Loading...
Loading...
Found 2,247 Skills
Audit websites for SEO, technical, content, and security issues using SEOmator CLI. Returns LLM-optimized reports with health scores, broken links, meta tag analysis, and actionable recommendations. Use when analyzing websites, debugging SEO issues, or checking site health.
Electron desktop application architect. Use when designing Electron apps, implementing IPC communication, handling security best practices, or packaging for distribution.
Production backend systems development. Stack: Node.js/TypeScript, Python, Go, Rust | NestJS, FastAPI, Django, Express | PostgreSQL, MongoDB, Redis. Capabilities: REST/GraphQL/gRPC APIs, OAuth 2.1/JWT auth, OWASP security, microservices, caching, load balancing, Docker/K8s deployment. Actions: design, build, implement, secure, optimize, deploy, test APIs and services. Keywords: API design, REST, GraphQL, gRPC, authentication, OAuth, JWT, RBAC, database, PostgreSQL, MongoDB, Redis, caching, microservices, Docker, Kubernetes, CI/CD, OWASP, security, performance, scalability, NestJS, FastAPI, Express, middleware, rate limiting. Use when: designing APIs, implementing auth/authz, optimizing queries, building microservices, securing endpoints, deploying containers, setting up CI/CD.
Professional-grade Solidity smart contract security auditor. Performs comprehensive audits or targeted reviews (security vulnerabilities, gas optimization, storage optimization, code architecture, DeFi protocol analysis). Use this skill when users request smart contract audits, security reviews, vulnerability assessments, gas/storage optimization analysis, code quality reviews, or when analyzing Solidity code for any security or quality concerns. Supports all Solidity versions with version-specific vulnerability detection. Based on OWASP Smart Contract Top 10 (2025) and real-world exploit patterns.
Guide for Direct Memory Access (DMA) attack techniques using FPGA hardware. Use this skill when researching PCIe DMA attacks, pcileech, FPGA firmware development, or hardware-based memory access for game security research.
REST and GraphQL API design patterns, OpenAPI/Swagger specifications, versioning strategies, and authentication patterns. Use when designing APIs, reviewing API contracts, evaluating API technologies, or implementing API endpoints. Covers contract-first design, resource modeling, error handling, pagination, and security.
Comprehensive test automation specialist covering unit, integration, and E2E testing strategies. Expert in Jest, Vitest, Playwright, Cypress, pytest, and modern testing frameworks. Guides test pyramid design, coverage optimization, flaky test detection, and CI/CD integration. Activate on 'test strategy', 'unit tests', 'integration tests', 'E2E testing', 'test coverage', 'flaky tests', 'mocking', 'test fixtures', 'TDD', 'BDD', 'test automation'. NOT for manual QA processes, load/performance testing (use performance-engineer), or security testing (use security-auditor).
Expert at package management and supply chain security. Use when managing dependencies, updating packages, resolving version conflicts, ensuring supply chain security, or auditing vulnerabilities in project dependencies.
Role of Web Security Testing and Penetration Engineer, focusing on JavaScript reverse engineering and browser security research. Trigger scenarios: (1) JS reverse analysis: identification of encryption algorithms (SM2/SM3/SM4/AES/RSA), obfuscated code restoration, Cookie anti-crawling bypass, WASM reverse engineering (2) Browser debugging: XHR breakpoints, event listening, infinite debugger bypass, Source Map restoration (3) Hook technology: writing XHR/Header/Cookie/JSON/WebSocket/Canvas Hooks (4) Security product analysis: Offensive and defensive analysis of JS security products such as Ruishu, Jiasule, Chuangyudun, etc. (5) Legal scenarios such as CTF competitions, authorized penetration testing, security research, etc.
Use when implementing Auth0 authentication in Nuxt 3/4 applications, configuring session management, protecting routes with middleware, or integrating API access tokens - provides setup patterns, composable usage, and security best practices for the @auth0/auth0-nuxt SDK
Security Incident Report templates drawing from NIST/SANS. DDoS post-mortem, CVE correlation, timeline documentation, and blameless root cause analysis. Use when working with incident report, post-mortem, sir, ddos analysis, security reporting, root cause analysis, cve correlation, nist 800-61.
Use when storing credentials in OCI Vault, troubleshooting secret retrieval failures, implementing secret rotation, or setting up application authentication to Vault. Covers vault hierarchy confusion, IAM permission gotchas, cost optimization, temp file security, and audit logging.