Loading...
Loading...
Found 551 Skills
Dangling markup injection playbook. Use when HTML injection is possible but JavaScript execution is blocked (CSP, sanitizer strips event handlers, WAF blocks script tags) — exfiltrate CSRF tokens, session data, and page content by injecting unclosed HTML tags that capture subsequent page content.
Browser and V8 exploitation playbook. Use when exploiting JavaScript engine vulnerabilities including JIT type confusion, incorrect bounds elimination, and V8 sandbox bypass to achieve renderer RCE and sandbox escape in Chrome/Chromium.
Teaches Vue render functions and JSX for programmatic template creation. Use when templates are too limiting and you need the full power of JavaScript to construct component output dynamically.
Work with the Upstash Redis TypeScript/JavaScript SDK for serverless Redis operations. Use for caching, session storage, rate limiting, leaderboards, full-text search (querying, filtering, aggregating) with Upstash Redis Search (different from regular FT.SEARCH), and all Redis data structures. Supports automatic serialization/deserialization of JavaScript types. Upstash Redis Search also available via @upstash/search-redis and @upstash/search-ioredis adapters for TCP clients.
k6 performance and load testing. Covers writing test scripts in JavaScript/TypeScript, all test types (load/stress/spike/soak/smoke/breakpoint), thresholds, checks, scenarios, executors, extensions, result analysis, k6 Cloud execution, and CI/CD integration. Use when writing k6 tests, debugging test failures, setting up load testing pipelines, choosing executors/scenarios, or interpreting k6 results.
Refactor Express.js/Node.js code to improve maintainability, readability, and adherence to best practices. Transforms callback hell, fat route handlers, and outdated patterns into clean, modern JavaScript/TypeScript code. Applies async/await, controller-service-repository architecture, proper middleware patterns, and ESM modules. Identifies and fixes anti-patterns including blocking event loop, improper error handling, forEach with async callbacks, and memory leaks.
Senior Frontend QA Engineer with 10+ years JavaScript/TypeScript testing experience. Use when writing unit tests for React components, creating integration tests with React Testing Library, testing custom hooks, mocking APIs, or following TDD for frontend.
Build applications using Azure App Configuration SDK for JavaScript (@azure/app-configuration). Use when working with configuration settings, feature flags, Key Vault references, dynamic refresh, or centralized configuration management.
Set up Biome for fast linting and formatting in JavaScript/TypeScript projects, including editor integration, package scripts, optional pre-commit hooks, and migration from ESLint + Prettier. Use when adding or standardizing lint/format tooling, replacing ESLint/Prettier, or troubleshooting Biome configuration and workflow issues.
Use when designing or building modern web applications in JavaScript/TypeScript (SPA/SSR/SSG/ISR/RSC): architecture trade-offs, state/data patterns, performance, testing, delivery, and team scaling.
Generates dead code detection configurations for loom plan verification. Provides language-specific commands, fail patterns, and ignore patterns for Rust, TypeScript, Python, Go, and JavaScript. Use when adding code quality checks to acceptance criteria or truths fields in loom plans. Dead code detection catches incomplete wiring by identifying code that exists but is never called.
Customize Frappe Desk UI with form scripts, list view scripts, report scripts, dialogs, and client-side JavaScript APIs. Use when building interactive Desk experiences, adding custom buttons, or scripting form behavior.