Loading...
Loading...
Found 148 Skills
Ensures zero-mismatch integrity between server-rendered HTML and client-side React trees. Use when debugging hydration errors, fixing text content mismatches, handling browser extension DOM pollution, implementing selective hydration with Suspense, using the React 19 use() hook for deterministic server-to-client data bridges, or applying Next.js use cache for data drift prevention. Use for hydration mismatch, SSR, hydrateRoot, suppressHydrationWarning, onRecoverableError, two-pass rendering.
Vite build tool configuration and ecosystem. Covers vite.config.ts setup, plugin authoring and popular plugins, dev server configuration (proxy, HMR, HTTPS), build optimization (chunking, tree-shaking, manual chunks, rollupOptions), library mode for publishing packages, SSR configuration, environment variables (.env handling), multi-page apps, CSS handling (PostCSS, CSS modules, preprocessors), and asset handling. Use when configuring Vite projects, authoring Vite plugins, optimizing builds, setting up dev server proxies, configuring SSR, handling environment variables, or troubleshooting Vite issues.
Advanced Vite 7+ patterns including Environment API, plugin development, SSR configuration, library mode, and build optimization. Use when customizing build pipelines, creating plugins, or configuring multi-environment builds.
This skill should be used when the user asks to "check for SSRF", "analyze server-side request forgery", "find URL fetching vulnerabilities", "check for internal network access", or mentions "SSRF", "URL fetching", "cloud metadata", "169.254.169.254", or "request forgery" in a security context. Maps to OWASP Top 10 2021 A10: Server-Side Request Forgery.
Full-stack React framework powered by TanStack Router with SSR, streaming, server functions, and deployment to any hosting provider.
Angular SSR with @angular/ssr, hydration, and prerendering. Covers server-side rendering setup, transfer state, and deployment. USE WHEN: user mentions "Angular SSR", "server-side rendering", "Angular Universal", "@angular/ssr", "hydration", "prerendering", "Angular SEO" DO NOT USE FOR: Next.js SSR - use `nextjs`, Nuxt SSR - use `vue-composition`, SvelteKit SSR - use `svelte`
OWASP API Security Top 10 - prevention, detection, and remediation for REST/GraphQL/API security. Use when designing or reviewing APIs - object- and function-level authorization, authentication, rate limiting and resource consumption, sensitive business flows, SSRF, API inventory and versioning, or consumption of third-party APIs.
Zustand v5 state management for React. Covers TypeScript stores with double-parentheses syntax, persist middleware with hydration handling, devtools, subscribeWithSelector, slices pattern for large apps, SSR/Next.js provider pattern, immer middleware, auto-generating selectors, testing, and vanilla stores. Use when setting up global state, configuring persist middleware, implementing slices pattern, migrating from Redux or Context, testing stores, or troubleshooting hydration and TypeScript issues.
Vite 8 (Rolldown-powered) build tool — configuration, plugin API, SSR, and Rolldown migration. Use when working with Vite projects, vite.config.ts, HMR, Vite plugins, library mode, SSR builds, or migrating from Vite 5/6 to Vite 8. Trigger when the user mentions Vite, vite.config, vitest (config side), HMR, Rolldown, Rollup plugin, or asks to configure, debug, or optimize a Vite-based project (Vue, React, Svelte, Nuxt, SvelteKit).
Use when doing ANY task involving Supabase. Triggers: Supabase products (Database, Auth, Edge Functions, Realtime, Storage, Vectors, Cron, Queues); client libraries and SSR integrations (supabase-js, @supabase/ssr) in Next.js, React, SvelteKit, Astro, Remix; auth issues (login, logout, sessions, JWT, cookies, getSession, getUser, getClaims, RLS); Supabase CLI or MCP server; schema changes, migrations, security audits, Postgres extensions (pg_graphql, pg_cron, pg_vector).
Master Next.js 14+ App Router with Server Components, streaming, parallel routes, and advanced data fetching. Use when building Next.js applications, implementing SSR/SSG, or optimizing React Server Components.
React Router v7 patterns with Clerk — rootAuthLoader, getAuth in loaders, clerkMiddleware, protected routes, SSR user data, org switching. Triggers on: react-router auth, rootAuthLoader, getAuth loader, react-router protected route, loader authentication, SSR auth react-router.