Loading...
Loading...
Found 3,732 Skills
Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.
Build production-ready MCP servers using FastMCP v3. Guides research, scaffolding, tool/resource/prompt implementation, testing, and deployment. Targets FastMCP 3.0.0rc2 with Providers, Transforms, middleware, OAuth, and composition. Use when creating MCP servers, integrating APIs via MCP, converting OpenAPI specs or FastAPI apps, or troubleshooting FastMCP issues. NOT for building REST APIs, CLI tools, or non-MCP integrations.
Generates, explains, and tests regular expression patterns. Builds patterns from positive and negative examples, breaks down each component with a readable explanation table, generates edge-case test suites, and provides usage examples in Python and JavaScript. Triggers on: "regex for", "regular expression", "pattern for", "match strings like", "extract from", "build regex", "create pattern", "explain this regex", "what does this regex do", "regex to match", "parse with regex", "validate format". Use this skill when building, explaining, or testing a regular expression pattern.
Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.
Build, test, and deploy DeFi trading strategies using the Almanak SDK. ALWAYS use this skill when the user mentions almanak, DeFi strategy, trading strategy, yield farming, liquidity provision, token swap, borrowing, lending, perpetuals, staking, vault deposit, bridging tokens, backtesting, paper trading, or on-chain execution. Use for writing strategy.py files, composing intents (Swap, LP, Borrow, Supply, Perp, Bridge, Stake, Vault, Prediction), working with config.json strategy parameters, running almanak strat or almanak gateway CLI commands, or debugging strategy execution on Anvil forks. Do NOT use for general smart contract development, Solidity code, or non-strategy SDK internals.
Devil's Advocate stress-testing for code, architecture, PRs, and decisions. Surfaces hidden flaws through structured adversarial analysis with metacognitive depth. Use for high-stakes review, stress-testing choices, or when the user wants problems found deliberately. NOT for routine code review (use engineering:code-review). Triggers on "스트레스 테스트", "stress test", "devil's advocate", "반론", "이거 괜찮아", "문제 없을까", "깊은 리뷰", "critical review", "adversarial".
Manage beta app review submissions and review contact details for TestFlight external testing using the `asc` CLI tool. Use this skill when: (1) Submitting a build for beta app review: "asc beta-review submissions create --build-id ID" (2) Checking beta review submission status: "asc beta-review submissions list --build-id ID" (3) Getting a specific submission: "asc beta-review submissions get --submission-id ID" (4) Getting beta review contact details: "asc beta-review detail get --app-id ID" (5) Updating beta review contact info or demo account: "asc beta-review detail update --detail-id ID ..." (6) User says "submit for beta review", "TestFlight review", "beta review status", "beta review contact", "external testing review", or any beta app review task
SAP Converged Cloud Go coding conventions extracted from sapcc/keppel and sapcc/go-bits PR reviews. Enforces architecture patterns, library usage rules, error handling conventions, testing patterns, and anti-over-engineering principles. Use when working in sapcc/* repos, when code imports github.com/sapcc/go-bits, or when targeting SAP CC code review standards. Do NOT use for general Go projects without sapcc dependencies.
HackerOne bug bounty automation - parses scope CSVs, deploys parallel pentesting agents for each asset, validates PoCs, and generates platform-ready submission reports. Use when testing HackerOne programs or preparing professional vulnerability submissions.
Write a test strategy covering what to test, coverage targets, and testing pyramid distribution. Use when user says "test plan", "testing strategy", "what should I test", "test coverage", "how to test this", or needs to plan testing for a feature or project before writing tests.
Audit email account security, validate credentials, and manage email lists using this C++ email security testing utility
Provide Ludus CLI command guidance, flags, and workflows for range lifecycle, template management, testing mode, snapshots, users/groups, and diagnostics. Use when users ask how to run, interpret, or troubleshoot any `ludus` command.