Loading...
Loading...
Found 811 Skills
Design and operate privacy and data security programs for SEC-registered firms under Reg S-P, Reg S-ID, and SEC cybersecurity expectations. Use when the user asks about privacy notices, the Safeguards Rule, identity theft prevention programs, breach notification obligations, vendor security due diligence, incident response planning, data classification, or state privacy law compliance. Also trigger when users mention 'customer data was exposed', 'do we need to notify clients of a breach', 'cybersecurity exam prep', 'cloud vendor risk assessment', 'encrypting client data', 'BYOD security policy', 'Red Flags Rule', 'NY DFS 500 requirements', or ask how to handle a cybersecurity incident.
Framework-agnostic core concepts for TanStack Router: route trees, createRouter, createRoute, createRootRoute, createRootRouteWithContext, addChildren, Register type declaration, route matching, route sorting, file naming conventions. Entry point for all router skills.
Use when optimizing application performance, reducing load times, improving database queries, meeting performance budgets, or diagnosing bottlenecks in web applications or APIs. Triggers: slow page loads, poor Web Vitals, database timeouts, large bundle size, user-reported sluggishness, scaling preparation.
Create custom world generation content for Minecraft 1.21.x including custom biomes, dimensions, noise settings, surface rules, placed/configured features, carvers, structure sets, and biome modifiers. Covers both the datapack-only approach (JSON worldgen files) and the mod-code approach (NeoForge BiomeModifiers, Fabric BiomeModification API, code-driven worldgen registration with DeferredRegister). Includes the full JSON schema for biome files, noise_settings overrides, placed_feature, configured_feature, structure, structure_set, and processor_list files. Targets Minecraft 1.21.x with official Mojang mappings.
Expert ISO 27001 compliance assistant for security and compliance teams. Use this skill whenever a user asks about ISO 27001 or ISO/IEC 27001, including any of the following: gap analysis, auditing, compliance assessments, control checklists, policy writing, document generation, Statement of Applicability (SoA), risk assessment, risk registers, risk treatment plans, Annex A controls, ISMS implementation, clause requirements, certification readiness, transitioning from 2013 to 2022, control implementation guidance, incident response policies, access control policies, supplier security, or any information security management system (ISMS) topic. Trigger even if the user doesn't say "skill" — any ISO 27001 or ISMS question should use this skill.
Prepare, publish, and automate releases for npm packages, especially scoped packages that need package.json fixes, publish scripts, npm dry-run checks, `.env`-managed `NPM_TOKEN` handling, npm org token setup, GitHub Actions secrets, semantic-release workflows, npmjs.org publishing, GitHub Packages publishing, GitHub Releases, or release troubleshooting. Use when Codex needs to make a repo publish-ready, verify what npm will ship, configure automated publishing, or diagnose failures involving package contents, registry auth, 2FA, tokens, tags, changelogs, GitHub Actions, or semantic-release.
Creates high-quality Claude Code and Cowork skills using evidence-based principles: expert vocabulary payloads for knowledge routing, dual-register descriptions for reliable triggering, named anti-pattern watchlists for steering past the distribution center, and progressive disclosure architecture for context efficiency. Produces SKILL.md files with structured behavioral instructions, canonical examples, and bundled references. Use this skill when the user wants to create a skill, build a custom capability, make a reusable prompt template, or says "I want Claude to always do X." Also triggers when Mission Planner or Agent Creator need to create a domain skill JIT. Works for any domain. Do NOT use for creating agent definitions (use Agent Creator) or team composition (use Mission Planner).
Subdomain takeover detection and exploitation playbook. Use when targets have dangling CNAME/NS/MX records pointing to deprovisioned cloud resources, expired third-party services, or unclaimed SaaS tenants that an attacker can register to serve content under the victim's domain.
Implements real-time WebSocket communication using SignalR for action notifications and register events. Use when: Adding real-time notifications, creating hub endpoints, broadcasting to groups, or testing WebSocket communication.
Self-contained deploy automation — invoke directly, do not decompose. Deploys a Vibes app to Cloudflare Workers with subdomain registry. Uses KV for storage and native Web Crypto for JWT verification.
Use when building WordPress plugins or themes. Covers plugin architecture, plugin header and text domain, register_activation_hook, register_deactivation_hook, uninstall.php, settings API (add_options_page, register_setting), $wpdb and dbDelta for custom tables, schema upgrades, transients, data storage patterns, WP_CLI custom commands, PHPStan configuration, phpcs (WordPress coding standards linting), PHPUnit testing, wp scaffold plugin, PSR-4 autoloading, and build/deploy workflows.
Growth Strategist Specialist. Use this for analytics, growth loops, and retention strategies.