Loading...
Loading...
Found 480 Skills
Use when you need to apply Java secure coding best practices — including validating untrusted inputs, defending against injection attacks with parameterized queries, minimizing attack surface via least privilege, applying strong cryptographic algorithms, handling exceptions securely without exposing sensitive data, managing secrets at runtime, avoiding unsafe deserialization, and encoding output to prevent XSS. Part of the skills-for-java project
Convert text content into elegant magazine-style HTML pages with support for professional typesetting and multiple visual styles. Trigger scenarios: (1) Users want to convert text/articles into magazine-style HTML, (2) Users mention "magazine layout", "magazine design", "article typesetting", "professional typesetting", "text beautification", or "magazine layout", (3) Users need elegantly typeset HTML pages, (4) Users need to export designed content as PDF. 12 unique visual styles are supported, using Tailwind CSS.
Scan the codebase and generate/update CLAUDE.md + reference files (exports, architecture, dev guide) with real project-specific patterns. Run after each coding session or major refactor to keep the AI context map current. Supports Laravel, Next.js, NestJS, Expo/React Native, and Node.js projects.
Use when the user wants to configure, create, or update a SecondMe Skill/MCP integration from a local project, or needs help exposing existing project capabilities through MCP.
Operate InstaVM infrastructure: run ephemeral sessions, create or manage VMs, host or deploy apps, take snapshots, clone machines, register SSH keys, expose shares, set egress, mount volumes, and use platform APIs. Use this whenever the user mentions InstaVM, instavm.io, the `instavm` Python SDK, `ssh instavm.dev`, app hosting, or VM lifecycle work, even if they do not explicitly say "InstaVM".
Fixes broken line wrapping in Claude Code exported conversation files (.txt), reconstructing tables, paragraphs, paths, and tool calls that were hard-wrapped at fixed column widths. Includes an automated validation suite (generic, file-agnostic checks). Triggers when the user has a Claude Code export file with broken formatting, mentions "fix export", "fix conversation", "exported conversation", "make export readable", references a file matching YYYY-MM-DD-HHMMSS-*.txt, or has a .txt file with broken tables, split paths, or mangled tool output from Claude Code.
Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.
Plan and execute incremental product isolation migrations to a facade plus contract layer in PostHog, following the Visual review architecture. Use when a product still exposes internals (models/logic/views) across boundaries and needs a safe, multi-PR migration toward contracts.py + facade/api.py + presentation separation.
Audit Webflow Code Components for architecture decisions - prop exposure, state management, slot opportunities, and Shadow DOM compatibility. Focused on Webflow-specific patterns, not generic React best practices.
Short-term and swing trading assistant for the Indian stock market (NSE/BSE). Helps with stock screening, technical analysis, trade planning, and watchlist generation focused on breakout/breakdown patterns, support-resistance levels, and volume-price action. Use this skill whenever the user mentions Indian stocks, NSE, BSE, Nifty, swing trades, short-term trades, positional trades, breakout setups, stock screening for Indian markets, trade plans for Indian equities, or asks for watchlists with entry/exit/SL levels. Also trigger when the user uploads Indian market data (CSV exports, screenshots of charts), mentions specific NSE/BSE stock names or tickers, or asks questions like "find me good setups", "scan for breakouts", "give me a trade plan for TATAMOTORS", "what looks good in Nifty 50 right now", or "build me a watchlist". Do NOT trigger for intraday/scalping, options strategies, mutual fund analysis, long-term investing (6+ months), or non-Indian markets.
YC Office Hours — two modes. Startup mode: six forcing questions that expose demand reality, status quo, desperate specificity, narrowest wedge, observation, and future-fit. Builder mode: design thinking brainstorming for side projects, hackathons, learning, and open source. Saves a design doc. Use when asked to "brainstorm this", "I have an idea", "help me think through this", "office hours", or "is this worth building". Proactively suggest when the user describes a new product idea or is exploring whether something is worth building — before any code is written. Use before /plan-ceo-review or /plan-eng-review.
Self-hosted auth for TypeScript/Cloudflare Workers with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Requires Drizzle ORM or Kysely for D1 (no direct adapter). Self-hosted alternative to Clerk/Auth.js. Use when: self-hosting auth on D1, building OAuth provider, multi-tenant SaaS, or troubleshooting D1 adapter errors, session caching, rate limits, Expo crashes, additionalFields bugs.