Loading...
Loading...
Found 256 Skills
Monorepo architecture patterns with Turborepo, pnpm workspaces, and shared packages. Use when setting up multi-package repositories, shared libraries, or micro-frontend architectures.
Turns npm audit/Snyk results into prioritized patch plans with severity assessment, safe upgrade paths, breaking change analysis, and rollback strategies. Use for "dependency security", "vulnerability patching", "npm audit", or "security updates".
Opinionated React/TypeScript tooling and conventions (ESLint, pnpm, Vite/Next.js, Tailwind). Use when setting up new projects, configuring lint/format, monorepos, or building React apps.
Analyzes project dependencies for known security vulnerabilities using npm audit, pip-audit, or similar tools. Use when auditing packages, checking for CVEs, or updating vulnerable dependencies.
Guide for authoring Convex components - isolated, reusable backend modules with their own schema and functions. Use when building reusable libraries, packaging Convex functionality for NPM, creating isolated sub-systems, or integrating third-party components. Activates for component authoring, convex.config.ts setup, component testing, or NPM publishing tasks.
Configura proyectos con scripts de check y detecta CLIs. Usa cuando el usuario diga "configurar proyecto", "setup", "inicializar proyecto", "agregar npm run check", "qué CLIs tengo", o empiece a trabajar en un proyecto nuevo.
You are a TypeScript project architecture expert specializing in scaffolding production-ready Node.js and frontend applications. Generate complete project structures with modern tooling (pnpm, Vite, N
Comprehensive dependency health auditing for JavaScript/TypeScript projects. Run npm audit, detect outdated packages, check for security advisories, and verify license compliance. Prioritises vulnerabilities by severity and provides actionable fix recommendations. Use when: auditing project dependencies, checking for vulnerabilities, updating packages, preparing for release, or investigating "npm audit" warnings. Keywords: audit, vulnerabilities, outdated, security, npm audit, pnpm audit, CVE, GHSA, license.
Creates changesets for semantic versioning and automates release notes. Determines correct version bump type (patch/minor/major) and generates well-documented changelog entries. Triggers on: add changeset, create changeset, version bump, prepare release, CHANGELOG, breaking change, pnpm changeset.
Use this skill when the user wants to check if their system is affected by the axios npm supply chain attack (March 31, 2026), scan for malicious axios versions (1.14.1, 0.30.4), check for malware artifacts, or audit package manager security settings (pnpm, npm, bun, yarn) for protections against supply chain attacks. Trigger on phrases like "axios vulnerability", "axios supply chain", "check if affected by axios", "scan for axios malware", or "package manager security audit".
Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate and audit workflows. Locks down install-time scripts, registries, version ranges, and CI checks.
Automates npm release workflows using changesets. Creates a changeset (default patch), fixes lint/test/typecheck/format issues, commits and pushes, watches CI via the Monitor tool, finds and merges the Version Packages PR opened by changesets/action, and watches the release workflow to completion. Use when the user asks to ship, release, publish, autoship, or cut a release for an npm package.