Loading...
Loading...
Found 517 Skills
Scaffolds a new project repository for agentic development from a problem description, or sets up ops tooling (git, precommits, gitignore, licensing, CI) for an existing project. Guides the user through naming, runtime, package manager, devops, licensing, and project structure. Use when the user says "init project", "new project", "start a project", "scaffold repo", "create repo", or describes a problem they want to build a solution for.
Coordinates performance optimization: algorithm, query, and runtime workers in parallel
JavaScript language fundamentals. Covers ES6+, modules, async patterns. Use when working with plain JS projects without TypeScript. USE WHEN: user mentions "javascript", "ES6", "async/await", "promises", "modules", asks about "destructuring", "spread operator", "arrow functions", "ESM vs CommonJS" DO NOT USE FOR: TypeScript projects - use `typescript` skill instead DO NOT USE FOR: Node.js runtime - use `nodejs` skill instead DO NOT USE FOR: Browser APIs - use framework-specific skills
Execute use when provisioning Vertex AI ADK infrastructure with Terraform. Trigger with phrases like "deploy ADK terraform", "agent engine infrastructure", "provision ADK agent", "vertex AI agent terraform", or "code execution sandbox terraform". Provisions Agent Engine runtime, 14-day code execution sandbox, Memory Bank, VPC Service Controls, IAM roles, and secure multi-agent infrastructure.
Use when the user needs workflow orchestration such as branching, concurrency, approvals, waiting and resume, runtime stream, restart-safe execution, mixed sync/async function or module orchestration, event-driven fan-out, process-clarity refactors that make stages explicit, performance-oriented refactors that collapse split requests, or explicit draft-review-revise style multi-stage flows. The user does not need to say TriggerFlow explicitly.
Use when you need to apply Java secure coding best practices — including validating untrusted inputs, defending against injection attacks with parameterized queries, minimizing attack surface via least privilege, applying strong cryptographic algorithms, handling exceptions securely without exposing sensitive data, managing secrets at runtime, avoiding unsafe deserialization, and encoding output to prevent XSS. Part of the skills-for-java project
Run TypeScript type checking with tsc --noEmit and parse errors into actionable, file-grouped output. Use when validating TypeScript code before commits, after refactors, or when checking for type regressions. Use for "type check", "tsc", "TypeScript errors", "type validation", or pre-commit TypeScript verification. Do NOT use for linting, test execution, runtime errors, or JavaScript-only projects without tsconfig.json.
Execute a comprehensive, framework-agnostic Security Audit. Detects project type at runtime and adapts security checks accordingly. Analyzes sensitive files, source code secrets, dependency vulnerabilities, and optionally uses Gemini AI for advanced analysis. Produces a severity-classified report. Use when the user asks to audit security, scan for vulnerabilities, check for secrets, or assess dependency risks. Triggers on: 'security audit', 'vulnerability scan', 'secret scan', 'dependency audit', 'security check', 'pentest', 'owasp'.
Create a lang/ plugin that wires any CLI tool or language runtime into gm-cc — adds exec:<id> dispatch, optional LSP diagnostics, and optional prompt context injection. Zero hook configuration required.
Comprehensive Android mobile application penetration testing skill with full ADB shell access to rooted devices. This skill should be used when performing security assessments on Android applications including static analysis, dynamic analysis, runtime manipulation, traffic interception, and vulnerability identification. Triggers on requests to pentest Android apps, test mobile security, analyze APKs, bypass security controls, or perform OWASP Mobile Top 10 assessments. (user)
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.
AnyCap CLI -- capability runtime for AI agents. One CLI for image generation, image read, video analysis, audio analysis, music composition, text-to-speech, web search, web crawling, file download, static site hosting, and cloud file storage. Use when the agent needs to generate images, analyze images, video, or audio, produce audio/music, search or crawl the web, download remote files, deploy static sites, or store and share files. Also use when the agent needs to authenticate with AnyCap (login, API key, credentials), or when encountering errors from AnyCap to submit feedback via 'anycap feedback'. Trigger on mentions of AnyCap, multimodal capabilities, AI-generated media, page hosting, or drive storage.