Loading...
Loading...
Found 3,730 Skills
Mean-reversion strategy tools including Hurst exponent, half-life estimation, z-score signals, ADF testing, and Ornstein-Uhlenbeck modeling
Create and manage isolated microVM sandboxes for safe code execution, testing, and development. Use when the user needs to run untrusted code, create isolated environments, execute commands in a sandbox, manage sandbox filesystems, or work with OCI container images in microVMs. Handles sandbox lifecycle, networking, volumes, secrets, and file operations via the msb CLI.
This skill should be used when debugging full-stack issues that span UI, backend, and database layers. It provides a systematic workflow to detect errors, analyze root causes, apply fixes iteratively, and verify solutions through automated server restarts and browser-based testing. Ideal for scenarios like failing schedulers, import errors, database issues, or API payload problems where issues originate in backend code but manifest in the UI.
Guide TDD workflow and testing strategy. Use when implementing features with tests, writing new tests, or establishing test coverage. Triggers on "TDD", "write tests", "test coverage", "red-green-refactor".
Triage failed CI runs on a GitHub-Actions–driven repo — classify regression vs flake vs infra, maintain a single rolling `main-red` issue when main is broken, and point humans at the suspect commit. Use when a workflow fails on `main`, or when a human asks "is main red?", "why did CI fail on main?", "triage this workflow run", "classify this failure". Paired with the consumer repo's `<repo>-pr-lifecycle` skill (PR-side CI triage) and the `web-testing` skill (invoked for `e2e` failures).
Guides information security engineering—implementing and operating security controls, identity and access systems, encryption and secrets management, security tool integrations (SIEM, EDR, SOAR), cloud guardrails, hardening baselines, and remediation engineering for vulnerabilities. Use when building SSO/RBAC/PAM patterns, configuring KMS or certificate lifecycle, deploying WAF/DLP or EDR connectors, writing security-as-code policies (OPA, SCPs, CIS benchmarks), integrating logging to SIEM, automating security workflows, or validating control fixes—not for SOC triage (soc-analyst), pentesting (penetration-tester, network-pentester, web-pentester), red team (red-team-specialist), CI gates only (devsecops), platform provisioning without security ownership (infrastructure-engineer), CISO/exec program (chief-information-security-officer), security program strategy (cybersecurity), GRC program and audit prep (compliance-specialist), or product tenancy isolation (product-infrastructure-security-engineer).
Guides digital forensics for security incidents—evidence acquisition and chain of custody, disk/memory/mobile/cloud artifact analysis, log and network forensics, timeline correlation, malware artifact triage, and investigation reports for legal/IR and expert-witness preparation outlines (not legal advice). Use when preserving and analyzing forensic artifacts, building super-timelines, documenting acquisition worksheets, triaging malware samples, or preparing forensic findings for counsel—not live incident command (incident-responder), SOC alert queue triage (soc-analyst), authorized penetration testing (penetration-tester), deep binary RE (reverse-engineer), LLM red team (ai-redteam), enterprise ISMS programs (information-security-engineer), audit control mapping (compliance-engineer), or cloud guardrail implementation (cloud-security-engineer).
Autonomous NeMo-RL research agent workflow for directed hypothesis testing and open-ended discovery. Guides agents through the full experiment lifecycle: understanding recipes and environments, wiring RL or NeMo-gym runs, launching reproducible baselines and iterations, analyzing results, preserving human oversight, and using git plus TSV logs as the research ledger.
Guide for migrating an existing web app, PWA, or SPA into a store-ready Capacitor iOS and Android app. Use this skill when users want to wrap or convert a web app into a mobile app, avoid thin WebView app store rejection, add native-feeling UX, handle permissions, offline behavior, account deletion, billing, testing, and Capgo live updates.
Use when tasks are complex and require full microservices collaboration: The main agent acts as a pure Orchestrator, strictly prohibited from writing code personally, and is responsible for accurately assigning responsibilities such as positioning, planning, coding, testing, and review to corresponding sub-agents (explorer, planner, worker, verifier, reviewer, fixer). This Skill enforces microservices workflow discipline, requiring full Chinese communication, minimal routing output, and minimized context transfer.
Guideline for designing, implementing, and verifying secure Python applications following OWASP Top 10 best practices. Use when the user wants to: (1) review Python code for security vulnerabilities, (2) design a secure Python application architecture, (3) implement security features (authentication, authorization, cryptography, input validation), (4) audit Python dependencies for known vulnerabilities, (5) create security checklists or verification plans, (6) fix security bugs or harden existing Python code, (7) set up security testing and static analysis (bandit, safety, semgrep), or (8) handle any Python security concern including injection prevention, secure deserialization, SSRF protection, secrets management, and secure deployment.
Automatically discover CI/CD and automation skills when working with GitHub Actions, Jenkins, GitLab CI, pipelines, continuous integration, continuous deployment, or automated testing. Activates for CI/CD development tasks.