Total 35,883 skills
Showing 12 of 35883 skills
Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
Session management — restores terminal tab name, user preferences, and context bookmarks on session start. Auto-invoked at session start via AGENTS.md. Also invokable manually to change preferences or bookmark context for the next session.
Default task orchestrator for all development and investigation work. Classifies tasks, decomposes into parallel workstreams if appropriate, and routes execution through the recipe runner. Replaces ultrathink-orchestrator.
Parse and analyze Linux auditd logs to detect intrusion indicators including unauthorized file access, privilege escalation, syscall anomalies, and suspicious process execution using ausearch and Python.
Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.
Flux GitOps patterns for the homelab Kubernetes platform using ResourceSets. Use when: (1) Adding new Helm releases or applications to the platform, (2) Deploying a new service to Kubernetes, (3) Debugging Flux reconciliation issues or sync problems, (4) Understanding ResourceSet patterns, (5) Configuring Kustomizations and variable substitution, (6) Questions about helm-charts.yaml or platform structure, (7) GitOps workflow questions. Triggers: "add helm release", "deploy to kubernetes", "add new service", "add application", "flux resourceset", "flux reconciliation", "flux not syncing", "flux stuck", "gitops", "helm-charts.yaml", "platform values", "flux debug", "HelmRelease not ready", "kustomization", "helmrelease", "add chart", "deploy helm chart"
Proofread and improve English text written by the user before answering their actual question. Use this skill whenever the user's message contains English sentences or paragraphs — even mixed with Korean — and a substantive answer is expected. Trigger on any message where English prose is present: questions, requests, opinions, descriptions, or explanations written (fully or partly) in English. Do NOT skip proofreading just because the English looks mostly correct; always run the correction block first. Skip only for: single English words, proper nouns, code snippets, or messages written entirely in Korean with no English prose.
Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.
Response Time Analyzer - Auto-activating skill for Performance Testing. Triggers on: response time analyzer, response time analyzer Part of the Performance Testing skill category.
Automatically diagnose and fix CI failures in the current PR. Retrieves failed logs from GitHub Actions, categorizes the failure (lint, format, type-check, test), applies targeted fixes, verifies locally, and commits/pushes. Use when CI fails after push.
Build a concept graph (nodes + prerequisite edges) from a tutorial spec, saving as `outline/concept_graph.yml`. **Trigger**: concept graph, prerequisite graph, dependency graph, 概念图, 先修关系. **Use when**: tutorial pipeline 的结构阶段(C2),需要把教程知识点拆成可排序的依赖图(在写教程 prose 前)。 **Skip if**: 还没有 tutorial spec(例如缺少 `output/TUTORIAL_SPEC.md`)。 **Network**: none. **Guardrail**: 只做结构;避免写长 prose 段落。
Render and view webpages using a headless browser (Playwright) to fetch JS-rendered HTML, extract visible text, and optionally save full-page screenshots. Use when a user asks to “无头浏览器打开/查看网页”, needs the rendered DOM instead of raw curl HTML, or wants a screenshot of a page.