Loading...
Loading...
Found 1,237 Skills
Design complete API contracts in OpenAPI 3.0/3.1 YAML with endpoints, schemas, security, pagination, error handling, and RFC 7807 problem details. Use when asking to design an API, create an OpenAPI spec, define API endpoints, write API contracts, or generate a Swagger specification.
Performs GraphQL introspection attacks to extract the full API schema including types, queries, mutations, subscriptions, and field definitions from GraphQL endpoints. The tester uses introspection queries to map the attack surface, identifies sensitive fields and mutations, tests for query depth and complexity limits, and exploits GraphQL-specific vulnerabilities including batching attacks, alias-based brute force, and nested query DoS. Activates for requests involving GraphQL security testing, introspection attack, GraphQL enumeration, or GraphQL API penetration testing.
Salesforce DevOps automation using sf CLI v2. TRIGGER when: user deploys metadata, creates/manages scratch orgs or sandboxes, sets up CI/CD pipelines, or troubleshoots deployment errors with sf project deploy. DO NOT TRIGGER when: writing Apex code (use generating-apex), building LWC components (use generating-lwc-components), creating metadata definitions (use generating-custom-object or generating-custom-field), or querying org data (use handling-sf-data).
Creates Infrahub Generators — design-driven automation that builds infrastructure objects from templates and topology definitions. TRIGGER when: building design-to-implementation workflows, auto-creating objects from templates, topology-driven generation. DO NOT TRIGGER when: designing schemas, writing data transforms, querying live data, populating static data files.
Build serverless TypeScript functions on Zavu Cloud — declare agents + tools in code with defineAgent / defineTool, deploy with `zavu deploy`, debug with `zavu agents executions`. Use this skill whenever the user wants code-driven AI agents, custom tool handlers, or event-driven business logic.
Product execution specialist for SaaS, apps, AI tools, and internal software products. Trigger when user requests 'build SaaS', 'define features', 'create user flow', 'scope MVP', 'prepare build package', 'software product', 'app definition', or 'PRD creation'.
Create, visualize, and analyze lithological and stratigraphic logs for well data. Use when Claude needs to: (1) Create lithology columns from depth intervals, (2) Parse geological descriptions into structured logs, (3) Visualize stratigraphic columns with patterns and colors, (4) Perform well-to-well correlations, (5) Extract statistics like net-to-gross ratios, (6) Define rock type lexicons and legends, (7) Export lithology data to CSV/LAS/JSON.
contract-cli Field Configuration Query Skill: Query the field configuration definitions of vendor, legal_entity, and vendor_risk. Triggered when users want to use `contract-cli mdm fields list` to confirm the master data field structure. The bot identity currently only supports vendor/legalEntity.
Guides senior system and solution architecture—cross-service boundaries, integration patterns, non-functional requirements (scale, reliability, security, cost), ADRs, C4-style modeling, architecture review, build-vs-buy, and phased migration (strangler, dual-write). Use when designing multi-service systems, evaluating platform or vendor choices, writing or reviewing architecture decision records, defining standards and principles, or assessing technical risk across domains—not for single-service RFCs and module design (senior-software-engineer), data platform or mesh decisions (data-architect), cloud landing zone, Well-Architected, and migration architecture (cloud-architect), cloud/IaC implementation (infrastructure-engineer, cloud-engineer), internal developer platform product (platform-engineer), or program tracking (technical-program-manager). For business strategy and cases, use business-consultant; for applied AI (RAG, agents, copilots), use applied-ai-architect-commercial-enterprise.
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Extracts exact, behaviour-first specifications from an existing codebase. Defines domain concepts, use cases, and business rules with precision — zero implementation details. Use when reverse-engineering a legacy project into precise specs or preparing an AI-friendly spec set for a rewrite.
Generate tone-of-voice and brand-system files for use with the PPTX Generator and other brand-aware skills. TRIGGERS - Use this skill when user says: - "help me create a brand system" / "set up my brand" - "generate my tone of voice" / "create my voice guidelines" - "configure my brand for presentations" / "set up brand for slides" - "create brand files" / "initialize my brand" - Any request about defining brand identity, voice, or visual system for content creation Creates brand.json, config.json, brand-system.md, and tone-of-voice.md files.