Loading...
Loading...
Found 939 Skills
Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.
Implement Convex authentication and authorization patterns with OIDC providers or Convex Auth. Use for auth provider setup, ctx.auth usage, user identity handling, and auth-aware schema patterns. Use proactively when users mention auth, JWT, Clerk/Auth0/WorkOS, or Convex Auth. Examples: - user: "Add auth to Convex" → choose provider and outline setup - user: "Get current user" → use ctx.auth.getUserIdentity and checks - user: "Service-to-service access" → use shared secret pattern
Use when Django REST Framework for building APIs with serializers, viewsets, and authentication. Use when creating RESTful APIs.
This skill should be used when auditing code for security issues, reviewing authentication/authorization, evaluating input validation, analyzing cryptographic usage, or reviewing dependency security. Provides OWASP patterns, CWE analysis, and threat modeling guidance.
Use the ntion CLI to interact with Notion workspaces — searching, reading, creating, updating, and managing pages, databases (data sources), and block content. Use when the user wants to: (1) search their Notion workspace, (2) query or list databases, (3) read, create, update, archive, or relate pages, (4) read, append, insert, replace, or delete block content on pages, (5) manage Notion authentication, or (6) perform any Notion workspace operation from the terminal. Trigger on mentions of "Notion", "ntion", page/database IDs, or requests involving workspace content management.
Expert guidance for building production-ready FastAPI applications with modular architecture where each business domain is an independent module with own routes, models, schemas, services, cache, and migrations. Uses UV + pyproject.toml for modern Python dependency management, project name subdirectory for clean workspace organization, structlog (JSON+colored logging), pydantic-settings configuration, auto-discovery module loader, async SQLAlchemy with PostgreSQL, per-module Alembic migrations, Redis/memory cache with module-specific namespaces, central httpx client, OpenTelemetry/Prometheus observability, conversation ID tracking (X-Conversation-ID header+cookie), conditional Keycloak/app-based RBAC authentication, DDD/clean code principles, and automation scripts for rapid module development. Use when user requests FastAPI project setup, modular architecture, independent module development, microservice architecture, async database operations, caching strategies, logging patterns, configuration management, authentication systems, observability implementation, or enterprise Python web services. Supports max 3-4 route nesting depth, cache invalidation patterns, inter-module communication via service layer, and comprehensive error handling workflows.
Use when writing Terraform for OCI, troubleshooting provider errors, managing state files, or implementing Resource Manager stacks. Covers terraform-provider-oci gotchas, resource lifecycle anti-patterns, state management mistakes, authentication issues, and OCI Landing Zones.
REST API design patterns, OpenAPI specifications, versioning strategies, authentication, error handling, and security best practices. Use when designing APIs, creating endpoints, documenting APIs, or implementing backend services that expose HTTP APIs.
bkend.ai file storage expert skill. Covers single/multiple/multipart file upload via Presigned URL, file download (CDN vs Presigned), 4 visibility levels (public/private/protected/shared), bucket management, and file metadata. Triggers: file upload, download, presigned, bucket, storage, CDN, image, 파일 업로드, 다운로드, 버킷, 스토리지, 이미지, ファイルアップロード, ダウンロード, バケット, ストレージ, 文件上传, 下载, 存储桶, 存储, carga de archivos, descarga, almacenamiento, cubo, telechargement, televersement, stockage, seau, Datei-Upload, Download, Speicher, Bucket, caricamento file, scaricamento, archiviazione, bucket Do NOT use for: database operations (use bkend-data), authentication (use bkend-auth).
Use btca (Better Context App) to efficiently query and learn from the bknd backend framework. Use when working with bknd for (1) Understanding data module and schema definitions, (2) Implementing authentication and authorization, (3) Setting up media file handling, (4) Configuring adapters (Node, Cloudflare, etc.), (5) Learning from bknd source code and examples, (6) Debugging bknd-specific issues
Use when initializing or configuring the Bknd authentication system. Covers enabling auth, configuring password strategy, setting up JWT and cookie options, defining roles, and production security settings.
Binance API authentication and key management for trading skills. Securely stores API keys, validates permissions, supports testnet vs production environments, and provides health checks with balance queries.