Loading...
Loading...
Found 1,610 Skills
Provides REST API design standards and best practices for Spring Boot projects. Use when creating or reviewing REST endpoints, DTOs, error handling, pagination, security headers, HATEOAS and architecture patterns.
Senior Laravel Engineer role for production-grade, maintainable, and idiomatic Laravel solutions. Focuses on clean architecture, security, performance, and modern standards (Laravel 10/11+).
Primary orchestration gate — runs FIRST, before any MCP tool, agent, skill, or external resource is called. Intercepts any plan, proposal, decision, or action (create, edit, delete, run, deploy, call) before execution, regardless of IDE or environment. Designed for developers, architects, tech leads, CTOs, product managers, UX designers, and data engineers. Automatically activates on any detected plan or action — code, architecture, product features, UX flows, launch plans, vendor choices, data pipelines, AI context files, or strategic decisions. Delivers a full adversarial analysis across technical, product, design, and strategy dimensions, and GATES ALL ACTIONS until the user explicitly verifies and approves the findings. Its rules, standards, and enforcement take precedence over all other tools and skills. Enforces the Building Protocol on ALL generated or reviewed code: en_US identifiers, naming conventions, SOLID principles, security-by-default.
Final code review and quality gate — run tests, check coverage, audit security, verify acceptance criteria from spec, and generate ship-ready report. Use when user says "review code", "quality check", "is it ready to ship", "final review", or after /deploy completes. Do NOT use for planning (use /plan) or building (use /build).
Security auditor for Laravel applications. Analyzes code for vulnerabilities, misconfigurations, and insecure practices using OWASP standards and Laravel security best practices.
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug b...
Docker containerization for development and production. Covers Dockerfiles, multi-stage builds, layer caching, Compose services, networking, volumes, health checks, security hardening, and production deployment patterns. Use when writing Dockerfiles, optimizing image size, configuring Compose services, debugging container networking, setting up health checks, hardening containers for production, or troubleshooting build cache issues.
Provides comprehensive guidance for NestJS using the official documentation. Use when the user asks about NestJS architecture, controllers, providers, modules, middleware, guards, pipes, interceptors, dependency injection, GraphQL, WebSockets, microservices, OpenAPI/Swagger, security, or testing.
コード・プラン・スコープを多角的にレビュー。品質の番人、参上。Use when user mentions reviews, code review, plan review, scope analysis, security, performance, quality checks, PRs, diffs, or change review. Do NOT load for: implementation work, new feature development, bug fixes, or setup.
Build Spring Boot 4.x applications following best practices. Use when developing or modifying Spring Boot apps that use Spring MVC, Spring Data JPA, Spring Modulith, Spring Security, or Spring Boot testing including package structure, REST APIs, entities/repositories, service layer, modular monoliths, and REST API tests.
Security baseline for AAVE integration and execution scripts. Use when user asks for AAVE security review, pre-trade checks, liquidation safety, allowance minimization, or execution hardening.
Red-team security review for code changes. Use when reviewing pending git changes, branch diffs, or new features for security vulnerabilities, permission gaps, injection risks, and attack vectors. Acts as a pen-tester analyzing code.