Loading...
Loading...
Found 2,182 Skills
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
Intelligently triage bug reports and error messages by searching for duplicates in Jira and offering to create new issues or add comments to existing ones. When Claude needs to: (1) Triage a bug report or error message, (2) Check if an issue is a duplicate, (3) Find similar past issues, (4) Create a new bug ticket with proper context, or (5) Add information to an existing ticket. Searches Jira for similar issues, identifies duplicates, checks fix history, and helps create well-structured bug reports.
Four-phase debugging framework with root cause tracing - understand the source before proposing fixes. Use when investigating bugs, errors, unexpected behavior, or failed tests.
Four-phase debugging framework that finds root causes before proposing fixes. Use when investigating bugs, errors, unexpected behavior, failed tests, or when previous fixes haven't worked.
Advanced testing strategies and methodologies. Use when user asks to "design tests", "test coverage", "property-based testing", "mutation testing", "contract testing", "chaos engineering", "test pyramid", "testing strategy", "behavior-driven development", "acceptance testing", or mentions comprehensive testing approaches.
Fixes flaky tests by replacing arbitrary timeouts with condition polling. Use when tests fail intermittently, have setTimeout delays, or involve async operations that need proper wait conditions.
Identifies bugs, analyzes errors, performs root cause analysis, and proposes fixes
Generate appropriate commit messages based on Git diffs
Guides users through structured three-stage collaborative documentation workflow including context gathering, iterative refinement, and reader testing. Use when asked to "write a doc", "draft a proposal", "create a spec", "write technical documentation", "create a PRD", or "draft an RFC". Implements systematic approach for PRDs, design docs, decision docs, technical specs, and proposals through clarifying questions, section-by-section iteration, and fresh-eye validation. Works with markdown documentation, technical specifications, and structured writing projects.
Generate branded PDFs from markdown files. Use when converting case studies, proposals, or documentation to PDF format. Handles styling, templates, and batch conversion.
Use this skill when spreadsheet files are the primary input or output. This means the user wants to: open, read, edit, or repair existing .xlsx, .xlsm, .csv, or .tsv files (e.g., add columns, calculate formulas, format, create charts, clean messy data); create new spreadsheets from scratch or from other data sources; or convert between spreadsheet file formats. Trigger this especially when the user references a spreadsheet file by name or path—even casually (such as "the xlsx in my downloads")—and wants to process it or generate content from it. It's also used to clean or reorganize messy tabular data files (rows with incorrect formatting, misaligned headers, garbage data) into proper spreadsheets. The deliverable must be a spreadsheet file. Do not trigger this when the primary deliverable is a Word document, HTML report, standalone Python script, database pipeline, or Google Sheets API integration, even if tabular data is involved.
Smart commit creation with conventional commits. Use when user says "commit" or requests committing changes. Handles staged file detection, suggests splits for multi-concern changes, and applies proper commit format without emoji prefixes.