Loading...
Loading...
Found 528 Skills
Create MCP servers using the C# SDK and .NET project templates. Covers scaffolding, tool/prompt/resource implementation, and transport configuration for stdio and HTTP. USE FOR: creating new MCP server projects, scaffolding with dotnet new mcpserver, adding MCP tools/prompts/resources, choosing stdio vs HTTP transport, configuring MCP hosting in Program.cs, setting up ASP.NET Core MCP endpoints with MapMcp. DO NOT USE FOR: debugging or running existing servers (use mcp-csharp-debug), writing tests (use mcp-csharp-test), publishing or deploying (use mcp-csharp-publish), building MCP clients, non-.NET MCP servers.
Implements JWT SSO authentication for Metabase embedding in a project. Supports all embedding types that use SSO — Modular embedding (embed.js web components), Modular embedding SDK (@metabase/embedding-sdk-react), and Full app embedding (iframe-based). Creates the JWT signing endpoint, configures the frontend auth layer, and sets up group mappings. Use when the user wants to add SSO/JWT auth to their Metabase embedding, implement user identity for embedded analytics, set up JWT authentication for Metabase, or connect their app's authentication to Metabase embedding.
Query AI Engineer Europe 2026 conference data — speakers, talks, schedule, and more. Use when building apps, AI integrations, or tools on top of conference data. Provides REST endpoints (JSON + plain text), an MCP server for agent tool calls, and a CLI. Covers 150+ talks, 150+ speakers, workshops, and the full 3-day schedule.
Use when setting up Commet webhook endpoints, verifying signatures, handling billing events (subscription.created, subscription.activated, subscription.canceled, subscription.updated, payment.received, payment.failed, invoice.created), or building event-driven billing workflows.
Verify and validate JSON Web Tokens (JWTs) by checking signatures, expiration, claims, and structure. Use when the user wants to verify, validate, or check a JWT — e.g. "verify this token", "is this JWT valid", "check the signature", "validate this token against my JWKS", "is this token expired". Supports HMAC, RSA, and ECDSA with secrets, PEM keys, or JWKS endpoints.
Interactively guide users through configuring ZenMux Base URL, API endpoint, API Key, and model settings for any tool or SDK. Use this skill whenever the user wants to SET UP, CONFIGURE, or CONNECT a tool to ZenMux — including questions like "how do I set up ZenMux in Cursor", "what's the base URL", "how to configure Claude Code with ZenMux", "endpoint for Anthropic API", "help me fill in the API settings". Trigger on: "configure", "setup", "set up", "base url", "endpoint", "api key", "接入", "配置", "设置", "base url 填什么", "怎么填", "怎么接入", "怎么配置", "API 地址", "接口地址". Also trigger when users mention a tool name (Cursor, Cline, Claude Code, Cherry Studio, Open-WebUI, Dify, Obsidian, Sider, Copilot, Codex, Gemini CLI, opencode, etc.) together with ZenMux in a configuration context. Treat the user as a first-time user and guide them step by step. Do NOT trigger for usage queries, documentation lookups, or general product questions — use zenmux-usage or zenmux-context instead.
XSLT injection testing: processor fingerprinting, XXE and document() SSRF, EXSLT write primitives, PHP/Java/.NET extension RCE surfaces. Use when user-controlled XSLT/stylesheet input or transform endpoints are in scope.
Path traversal and LFI playbook. Use when file paths, download endpoints, include operations, archive extraction, or wrapper behavior may expose filesystem control.
Reconnaissance and methodology playbook. Use when mapping assets, discovering endpoints, fingerprinting technology, and building a structured testing plan for a new target.
Entry P1 category router for reconnaissance and methodology. Use when mapping scope, discovering assets, fingerprinting technology, building endpoint inventory, and choosing the first high-value security testing path.
Entry P1 category router for file access and upload workflows. Use when testing download endpoints, file paths, local file inclusion, upload flows, preview pipelines, archive extraction, or storage and sharing boundaries.
API reconnaissance and documentation review playbook. Use when discovering endpoints, schemas, versions, OpenAPI specs, hidden docs, and surface area for API testing.