploads), grounding lost (JSON mode), tool conflicts (googleSearch + fileSearch).
Svelte runes guidance. Use for reactive state, props, effects, or migration. Covers $state, $derived, $effect, $props, $bindable. Prevents reactivity mistakes.
Use ONLY when the user explicitly says: 'use the skill web-to-markdown ...' (or 'use a skill web-to-markdown ...'). Converts webpage URLs to clean Markdown by calling the local web2md CLI (Puppeteer + Readability), suitable for JS-rendered pages.
Constraint-based metabolic modeling (COBRA). FBA, FVA, gene knockouts, flux sampling, SBML models, for systems biology and metabolic engineering analysis.