Loading...
Loading...
Found 2,616 Skills
AI-powered code review via the OpenAI Codex CLI. This skill should be used when reviewing branch diffs before merging a PR, auditing uncommitted changes during development, inspecting a specific commit, performing custom-scoped reviews, or whenever changes touch security-sensitive paths or exhibit risky patterns.
Formats text according to specified style guidelines. A clean example skill with no security issues.
Generate comprehensive REST API documentation using SpringDoc OpenAPI 3.0 and Swagger UI in Spring Boot 3.x applications. Use when setting up API documentation, configuring Swagger UI, adding OpenAPI annotations, implementing security documentation, or enhancing REST endpoints with examples and schemas.
Ultimate 25+ years expert-level backend skill covering FastAPI, Express, Node.js, Next.js with TypeScript. Includes ALL databases (PostgreSQL, MongoDB, Redis, Elasticsearch), ALL features (REST, GraphQL, WebSockets, gRPC, Message Queues), comprehensive security hardening (XSS, CSRF, SQL injection, authentication, authorization, rate limiting), complete performance optimization (caching, database tuning, load balancing), ALL deployment strategies (Docker, Kubernetes, CI/CD), advanced patterns (microservices, event-driven, saga, CQRS), ALL use cases (e-commerce, SaaS, real-time, high-traffic), complete testing (unit, integration, E2E, load, security). Route protection, middleware, authentication implementation in PERFECTION. Use for ANY backend system requiring enterprise-grade security, performance, scalability, and architectural excellence.
This skill should be used when the user asks to "calculate risk scores", "prioritize mitigations", "generate remediation roadmap", "analyze business impact", or is running PASTA stage 7. Also triggers when the user asks about risk-weighted findings, compliance gap analysis, or executive security summary in a threat modeling context. Part of the PASTA threat modeling methodology (Stage 7 of 7).
This skill should be used when the user asks to "create threat model", "threat model architecture", "map security architecture", "build threat model", "STRIDE analysis", "data flow diagram", "DFD security", or "attack tree analysis". Also triggers when the user wants a systematic identification of threats against the application architecture, trust boundaries, data flows, or component interactions.
Technical research methodology with YAGNI/KISS/DRY principles. Phases: scope definition, information gathering, analysis, synthesis, recommendation. Capabilities: technology evaluation, architecture analysis, best practices research, trade-off assessment, solution design. Actions: research, analyze, evaluate, compare, recommend technical solutions. Keywords: research, technology evaluation, best practices, architecture analysis, trade-offs, scalability, security, maintainability, YAGNI, KISS, DRY, technical analysis, solution design, competitive analysis, feasibility study. Use when: researching technologies, evaluating architectures, analyzing best practices, comparing solutions, assessing technical trade-offs, planning scalable/secure systems.
TypeScript and JavaScript development standards for modern web and Node.js development. Covers strict TypeScript configuration, type safety patterns, ESM modules, async/await, testing with Jest/Vitest, and security best practices. Use when working with .ts, .tsx, .js, .mjs files, package.json, tsconfig.json, or when asking about TypeScript/JavaScript best practices.
Guide for creating, configuring, and refining AI Agents. Use this skill when users want to define a new agent persona, generate a system prompt, or assemble a specific set of skills/workflows for a specialized agent (e.g., "Create a QA Agent" or "Design a Security Auditor Agent").
Comprehensive best practices, design patterns, and common pitfalls for ROS2 (Robot Operating System 2) development. Use this skill when building ROS2 nodes, packages, launch files, components, or debugging ROS2 systems. Trigger whenever the user mentions ROS2, colcon, rclpy, rclcpp, DDS, QoS, lifecycle nodes, managed nodes, ROS2 launch, ROS2 parameters, ROS2 actions, nav2, MoveIt2, micro-ROS, or any ROS2-era robotics middleware. Also trigger for ROS2 workspace setup, DDS tuning, intra-process communication, ROS2 security, or deploying ROS2 in production. Also trigger for colcon build issues, ament_cmake, ament_python, CMakeLists.txt for ROS2, package.xml dependencies, rosdep, workspace overlays, custom message generation, or ROS2 build troubleshooting. Covers Humble, Iron, Jazzy, and Rolling distributions.
Review PRs, MRs, and Gerrit changes with focus on security, maintainability, and architectural fit. Leverages github, gitlab, or gerrit skills based on repository context. Use when asked to review my code, check this PR, review a pull request, look at a merge request, review a patchset, or provide code review feedback.
Multi-agent workflow orchestration for OpenClaw. Use when user mentions antfarm, asks to run a multi-step workflow (feature dev, bug fix, security audit), or wants to install/uninstall/check status of antfarm workflows.