Loading...
Loading...
Found 2,005 Skills
Best practices and guidelines for using logger in API routes. Defines appropriate logging levels, what to log, and when to avoid logging. Use when implementing or reviewing API route logging, debugging strategies, or optimizing log output.
Use when working with comprehensive review full review
Secure environment variable management with Varlock. Use when handling secrets, API keys, credentials, or any sensitive configuration. Ensures secrets are never exposed in terminals, logs, traces, or Claude's context. Trigger phrases include "environment variables", "secrets", ".env", "API key", "credentials", "sensitive", "Varlock".
Use when designing multi-tenant OCI environments, setting up production landing zones, implementing compartment hierarchies, or establishing governance foundations. Covers Landing Zone reference architectures, compartment strategy, network topology patterns (hub-spoke vs multi-VCN), IAM structure, tagging standards, and cost segregation.
This skill should be used when the user asks to "review code", "review PR", "code review", "audit code", "check for bugs", "security review", "review my changes", "find issues in this code", "review the diff", or asks for pull request review or code audit.
Agent skill for authentication - invoke with $agent-authentication
Agent skill for github-modes - invoke with $agent-github-modes
Agent skill for reviewer - invoke with $agent-reviewer
Use when reviewing permission prompt frequency, optimizing the allow-list, or resetting the audit log. Triggers on "audit permissions", "permission report", "allow list", "reduce prompts", "what's getting prompted".
Symmetric cipher attack playbook. Use when exploiting block cipher mode weaknesses (CBC padding oracle, ECB cut-and-paste, bit flipping), stream cipher key reuse, or meet-in-the-middle attacks.
Universal coding patterns, constraints, TDD workflow, atomic todos
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.