Loading...
Loading...
Found 433 Skills
Rust CESR primitives library for KERI protocol. Auto-activates when working with cesride imports, Matter/Indexer traits, CESR primitive types (Verfer, Diger, Signer, Salter, Siger, Cigar), Serder/Sadder serialization, or Rust CESR encoding/decoding. Covers the full API: primitive construction, cryptographic operations, SAD serialization, threshold logic, and error handling. Defers to cesr/spec/acdc for protocol theory; focuses on Rust API specifics.
Build with MPP (Machine Payments Protocol) - the open protocol for machine-to-machine payments over HTTP 402. Use when developing paid APIs, payment-gated content, AI agent payment flows, MCP tool payments, pay-per-token streaming, or any service using HTTP 402 Payment Required. Covers the mppx TypeScript SDK with Hono/Express/Next.js/Elysia middleware, pympp Python SDK, and mpp Rust SDK. Supports Tempo stablecoins, Stripe cards, Lightning Bitcoin, and custom payment methods. Includes charge (one-time) and session (streaming pay-as-you-go) intents. Make sure to use this skill whenever the user mentions mpp, mppx, machine payments, HTTP 402 payments, Tempo payments, payment channels, pay-per-token, paid API endpoints, or payment-gated services.
Systematically audit, improve, and enforce test coverage in any repository. Use when asked to improve coverage, add missing tests, set up coverage thresholds, audit test gaps, or wire coverage into CI/hooks. Works across ecosystems (TypeScript, Python, Go, Rust, etc.). Composes with the hk skill for pre-commit enforcement. Triggers on: test coverage, missing tests, coverage threshold, coverage report, untested code, coverage gap, coverage audit.
Concurrency debugging skill for diagnosing data races and deadlocks. Use when reading TSan race reports, debugging deadlocks with GDB thread inspection, analyzing lock-order graphs with Helgrind, identifying std::atomic misuse patterns, or reasoning about happens-before in C++ and Rust. Activates on queries about data races, TSan reports, deadlocks, Helgrind, lock ordering, thread sanitizer output, or atomic ordering issues.
Use when the user says 'build me an app', 'create a project from this spec', 'scaffold a new repo', 'generate a starter', 'turn this idea into code', 'bootstrap a project', 'I have requirements and need a codebase', or provides a natural-language project specification and expects a complete, runnable repository. Stack-agnostic: Next.js, FastAPI, Rails, Go, Rust, Flutter, and more.
Provides comprehensive code review guidance for React 19, Vue 3, Angular 17+, Svelte 5, Rust, TypeScript, Java, Python, Django, Go, C#/.NET, Kotlin, NestJS, C/C++, and more. Helps catch bugs, improve code quality, and give constructive feedback. Use when: reviewing pull requests, conducting PR reviews, code review, reviewing code changes, establishing review standards, mentoring developers, architecture reviews, security audits, checking code quality, finding bugs, giving feedback on code.
Complete bug bounty workflow — recon (subdomain enumeration, asset discovery, fingerprinting, HackerOne scope, source code audit), pre-hunt learning (disclosed reports, tech stack research, mind maps, threat modeling), vulnerability hunting (IDOR, SSRF, XSS, auth bypass, CSRF, race conditions, SQLi, XXE, file upload, business logic, GraphQL, HTTP smuggling, cache poisoning, OAuth, timing side-channels, OIDC, SSTI, subdomain takeover, cloud misconfig, ATO chains, agentic AI), LLM/AI security testing (chatbot IDOR, prompt injection, indirect injection, ASCII smuggling, exfil channels, RCE via code tools, system prompt extraction, ASI01-ASI10), A-to-B bug chaining (IDOR→auth bypass, SSRF→cloud metadata, XSS→ATO, open redirect→OAuth theft, S3→bundle→secret→OAuth), bypass tables (SSRF IP bypass, open redirect bypass, file upload bypass), language-specific grep (JS prototype pollution, Python pickle, PHP type juggling, Go template.HTML, Ruby YAML.load, Rust unwrap), and reporting (7-Question Gate, 4 validation gates, human-tone writing, templates by vuln class, CVSS 3.1, PoC generation, always-rejected list, conditional chain table, submission checklist). Use for ANY bug bounty task — starting a new target, doing recon, hunting specific vulns, auditing source code, testing AI features, validating findings, or writing reports. 中文触发词:漏洞赏金、安全测试、渗透测试、漏洞挖掘、信息收集、子域名枚举、XSS测试、SQL注入、SSRF、安全审计、漏洞报告
Skill for creating custom lint rules by leveraging the existing linter ecosystems of various programming languages. This is a linter designed for AI Agents rather than humans, and its error messages function as correction instruction prompts for AI. Create custom rules in the `lints/` directory using standard methods for each language, including Rust (dylint), TypeScript/JavaScript (ESLint), Python (pylint), Go (golangci-lint), etc. Use this skill in the following scenarios: (1) When you want AI to enforce project-specific coding rules; (2) When you want to create lint rules that output AI-readable correction instructions when violations occur; (3) When you want to enforce naming conventions, structural patterns, and consistency rules through AI-driven linting. Triggers: "Create a linter rule", "Add a lint rule", "Enforce this pattern", "AI linter", "Custom lint", "Code rules", "Naming rules", "Structural rules", "create a linter rule", "add a lint rule", "enforce this pattern", "AI linter".
AI coding agent skill for Antigravity Manager — a Tauri v2 + Rust desktop app and Docker service that manages multiple Google/Anthropic accounts and proxies them as standard OpenAI/Anthropic/Gemini API endpoints with intelligent account rotation.
Install missing language runtimes and dev tools via mise. Use when (1) a command fails due to missing runtime (e.g. node not found, python3 not found, go command not found), (2) user asks to install/setup a language runtime or SDK (node, python, go, rust, java, ruby, etc.), (3) user mentions version management for languages, or (4) setting up a new development environment.
Complete Switchboard Oracle Protocol SDK for Solana - the permissionless oracle solution for price feeds, on-demand data, VRF randomness, and real-time streaming via Surge. Covers TypeScript SDK, Rust integration, Oracle Quotes, and all Switchboard tools.
Use when contributing to the GLIDE client - Rust core internals, language bindings (PyO3/JNI/NAPI/CGO/FFI), protocol layer, PubSub synchronizer, cluster topology, and build system. For using GLIDE in apps, see valkey-glide instead.