Loading...
Loading...
Found 236 Skills
Security review for Go applications: input validation, SQL injection, authentication/authorization, secrets management, TLS, OWASP Top 10, and secure coding patterns. Use when performing security reviews, checking for vulnerabilities, hardening Go services, or reviewing auth implementations. Trigger examples: "security review", "check vulnerabilities", "OWASP", "SQL injection", "input validation", "secrets management", "auth review". Do NOT use for dependency CVE scanning (use go-dependency-audit) or concurrency safety (use go-concurrency-review).
Go coding standards and style conventions grounded in Effective Go, Go Code Review Comments, and production-proven idioms. Use when writing or reviewing Go code, enforcing naming conventions, import ordering, variable declarations, struct initialization, or formatting rules. Trigger examples: "check Go style", "fix formatting", "review naming", "Go conventions". Do NOT use for architecture decisions, concurrency patterns, or performance tuning — use go-architecture-review, go-concurrency-review, or go-performance-review instead.
Use coroutines, Flow, structured concurrency, dispatchers, and cancellation-safe Android async pipelines.
Write Swift code for iOS/macOS following best practices. Use when developing with SwiftUI, UIKit, or Swift packages. Covers type safety, concurrency, and tooling.
Architectural refactoring guide for Rust applications covering type safety, ownership patterns, error handling strategies, API design, project organization, module structure, naming conventions, conversion traits, and idiomatic patterns. Use when refactoring Rust codebases, reviewing PRs for architectural issues, improving type safety, designing error handling strategies, or organizing project structure. Complements the rust-optimise skill (performance patterns). Does NOT cover performance optimization, memory allocation, or async concurrency tuning (see rust-optimise skill).
Review code for performance: complexity, database/query efficiency, I/O and network cost, memory and allocation behavior, concurrency contention, caching, and latency/throughput regressions. Cognitive-only atomic skill; output is a findings list.
Senior Java & Spring Boot 4 / Spring Framework 7 architect skill for 2026-standard development. Use when the user asks to build, scaffold, design, review, or explain Java applications using Spring Boot 4.x, Spring Framework 7.x, Spring Modulith, or any related Spring ecosystem project. Triggers include: creating REST APIs, designing microservices, configuring data access (JdbcClient, JPA 3.2, R2DBC), reactive programming (WebFlux), security (Spring Security 7), observability, GraalVM native images, Gradle/Maven build configuration, Jakarta EE 11 migration, and any task requiring idiomatic modern Java (Java 25: records, sealed classes, structured concurrency, scoped values, pattern matching, JSpecify null safety).
Guidance for writing, reviewing, and debugging Unreal Editor for Fortnite (UEFN) Verse code using Epic's official language documentation. Use when implementing Verse devices, classes, functions, control flow, containers, failure contexts, specifiers/attributes, modules/imports, effects, concurrency, or translating logic into valid Verse.
Review Go code for language and runtime conventions: concurrency, context usage, error handling, resource management, API stability, type semantics, and testability. Language-only atomic skill; output is a findings list.
Builds, deploys, manages, debugs, configures, and optimizes serverless applications on AWS using Lambda, API Gateway, Step Functions, EventBridge, and SAM/CDK. Covers cold starts, CORS debugging, event source mappings, troubleshooting, concurrency, SnapStart, Powertools, function URLs, EventBridge Scheduler, Lambda layers, Durable Functions, durable execution, checkpoint-and-replay, and production readiness. Use when the user mentions Lambda, API Gateway, Step Functions, SAM templates, CDK serverless stacks, DynamoDB stream triggers, SQS event sources, cold starts, timeouts, 502/504 errors, throttling, concurrency, CORS, Powertools, Durable Functions, durable execution, checkpoint-and-replay, or any event-driven architecture on AWS, even if they don't say "serverless." Do NOT use for EC2, ECS/Fargate containers, or Amplify hosting.
Use this skill whenever building, reviewing, or refactoring React components that fetch data from APIs — especially at scale (recommender carousels, infinite feeds, pages with many parallel fetches, dashboards). Covers request orchestration (parallelism, batching, deduplication), cache strategy (keys, normalization, staleTime, SWR), backend protection (concurrency caps, debounce/throttle, jittered retries, circuit breakers), prefetching (route loaders, hover/intent, idle, server hydration), failure resilience (AbortController, timeouts, error boundaries, stale fallback, idempotent mutations), and feed/carousel patterns (virtualization, cursor pagination, summary/detail split). Trigger even if the user doesn't explicitly mention "performance" or "scale" — any non-trivial React data-fetching code benefits from these patterns. Includes 5 ready-to-use scaffolding templates (resource query hook, carousel data loader, infinite feed, hover-prefetch link, request collapser).
Use when the user asks for a broad codebase review, substantial PR/branch review, architecture audit, tech-debt scan, cleanup assessment, structural sanity check, or design-alignment review. Default workflow: use sub-agents when available unless specifically forbidden; do not require the user to mention sub-agents, council mode, delegation, or parallel review. Focus on cruft, duplication, weak boundaries, missed reuse, lifecycle/concurrency risks, test/roadmap drift, and code aesthetics. Do not use for narrow bug fixes, ordinary small-diff reviews, frontend visual QA, repo-onboarding docs, or OpenAI Agents SDK production-readiness review. Output evidence-backed findings first, then pressure points, design alignment, open questions, and follow-through.