Loading...
Loading...
Found 2,399 Skills
AI-first security scanning with Medusa. 3,000+ detection patterns covering AI/ML, agents, MCP, RAG, prompt injection, and traditional SAST vulnerabilities. Wraps Medusa CLI with SARIF/JSON parsing, structured finding output, OWASP mapping, and remediation guidance.
Evaluate whether a development ticket (user story, feature request, bug report, etc.) is ready for development, and provide specific, actionable feedback if it is not. Use this skill whenever the user asks to triage, evaluate, assess, review, or check the readiness of a ticket, story, issue, or work item. The ticket can come from anywhere: pasted inline, read from a file, fetched from Jira or another tracker via MCP, or any other source. Also use this when a user asks "is this ticket ready?" or "what's wrong with this ticket?" or wants to improve a ticket's specification.
Unified setup hub: project init, tool setup, 2-agent config, harness-mem, codex CLI, and rule localization. Use when user mentions setup, initialization, new projects, workflow files, CI setup, LSP setup, MCP setup, codex setup, opencode setup, 2-Agent setup, PM coordination, Cursor setup, harness-mem, claude-mem integration, cross-session memory, localize rules, adapt rules. Do NOT load for: implementation work, reviews, build verification, or deployments.
HOWL v2 — Hunt, Optimize, Win, Learn. Nightly self-improvement loop for the WOLF autonomous trading strategy. Runs once per day (via cron) to review all trades from the last 24 hours, compute win rates, analyze signal quality correlation, evaluate DSL tier performance, identify missed opportunities, and produce concrete improvement suggestions for the wolf-strategy skill. v2 adds fee drag ratio (FDR) analysis, holding period bucketing, LONG vs SHORT regime detection, rotation cost tracking, cumulative drift detection, and gross vs net profit factor separation. Use when setting up daily trade review automation, analyzing trading performance, or improving an autonomous trading strategy through data-driven feedback loops. Requires Senpi MCP connection, mcporter CLI, and OpenClaw cron system.
【Must Read · Mandatory】Mandatory usage specification for Giime component library. You must read this skill before writing or modifying any frontend code involving UI components. It covers enhanced features of gm-* components, usage of plugins such as GmConfirmBox/GmMessage/GmCopy, common code patterns, and how to obtain MCP documents.
QA web testing skill using Chrome DevTools MCP tools for visual regression testing, responsive breakpoint validation, and CSS layout debugging. Use this skill whenever the user asks to "test a page", "check breakpoints", "verify responsive layout", "QA this page", "test CSS at different viewports", "check for layout bugs", "verify the fix", or wants to visually inspect a web page at specific viewport widths. Also triggers when the user provides a URL and asks to take screenshots, compare layouts, or inspect element dimensions. Works with any Chrome DevTools MCP-connected browser session on localhost or staging environments.
Token and address risk assessment. Use this skill whenever the user asks about token, contract, or address safety. Trigger phrases include: is this token safe, check contract risk, is this address safe, honeypot, rug. MCP tools: info_compliance_check_token_security, info_coin_get_coin_info; Address mode: info_onchain_get_address_info.
Mint (purchase) an Art Blocks token using the artblocks-mcp tools. Use when a user wants to mint, purchase, or buy an Art Blocks NFT, or needs to understand minting mechanics, minter types, pricing, allowlists, Dutch auctions, or build_purchase_transaction.
Add Stripe payments to a web app — Checkout Sessions, Payment Intents, subscriptions, webhooks, customer portal, and pricing pages. Covers the decision of which Stripe API to use, produces working integration code, and handles webhook verification. No MCP server needed — uses Stripe npm package directly. Triggers: 'add payments', 'stripe', 'checkout', 'subscription', 'payment form', 'pricing page', 'billing', 'accept payments', 'stripe webhook', 'customer portal'.
Validate a published or draft-preview WordPress post in a real browser using Playwright. Checks rendered title, heading structure, image loading, OG/meta tags, JavaScript errors, and responsive layout at mobile/tablet/desktop breakpoints. When Chrome DevTools MCP is available, can use it for live browser inspection as an alternative to Playwright. Use for "validate wordpress post", "check live post", "verify published post", "wordpress post looks right", "check og tags", or "responsive check wordpress". Do NOT use for source markdown validation (use pre-publish-checker), SEO keyword analysis (use seo-optimizer), or uploading content (use wordpress-uploader).
Generates Tzatziki-based Cucumber BDD tests (.feature files) from a functional specification. Use this skill whenever a user wants to write Cucumber tests, add BDD scenarios, create feature files, generate tests, or test application behaviors with Gherkin — especially in Java/Spring projects using Tzatziki step definitions for HTTP, JPA, Kafka, MongoDB, OpenSearch, logging, or MCP. Also use when the user mentions writing integration tests, acceptance tests, or end-to-end tests in a project that already has Tzatziki/Cucumber dependencies, including TestNG-based setups.
AI screen memory — search everything you've seen or heard on your computer. Integrates with Screenpipe's local MCP server for OCR text, audio transcripts, and app usage history.