Loading...
Loading...
Found 197 Skills
Test and troubleshoot Enable Banking sandbox integrations, ASPSP sandbox behavior, Mock ASPSP setup, sandbox credentials, AIS authorization simulation, transaction pagination quirks, and sandbox limitations. Use when Codex needs to choose a sandbox bank, find test credentials, explain why a sandbox ASPSP behaves differently from production, configure Mock ASPSP data, or implement project code that must work against Enable Banking sandbox environments.
Guide first-time Enable Banking API setup and sample flows: Control Panel signup, sandbox application registration, browser-generated private key download, RS256 JWT creation, Authorization header setup, listing ASPSPs, starting AIS authorization, exchanging callback code for a session, fetching balances and transactions, creating a SEPA payment, redirecting the PSU, and checking payment status. Use when Codex needs to onboard a developer quickly or scaffold a minimal working Enable Banking sandbox integration.
CreatiBI CLI Shared Basics: Application configuration initialization, authentication login (auth login), identity check (auth whoami). Triggered when users need to configure for the first time, use login authorization, encounter insufficient permissions, or use cbi-cli for the first time.
Error-to-fix playbook for every known failure mode on the OpenFinance backend — Polymarket, Relay, Hyperliquid, Privy delegation, and Solana RPC issues. Use this the moment a call fails, returns an unexpected status, or behaves inconsistently with on-chain state. Triggers on ANY of these error signatures verbatim or in paraphrase. Polymarket: "allowance: 0 but on-chain shows max", "CLOB reports allowance 0", "approvals confirmed but order rejected", "404 upstream" on market orders, "tick size" rejection, "order size below minimum", USDC.e vs pUSD vs native USDC confusion, V1 vs V2 exchange confusion. Relay: "InstructionFallbackNotFound", "Custom:101", "Custom:6000", "AnchorError", "Blockhash not found", "TransactionExpired", "No valid authorization signatures were provided", "Solana wallet is not delegated to the app", 412 delegation errors, quote succeeded but execute failed, stuck funds on Solana, stuck funds cross-chain, topupGas forced off. Hyperliquid: "Insufficient perp account value", "price out of bounds", WebSocket stale data, spot vs perp balance confusion. General: any "why is X failing", "why does on-chain and API state disagree", "what does this error mean". Read this BEFORE assuming a bug in the MCP or backend — most of these errors are already catalogued with known fixes.
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
Review board/stockholder resolutions for corporate authority, quorum, securities authorization, and execution. Triggers: (1) 'check resolutions' → checklist review, (2) 'advise' / 'review' → full consultation with playbook, (3) 'generate' / 'template' → Skala templates URL. Jurisdiction: Delaware, USA.
Comprehensive security and authentication workflow that orchestrates security architecture, identity management, access control, and compliance implementation. Handles everything from authentication system design and authorization frameworks to security auditing and threat protection.
Implement secure authentication bridge between Better Auth (Next.js frontend) and FastAPI (Python backend) using JWKS JWT token verification. Use this skill when users need to (1) Integrate Better Auth with FastAPI backend, (2) Implement JWT authentication with JWKS verification, (3) Set up user isolation and authorization in FastAPI endpoints, (4) Configure frontend to send authenticated API requests, or (5) Troubleshoot Better Auth + FastAPI authentication issues.
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
Security best practices for Convex functions including ConvexError handling, argument/return validation, authentication helpers, access control, rate limiting, and internal functions. Use when writing public queries/mutations/actions, implementing authentication, adding authorization checks, handling errors, or reviewing Convex functions for security.
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
Route configuration, route model binding, and authorization. Use when working with routes, route binding, URL patterns, or when user mentions routing, route model binding, conditional binding, route-level authorization.