Loading...
Loading...
Found 259 Skills
Use when operating the vigolium CLI for web vulnerability scanning, security testing, traffic ingestion, server management, AI agent-driven scanning and code review, cloud-storage management, or writing custom JavaScript extensions. Invoke for scan commands, scan-url, scan-request, run, ingest, server, agent (query/autopilot/swarm/olium/piolium/audit/session), traffic browsing, database queries, storage uploads/downloads, module management, extension scripting, export, project management, and configuration tuning.
Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.
Work with Keychron's source-available CAD hardware design files (STEP/DXF/PDF) for keyboards and mice, including scripting, inventory management, and 3D printing workflows.
Start here for first-time CARTO use — install the CLI, authenticate, switch profiles, understand JSON output and async job patterns. Also orients on the two parallel access paths into the CARTO platform (CLI for authoring/scripting, MCP server for inline interactions in chat hosts) and which skills cover each.
Use the JetBrains IDE MCP Server (IntelliJ IDEA 2025.2+) to let an external client drive IDE-backed actions: run Run Configurations, execute commands in the IDE terminal, read/create/edit project files, search via IDE indexes (text/regex), retrieve code inspections for a file, fetch symbol info, perform rename refactoring, list modules/dependencies/repos, open files in the editor, and reformat code. Use when you want IDE-grade indexing/refactoring/inspection instead of raw shell scripting.
Bytecode interpreter and JIT compiler skill for implementing language runtimes in C/C++. Use when designing bytecode dispatch loops (switch, computed goto, threaded code), implementing stack-based or register-based VMs, adding a simple JIT using mmap/mprotect, or understanding performance trade-offs in interpreter design. Activates on queries about bytecode VMs, dispatch loops, computed goto, JIT compilation basics, tracing JITs, or implementing a scripting language runtime.
Use when automating a browser or mobile app interactively from the CLI, inspecting page elements, clicking or filling inputs by snapshot reference, or scripting multi-step browser workflows without writing test code.
Create a new Harbor task for evaluating agents. Use when the user wants to scaffold, build, or design a new task, benchmark problem, or eval. Guides through instruction writing, environment setup, verifier design (pytest vs Reward Kit vs custom), and solution scripting.
Cross-site scripting (XSS) vulnerability detection and exploitation. Supports reflected XSS, stored XSS, DOM-based XSS, and blind XSS testing. Use this skill when user mentions XSS, cross-site scripting, script injection, or needs to test JavaScript injection in parameters, forms, headers, or DOM sources.
Systematic GitHub Actions workflow authoring skill for AI coding agents. Analyzes repositories to determine project type, language ecosystem, and deployment targets, then generates production-grade CI/CD workflows with proper security hardening, caching, and optimization. Handles greenfield projects (no workflows exist), brownfield updates (modify, optimize, secure existing workflows), and workflow audits with workflow-specific guidance for each. Use when the user requests GitHub Actions workflows: CI pipelines, CD deployments, release automation, scheduled jobs, or any .github/workflows YAML authoring. Also use when existing workflows need auditing, optimizing, securing, or restructuring. Triggers on phrases like "set up CI", "add CI/CD", "GitHub Actions workflow", "release automation", "deploy on tag", "publish to npm/PyPI", "schedule a job", "cron workflow", "matrix build", "workflow.yml", "actions/checkout", "permissions", "harden this pipeline", "pin actions to SHA", "OIDC", "least privilege", "supply-chain", "audit my workflows", "speed up CI", or "cache dependencies". Triggers when creating or editing files under `.github/workflows/`, `action.yml`/`action.yaml` (composite or Docker actions), or `.github/dependabot.yml`. Triggers when the user mentions migrating from GitLab CI, CircleCI, Travis, Jenkins, Drone, or Buildkite to GitHub Actions. Do NOT use for non-GitHub CI systems (GitLab CI, CircleCI, Jenkins) unless the user is migrating TO GitHub Actions. Do NOT use for general bash scripting, Makefiles, or local-only build configuration.
Use the EmDash CLI to manage content, schema, media, and more. Use this skill when you need to interact with a running EmDash instance from the command line — creating content, managing collections, uploading media, generating types, or scripting CMS operations.
Enforce safe Frida 17 MCP operations with strict phase gating. Use when attaching/spawning sessions, writing or loading scripts, applying Java/native hooks, troubleshooting instrumentation failures, or interpreting Frida MCP output. Require docs-first usage and run the mandatory workflow: Idea -> Scripting -> Execution -> Notes.