Loading...
Loading...
Found 2,745 Skills
Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management. Activates for application security, OWASP, and security hardening tasks.
Analyze HM Desktop PRD documents, extract requirement information, verify completeness, check chapter order (Requirement Source → Requirement Background → Requirement Value Analysis → Competitor Analysis → Requirement Description), inspect KEP definitions, detect requirement conflicts, and generate structured analysis reports. Applicable to user requests: (1) Analyze or review PRD documents, (2) Extract KEP lists from requirements, (3) Check PRD completeness or consistency, (4) Map requirements to module architecture, (5) Verify PRD format compliance, (6) Verify completeness of competitor analysis chapters. Keywords: PRD analysis, requirement extraction, KEP verification, completeness check, chapter order validation, competitor analysis check, analyze PRD, requirement extraction, completeness check, chapter order validation
Uncertainty-aware non-linear reasoning system with recursive subagent orchestration. Triggers for complex reasoning, research, multi-domain synthesis, or when explicit commands `/nlr`, `/reason`, `/think-deep` are used. Integrates think skill (reasoning), agent-core skill (acting), and MCP tools (infranodus, exa, scholar-gateway) in recursive think→act→observe loops. Uses coding sandbox for execution validation and maintains deliberate noisiness via NoisyGraph scaffold. Supports `/compact` mode for abbreviated outputs and `/semantic` mode for rich exploration.
Prevents sycophantic reasoning through checklist-based analysis, categorical integrity, and evidence-following to uncomfortable conclusions. Red Flags: "I agree that", "You are right", "Great point", "Absolutely", "That is a fair point", "I can see why", agreement without validation, softening conclusions, hedging without evidence, retracting under pressure. Use when analyzing conflicts, evaluating ethical claims, or noticing sycophantic thought patterns. Do not use for routine implementation or simple factual questions. CRITICAL: This skill overrides conversational tendencies toward politeness. Agreement requires validity and accuracy.
Local E2E debug and test framework for clawd-feishu plugin development. Use when debugging message flow, testing bot responses, verifying Feishu web UI interactions, or performing end-to-end validation of the OpenClaw-Feishu integration during development.
Create new scientific tools for ToolUniverse framework with proper structure, validation, and testing. Use when users need to add tools to ToolUniverse, implement new API integrations, create tool wrappers for scientific databases/services, expand ToolUniverse capabilities, or follow ToolUniverse contribution guidelines. Supports creating tool classes, JSON configurations, validation, error handling, and test examples.
This skill provides comprehensive knowledge for implementing Cloudflare Turnstile, the CAPTCHA-alternative bot protection system. It should be used when integrating bot protection into forms, login pages, signup flows, or any user-facing feature requiring spam/bot prevention. Turnstile runs invisible challenges in the background, maintaining excellent user experience while blocking automated traffic. Use when: Adding bot protection to forms, implementing login security, protecting API endpoints from abuse, migrating from reCAPTCHA/hCaptcha, encountering CSP errors with Turnstile, handling token validation failures, implementing E2E tests with Turnstile, integrating with React/Next.js/Hono applications, or debugging error codes 100*, 300*, 600*. Keywords: turnstile, captcha, bot protection, cloudflare challenge, siteverify, recaptcha alternative, spam prevention, form protection, cf-turnstile, turnstile widget, token validation, managed challenge, invisible challenge, @marsidev/react-turnstile, hono turnstile, workers turnstile
Add new LLM model pricing entries to Langfuse's default-model-prices.json. Use when adding model prices, updating model pricing, creating model entries, adding Claude/OpenAI/Anthropic/Google/Gemini/AWS Bedrock/Azure/Vertex AI model pricing, working with matchPattern regex, pricingTiers, or model cost configuration. Covers model price JSON structure, regex patterns for multi-provider matching, tiered pricing with conditions, cache pricing, and validation rules.
End-to-end testing scenarios for Supabase - complete workflow tests from project creation to AI features, validation scripts, and comprehensive test suites. Use when testing Supabase integrations, validating AI workflows, running E2E tests, verifying production readiness, or when user mentions Supabase testing, E2E tests, integration testing, pgvector testing, auth testing, or test automation.
Use when active Record patterns including models, associations, queries, validations, and callbacks.
Enterprise-grade NestJS development guidance for building modular, testable Node.js backends with TypeScript. Covers module design, dependency injection, validation, security, performance, and deployment.
Implement enterprise Single Sign-On (SSO) authentication supporting multiple identity providers with JWT RS256 tokens, backwards verification, session management, and cross-system permission mapping. Use this skill when building authentication systems that integrate with multiple enterprise SSO providers or when implementing secure token validation with session verification.