Loading...
Loading...
Found 48 Skills
Audit and fix RGAA 4.1.2 accessibility issues in any web framework that outputs HTML: React, Vue, Svelte, Astro, Angular, Next.js, Nuxt, SvelteKit, plain HTML, Handlebars, ERB, Nunjucks, and similar. Activates proactively whenever a developer writes, modifies, generates, or refactors any component or template — even without explicit mention of accessibility. Triggers on: "create a component", "add a form", "refactor this header", "add a data table", "add a nav", "build a layout", "audit accessibility", "check a11y", "RGAA", "is this accessible", "make WCAG compliant", "fix accessibility issues", or any request to write/review .jsx/.tsx/.vue/.svelte/.astro/.html files. Covers static code only: images alt text, colors, tables, links, mandatory elements, information structure, forms, navigation landmarks.
Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a skill directory or git repo URL for malicious code, (3) pre-install security gate for Claude Code plugins, OpenClaw skills, or Codex skills, (4) scanning Python scripts for dangerous patterns like os.system, eval, subprocess, network exfiltration, (5) detecting prompt injection in SKILL.md files, (6) checking dependency supply chain risks, (7) verifying file system access stays within skill boundaries. Triggers: "audit this skill", "is this skill safe", "scan skill for security", "check skill before install", "skill security check", "skill vulnerability scan".
Run Ultimate Bug Scanner for automated bug detection across multiple languages. Detects 1000+ bug patterns including null pointers, security vulnerabilities, async/await issues, and resource leaks. Integrates with quality-gate workflow.
Run ESLint with security plugins on JavaScript/TypeScript code. Detects eval usage, non-literal RegExp, prototype pollution, and other JS/TS security anti-patterns.
Generates PHPStan configurations for PHP projects. Creates phpstan.neon with appropriate level, extensions, paths, baseline support, and DDD-specific rules.
Security Check - Security review for skills before installation. Triggers: Before installing new skills, regular review of installed skills, or when security issues with a skill are suspected. Security Checks: - Dangerous Commands: rm -rf, sudo, curl|bash, etc. - Network Requests: Potential data leakage risks - File Writes: Writing to sensitive locations - Credentials: Risk of API key/password leakage - Resource Exhaustion: Infinite loops - Privilege Escalation: Privilege escalation attempts - External Dependencies: Suspicious dependencies Commands: - /安检 <skill-path> - Review skill security - /安检 scan <path> - Deep scan - /安检 list - List risks of installed skills - /安检 fix <skill> - Fix security issues - /security <skill-path> - English command Actions: - Auto-fix: Remove or replace dangerous code - Disable: Disable dangerous features - User Confirm: User chooses whether to proceed - Block: Block installation for severe risks Capabilities: Static code analysis, dangerous pattern recognition, risk assessment, auto-fix, user interactive decision making.
Static code analysis and complexity metrics
Inspection visuelle et revue de code pour la conformité aux Web Interface Guidelines. Se déclenche sur « review my UI », « check accessibility », « audit design », « review UX », « fix the layout », « find design problems ». Supporte l'analyse statique du code et l'inspection visuelle dans le navigateur avec correction automatique.
Use the free official JetBrains ReSharper Command Line Tools for .NET repositories. Use when a repo wants powerful `jb inspectcode` inspections, `jb cleanupcode` cleanup profiles, solution-level `.DotSettings` enforcement, or a stronger CLI quality gate for C# than the default SDK analyzers alone.
Static inspection of Triton operator code quality (Host side + Device side) for Ascend NPU. Used when users need to identify potential bugs, API misuses, and performance risks by reading code. Core capabilities: (1) Ascend API constraint compliance check (2) Mask integrity verification (3) Precision processing review (4) Code pattern recognition. Note: This Skill only focuses on static code analysis; compile-time and runtime issues are handled by other Skills.
Use this skill when working with the UI5 Linter (@ui5/linter) for static code analysis of SAPUI5/OpenUI5 applications and libraries. Covers setup, configuring linting rules, running the linter to detect deprecated APIs, global variable usage, CSP violations, and manifest issues. Supports autofix for deprecated API usage, global references, event handlers, and manifest properties. Includes CI/CD integration, pre-commit hooks, and UI5 2.x migration preparation.
Detect common code smells and anti-patterns providing feedback on quality issues a senior developer would catch during review. Use when user opens/views code files, asks for code review or quality assessment, mentions code quality/refactoring/improvements, when files contain code smell patterns, or during code review discussions.