Loading...
Loading...
Found 213 Skills
Comprehensive API security testing skill for REST, GraphQL, gRPC, and WebSocket APIs. This skill should be used when performing API penetration testing, testing for OWASP API Top 10 vulnerabilities, fuzzing API endpoints, testing authentication/authorization, and analyzing API specifications. Triggers on requests to test API security, pentest REST APIs, test GraphQL endpoints, analyze OpenAPI/Swagger specs, or find API vulnerabilities.
Use this skill whenever writing frontend code that talks to a backend for database queries, authentication, file uploads, AI features, real-time messaging, or edge function calls — especially if the project uses InsForge or @insforge/sdk. Trigger on any of these contexts: querying/inserting/updating/deleting database rows from frontend code, adding login/signup/OAuth/password-reset flows, uploading or downloading files to storage, invoking serverless functions, calling AI chat completions or image generation, subscribing to real-time WebSocket channels, or writing RLS policies. If the user asks for these features generically (e.g., "add auth to my React app", "fetch data from my database", "upload files") and you're unsure whether they use InsForge, consult this skill and ask. For backend infrastructure (creating tables via SQL, deploying functions, CLI commands), use insforge-cli instead.
Diagnose Windows App (Microsoft Remote Desktop / Azure Virtual Desktop / W365) connection quality issues on macOS. Analyze transport protocol selection (UDP Shortpath vs WebSocket), detect VPN/proxy interference with STUN/TURN negotiation, and parse Windows App logs for Shortpath failures. This skill should be used when VDI connections are slow, when transport shows WebSocket instead of UDP, when RDP Shortpath fails to establish, or when RTT is unexpectedly high.
HTTP clients for frontend and Node.js. Covers Axios, Fetch API, ky, and ofetch. Includes interceptors, error handling, retry logic, and auth token management. Use for configuring API clients and HTTP communication. USE WHEN: user mentions "HTTP client", "Fetch API", "ky", "ofetch", "HTTP wrapper", "retry logic", "token refresh", asks about "which HTTP client to use", "HTTP request library", "API client setup", "request interceptors" DO NOT USE FOR: Axios-specific questions - use `axios` instead; GraphQL - use `graphql-codegen` instead; tRPC - use `trpc` instead; WebSocket connections
Build voice apps with Sinch Voice REST API. Use for phone calls, text-to-speech (TTS), IVR menus, DTMF input, conference calling, call recording, call forwarding, answering machine detection (AMD), SIP routing, WebSocket audio streaming, and SVAML call control.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for packet capture analysis, session reconstruction, application-protocol decoding, stream reassembly, beacon timing, and packet-to-process correlation. Use when the user asks to analyze a PCAP, rebuild TCP or UDP sessions, decode HTTP, WebSocket, DNS, custom C2, or binary protocols, extract transferred artifacts, or tie packet sequences to host or malware behavior. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
The PRIMARY development workflow for the Archon project (remote-coding-agent). Use this skill instead of any PRP skills when working on Archon code. Routes to 10 specialized cookbooks based on what the user is trying to do: RESEARCH — "how does the orchestrator work?", "where is session state defined?", "trace the workflow execution flow", "what is IWorkflowStore?" INVESTIGATE — "should we use Drizzle or Prisma?", "what's the best way to add WebSockets?", "can we migrate to Turso?", "how do other projects handle rate limiting?" PRD — "write a PRD for dark mode", "spec out the notification feature", "product requirements for webhook retry" PLAN — "plan the auth refactor", "design the caching layer", "create an implementation plan for #42" IMPLEMENT — "implement the plan", "execute .claude/archon/plans/auth.plan.md", "build the feature from the plan", "code this up" REVIEW — "review PR #123", "review my changes", "code review the diff" DEBUG — "debug the failing test", "why is streaming broken?", "root cause analysis on the timeout issue" COMMIT — "commit these changes", "commit the auth refactor" PR — "create a PR", "open a pull request for this branch" ISSUE — "report this to gh", "create a gh issue", "log it in github", "file a bug for this", "create a feature request" This skill triggers on ANY development task: researching, investigating, planning, building, reviewing, debugging, committing, or shipping code. NOT for: Running Archon CLI workflows in worktrees (use /archon instead).
Expert guidance on Hummingbird 2 web framework. Use when developers mention: (1) Hummingbird, HB, or Hummingbird 2, (2) Swift web server or HTTP server, (3) server-side Swift routing or middleware, (4) building REST APIs in Swift, (5) RequestContext or ChildRequestContext, (6) HummingbirdAuth or authentication middleware, (7) HummingbirdWebSocket, (8) HummingbirdFluent or database integration, (9) ResponseGenerator or EditedResponse.
Use this skill when building AI voice agents with the ElevenLabs Agents Platform. This skill covers the complete platform including agent configuration (system prompts, turn-taking, workflows), voice & language features (multi-voice, pronunciation, speed control), knowledge base (RAG), tools (client/server/MCP/system), SDKs (React, JavaScript, React Native, Swift, Widget), Scribe (real-time STT), WebRTC/WebSocket connections, testing & evaluation, analytics, privacy/compliance (GDPR/HIPAA/SOC 2), cost optimization, CLI workflows ("agents as code"), and DevOps integration. Prevents 17+ common errors including package deprecation, Android audio cutoff, CSP violations, missing dynamic variables, case-sensitive tool names, webhook authentication failures, and WebRTC configuration issues. Provides production-tested templates for React, Next.js, React Native, Swift, and Cloudflare Workers. Token savings: ~73% (22k → 6k tokens). Production tested. Keywords: ElevenLabs Agents, ElevenLabs voice agents, AI voice agents, conversational AI, @elevenlabs/react, @elevenlabs/client, @elevenlabs/react-native, @elevenlabs/elevenlabs-js, @elevenlabs/agents-cli, elevenlabs SDK, voice AI, TTS, text-to-speech, ASR, speech recognition, turn-taking model, WebRTC voice, WebSocket voice, ElevenLabs conversation, agent system prompt, agent tools, agent knowledge base, RAG voice agents, multi-voice agents, pronunciation dictionary, voice speed control, elevenlabs scribe, @11labs deprecated, Android audio cutoff, CSP violation elevenlabs, dynamic variables elevenlabs, case-sensitive tool names, webhook authentication
Provides 3-tier validation approach for Home Assistant dashboards including pre-publish validation (entity checks, config structure), post-publish verification (log analysis), and visual validation (browser console, rendering). Use when validating HA dashboards, checking dashboard configs, verifying entity IDs, debugging rendering issues, or before deploying dashboard changes. Triggers on "validate dashboard", "check HA config", "dashboard errors", "entity not found", or "test dashboard". Works with Home Assistant WebSocket/REST APIs, Chrome extension MCP tools, Python dashboard builders, and YAML dashboard configurations.
@classytic/arc — Resource-oriented backend framework for Fastify. Use when building REST APIs with Fastify, resource CRUD, defineResource, createApp, permissions, presets, database adapters, hooks, events, QueryCache, authentication, multi-tenant SaaS, OpenAPI, job queues, WebSocket, or production deployment. Triggers: arc, fastify resource, defineResource, createApp, BaseController, arc preset, arc auth, arc events, arc jobs, arc websocket, arc plugin, arc testing, arc cli, arc permissions, arc hooks, arc pipeline, arc factory, arc cache, arc QueryCache.
Full Sentry SDK setup for NestJS. Use when asked to "add Sentry to NestJS", "install @sentry/nestjs", "setup Sentry in NestJS", or configure error monitoring, tracing, profiling, logging, metrics, crons, or AI monitoring for NestJS applications. Supports Express and Fastify adapters, GraphQL, microservices, WebSockets, and background jobs.