Loading...
Loading...
Found 9,229 Skills
Smart contract and secure API contract security analysis — invariant checking, access control, reentrancy, and integer overflow patterns. Implements Checks-Effects-Interactions pattern, formal invariant verification, and OpenSCV vulnerability taxonomy for Solidity/EVM and Rust/Solana contracts.
Use when testing a web application for security vulnerabilities, before deployment or during security review — guides through a structured 10-phase penetration testing methodology covering mapping, authentication, session management, access controls, injection, logic flaws, and server configuration.
Guide for migrating a project from Prettier or Biome to Oxfmt. Use when asked to migrate, convert, or switch a JavaScript/TypeScript project's formatter from Prettier or Biome to Oxfmt.
Concurrency exploitation — race conditions, TOCTOU vulnerabilities, and parallel request abuse in web applications.
Test for security vulnerabilities using OWASP principles. Use when conducting security audits, testing auth, or implementing security practices.
Use when selecting products to sell on Xiaohongshu, choosing items for live streaming, deciding which products to feature in content, evaluating merchandise profitability, or researching trending products to promote
Generate a professional, client-facing GEO report combining all audit results into a single deliverable with scores, findings, and prioritized actions
OWASP Top 10:2025 security vulnerabilities. Covers access control, injection, supply chain, cryptographic failures, and more. Use for security reviews. USE WHEN: user mentions "OWASP 2025", "Top 10", "security review", "vulnerability assessment", asks about "broken access control", "injection", "supply chain", "cryptographic failures", "exception handling" DO NOT USE FOR: general OWASP (2021) - use `owasp` instead, secrets - use `secrets-management`, dependencies - use `supply-chain`
Google Cloud Platform SDK integration. Cloud Functions, Firestore, Cloud Storage, Pub/Sub, BigQuery, and Cloud Run. Node.js and Python client libraries. USE WHEN: user mentions "GCP", "Google Cloud", "Cloud Functions", "Firestore", "Cloud Storage", "Pub/Sub", "BigQuery", "Cloud Run", "Firebase" DO NOT USE FOR: AWS services - use `aws`; Azure services - use `azure`; Firebase Auth - use auth skills
The market analysis function of Gate Exchange — liquidity, momentum, liquidation, funding arbitrage, basis, manipulation risk, order book explainer, slippage simulation. Use when the user asks about liquidity, depth, slippage, buy/sell pressure, liquidation, funding rate arbitrage, basis/premium, manipulation risk, order book explanation, or slippage simulation (e.g. market buy $X slippage). Trigger phrases: liquidity, depth, slippage, momentum, buy/sell pressure, liquidation, squeeze, funding rate, arbitrage, basis, premium, manipulation, order book, spread, slippage simulation.
Debugging optimized builds skill for diagnosing issues in release code. Use when debugging RelWithDebInfo builds, using -Og for debuggable optimization, working with split-DWARF, applying GDB scheduler-locking, reading inlined frames, or understanding "value optimized out" messages. Activates on queries about debugging optimized code, RelWithDebInfo, -Og, inlined functions in GDB, value optimized out, GDB with -O2, or debugging release builds.
Control browser automation through HTTP API. Supports page navigation, element interaction (click, type, select), data extraction, accessibility snapshot analysis, screenshot, JavaScript execution, and batch operations.