Loading...
Loading...
Found 821 Skills
Security standards for authentication, input validation, and OWASP compliance
Security audit for vulnerabilities, compliance issues, and sensitive data exposure. Use before production deployments or when reviewing security-sensitive code.
Unified code review system — dispatches the right review agents for the situation. Use when reviewing code for quality, bugs, compliance, or before merging.
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
Load PROACTIVELY when task involves payments, billing, or subscriptions. Use when user says "add payments", "integrate Stripe", "set up subscriptions", "add a checkout flow", or "handle billing webhooks". Covers Stripe, LemonSqueezy, and Paddle integration, checkout sessions, subscription lifecycle management, webhook verification and handling, customer portal, metered billing, refunds, and PCI compliance considerations.
Expert cold email strategist for B2B outbound campaigns. Use when the user asks about cold email writing, email sequences, email deliverability, domain warmup, SPF/DKIM/DMARC setup, email personalization, cold email templates, email copywriting frameworks, email compliance (CAN-SPAM, GDPR), bounce management, inbox placement, email infrastructure, sequencing tools (Instantly, Smartlead, Lemlist), or cold outreach strategy. Also triggers on "cold email", "email sequence", "deliverability", "warmup", "SPF", "DKIM", "DMARC", "bounce rate", "spam", "inbox placement", "email template", "follow-up email", "outbound email", "Instantly", "Smartlead", "email copy", "subject line", "personalization". Do NOT use for marketing emails or newsletters.
Tailwind CSS v4.1 best practices with WCAG 2.1 AA accessibility, theming, and dark mode support. Use when working with HTML, CSS, styling components, accessibility (a11y), WCAG compliance, color contrast, focus states, screen readers, theming, light mode, dark mode, or building accessible UI patterns like buttons, forms, cards, and navigation. Complements the angular-best-practices skill for Angular frontends.
Code quality validation with linters, SOLID principles, DRY detection, error detection, and architecture compliance across all languages.
Fast, high-signal accessibility triage for pages, components, or PRs targeting WCAG 2.2 AA compliance.
Register brands and campaigns for 10DLC (10-digit long code) A2P messaging compliance in the US. Manage campaign assignments to phone numbers. This skill provides Python SDK examples.
Frontend UI/UX design and implementation for HTML/CSS/JS including semantic structure, responsive layout, accessibility compliance, and visual design direction. Use for building or reviewing web pages/components, fixing accessibility issues, improving styling/responsiveness, or making UI/UX decisions.
Runs real-time safety analysis for instructions involving destructive operations, permission changes, irreversible actions, prompt injection, or compliance-sensitive operations. Evaluates risk level, destructiveness, and reversibility via backend API. Use when asked for safety check, risk assessment, security audit, destructive check, instruction audit, or Modeio safety scan. Also use proactively before executing any instruction that deletes data, modifies permissions, drops or truncates tables, deploys to production, or alters system state irreversibly. Also supports pre-install Skill Safety Assessment for third-party skill repositories via a static prompt contract.