Loading...
Loading...
Found 5,725 Skills
This skill should be used when the user asks to "explain security concept", "what is OWASP", "explain this finding", "what does this vulnerability mean", "explain stride", "explain injection", "what is CSRF", "explain spoofing", "what does INJ-003 mean", "compare stride vs pasta", or asks any question about security terminology, frameworks, vulnerability categories, or specific findings. Works at framework, category, finding, and comparison levels.
This skill should be used when the user asks to "check for SSRF", "analyze server-side request forgery", "find URL fetching vulnerabilities", "check for internal network access", or mentions "SSRF", "URL fetching", "cloud metadata", "169.254.169.254", or "request forgery" in a security context. Maps to OWASP Top 10 2021 A10: Server-Side Request Forgery.
Expert Guide to Indie Game Development with Go (Golang) and its game engines (such as Ebitengine or Raylib-go). Covers core areas including memory management, concurrency-safe game loops, asset embedding (go:embed), and cross-platform cross-compilation. Suitable for scenarios where high-performance 2D/3D games are built using the Go ecosystem.
Use this skill whenever the user wants to find trading opportunities, detect arbitrage, analyze a market, perform edge detection, find mispricing, do probability analysis, evaluate orderbook depth, find momentum signals, or assess Polymarket market quality. Triggers: "find opportunities", "detect arbitrage", "analyze market", "edge detection", "mispricing", "probability analysis", "orderbook analysis", "momentum scanner", "market inefficiency", "price gap", "volume surge", "trading edge", "market analysis".
Creates 03-ui-ux-spec.md (IA, Expo Router route map, screen list, design tokens, component inventory, accessibility) for a new app idea. Use after docfactory-prd to define the visual and interactive layer. Essential for ensuring a consistent, goal-oriented mobile UI and preventing "design drift" during development.
Test coverage-focused code review. Apply when reviewing code for missing unit tests, integration tests, edge cases, error handling paths, test quality, and test maintainability.
Write winning Upwork proposals that stand out from AI-generated spam. This skill should be used when the user pastes an Upwork job description and wants to bid, or says "write proposal", "apply for this job", "bid on this".
Main security scanning orchestration. Detects language, runs OWASP Top 10 patterns, identifies vulnerabilities, generates structured reports. Use when scanning for XSS, SQL injection, command injection, secrets, or any security vulnerability.
Transform UI style requirements into production-ready frontend code with systematic design tokens, accessibility compliance, and creative execution. Use when building websites, web applications, React/Vue components, dashboards, landing pages, or any web UI requiring both design consistency and aesthetic quality.
Research CVEs and security advisories for project dependencies. Uses Exa, NVD API, OSV.dev, and GitHub Advisory Database to find known vulnerabilities.
Analyze candidate algorithms for time/space complexity, scalability limits, and resource-budget fit (CPU, memory, I/O, concurrency). Use when feasibility depends on input growth or latency/memory constraints and quantitative bounds are required before implementation; do not use for persistence schema or deployment topology decisions.
Used to audit codebases to ensure their naming complies with established terminology and specifications. This Skill should be used when you need to enforce a project's 'Ubiquitous Language', identify deviations in method/variable/parameter naming, and propose modification suggestions.