Total 51,164 skills
Showing 12 of 51164 skills
Define the smallest viable experiment and MVP for a selected one-person company opportunity. Use when Codex needs to explain what MVP means when needed, verify prerequisites, ask one question at a time, present multiple MVP options, and write user-confirmed outputs into `opc-doc/`.
End-to-end implementation orchestrator. Use when the user says "orchestrate", "implement this end to end", "build this", or wants a full feature/fix implemented through a team of agents with planning, implementation, review, and QA phases.
Apply Spatie's security guidelines when configuring applications, databases, or servers, or when reviewing code for security concerns; use for SSL setup, CSRF protection, password hashing, database permissions, and server hardening.
Invoke for ANY personal Bible devotion or scripture meditation request. This is a daily quiet time (QT) guide — use it whenever the user wants spiritual reflection on a Bible passage, NOT academic analysis. Common signals: asking for today's reading, wanting guided devotion, seeking stillness with scripture, mentioning a personal reading plan, or using terms like 靈修、靈糧、默想、嗎哪、 QT、quiet time、devotional. Even short or casual requests like just saying "QT" or "今天讀什麼" should trigger this skill. Delivers a first-century Jewish perspective devotional for mainstream Christians. Depends on bible-buddy skill. EXCLUDE: theological scholarship, academic exegesis, verse-by-verse analysis, sermon/teaching prep, translation comparison, comparative religion essays, or original-language research tasks — those belong to bible-buddy or bible-fact-check.
Run a pre-submission compliance check against your Shopify app's codebase. Reviews App Store requirements and surfaces likely issues before you submit for official review.
Use this skill when loading and managing resources in PixiJS v8. Covers Assets.init, Assets.load/add/unload, bundles, manifests, background loading, onProgress, caching, spritesheets, video textures, web fonts, bitmap fonts, animated GIFs, compressed textures, SVG as texture or Graphics, resolution detection, per-asset data options, and forcing a specific loader with the parser field (for extension-less URLs). Triggers on: Assets, Assets.load, Assets.init, loadBundle, manifest, backgroundLoad, Spritesheet, Cache, LoadOptions, unload, parser, loadParser, loadWebFont, loadBitmapFont, loadVideoTextures, GifSource, VideoSourceOptions.
Best practices for building UI components with shadcn/ui. Use when creating, customizing, or styling components with shadcn, working with Radix UI primitives, implementing design tokens, or following compound component patterns.
Advanced call control features including DTMF sending, SIPREC recording, noise suppression, client state, and supervisor controls. This skill provides JavaScript SDK examples.
CSV/spreadsheet formula injection (DDE, Excel/LibreOffice, Google Sheets IMPORT*). Use when exports, imports, or user fields feed spreadsheets or reporting tools.
Source control and artifact exposure (.git, .svn, .hg, backups, .env). Use when recon finds VCS paths, 403 on hidden dirs, or backup/config leaks during authorized testing.
CSRF testing playbook. Use when reviewing state-changing web flows, anti-CSRF defenses, SameSite behavior, JSON CSRF, login CSRF, and OAuth state handling.
SQL injection playbook. Use when input reaches SQL queries, authentication logic, sorting, filtering, reporting, or DB-specific blind and out-of-band execution paths.