Loading...
Loading...
Found 2,617 Skills
Threat modeling methodologies (STRIDE, DREAD), attack trees, threat modeling as code, and integration with SDLC for proactive security design
Load PROACTIVELY when task involves user identity, login, or access control. Use when user says "add authentication", "set up login", "add OAuth", "protect these routes", "implement RBAC", or "add sign-up". Covers session management, JWT tokens, OAuth2 flows, password reset, email verification, protected route middleware, role-based access control, and security hardening (CSRF, rate limiting, token rotation).
Review code for quality, security, and pattern compliance, then auto-fix Critical/High issues. Grounds every finding in actual codebase reference files.
Comprehensive code review with parallel specialist sub-agents. Analyzes requirements traceability, code quality, security, performance, accessibility, test coverage, and technical debt. Produces detailed findings and calls /qa-gate for final gate decision.
Node.js backend patterns: framework selection, layered architecture, TypeScript, validation, error handling, security, production deployment. Use when building REST APIs, Express/Fastify servers, microservices, or server-side TypeScript.
Use when starting feature work that requires isolation from the current workspace or before executing an implementation plan - Create isolated git worktrees through intelligent directory selection and security verification
Skill for operating PocketBase backend via REST API and Go package mode. Provides collection CRUD, record CRUD, superuser/user authentication, backup & restore, migration file generation (JS and Go), Go hooks, custom routes, and design guidance for API rules, relations, and security patterns. Use for requests related to PocketBase, pb_migrations, collection management, record operations, Go framework embedding, and backend design.
Complete full-stack development with Next.js 13+, React, Firebase, Tailwind CSS, and payment integration (Stripe, JazzCash, EasyPaisa). Build production-ready e-commerce platforms, SaaS applications, and scalable web applications. Comprehensive coverage of frontend architecture, backend API routes, database design, authentication systems, payment processing, form handling, error management, and optimization. Generate complete project structures, pages, components, API routes, database schemas, security rules, and deployment configurations using TypeScript.
Analyzes volatile memory dumps to detect malware, rootkits, and security breaches in digital forensics.
Tauri framework for building cross-platform desktop applications with Rust backend and web frontend. Covers architecture, IPC commands, plugins, bundling, code signing, and security best practices. USE WHEN: user mentions "Tauri", "Rust desktop app", asks about "Tauri commands", "Tauri plugins", "Tauri IPC", "Rust + Svelte/React", "lightweight desktop app", "Tauri bundling", "Tauri security" DO NOT USE FOR: Electron applications - use `electron` skill instead
Use when operating production Kubernetes — Helm, autoscaling (HPA/VPA), resource management, StatefulSets, external-secrets, observability (Prometheus/Grafana/Loki), RBAC, Pod Security Standards, NetworkPolicies, admission control, backup (Velero), and cost control.
Install the full development workflow into a Claude Code project: slash commands for breakdown, spec, work, commit, review, PR, security scanning, and issue triage; agents for architecture, implementation, quality review, and git management. Run this after the greenfield or brownfield skill has set up the project foundation. Trigger phrases: "/workflow", "install workflow", "set up commands", "set up agents", "install breakdown and work commands", "configure my workflow", "install the development workflow".