Loading...
Loading...
Found 609 Skills
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
Perform a high-level flow audit of an implementation plan, analyzing phase-to-phase dependencies, data flow consistency, ordering logic, stale artifacts, and risk assessment. Use when asked to 'audit the plan', 'check plan flow', 'review plan dependencies', 'find plan discrepancies', or 'assess plan coherence'. Do NOT use for per-phase template compliance (use /review-plan) or creating plans (use /create-plan).
Generates technical implementation plans and architectural strategies that enforce the Project Constitution. Use when designing new features, starting implementation tasks, refactoring code, or ensuring compliance with critical standards like Testability-First Architecture, security mandates, testing strategies, and error handling.
Pre-submission validation for Google Play releases covering metadata, screenshots, bundle integrity, data safety, and policy compliance. Use when preparing a release to avoid rejections and catch issues before submitting.
Load PROACTIVELY when task involves payments, billing, or subscriptions. Use when user says "add payments", "integrate Stripe", "set up subscriptions", "add a checkout flow", or "handle billing webhooks". Covers Stripe, LemonSqueezy, and Paddle integration, checkout sessions, subscription lifecycle management, webhook verification and handling, customer portal, metered billing, refunds, and PCI compliance considerations.
Handle LaTeX formatting, templates, and styling for academic papers. Set up conference templates (ICML, ICLR, NeurIPS, AAAI, ACL), fix formatting issues, manage packages, and ensure venue-specific compliance. Use when the user needs to set up a paper template, fix LaTeX formatting, or prepare for submission.
Guide developers integrating EUrouter into their applications. EUrouter is an OpenAI-compatible AI gateway for EU/GDPR compliance. Use when integrating EUrouter, switching from OpenRouter or OpenAI, configuring EU data residency, routing AI requests to EU providers, managing API keys, or asking about EUrouter's API for chat completions, embeddings, streaming, tool calling, vision, model routing, or GDPR compliance features.
Expert cold email strategist for B2B outbound campaigns. Use when the user asks about cold email writing, email sequences, email deliverability, domain warmup, SPF/DKIM/DMARC setup, email personalization, cold email templates, email copywriting frameworks, email compliance (CAN-SPAM, GDPR), bounce management, inbox placement, email infrastructure, sequencing tools (Instantly, Smartlead, Lemlist), or cold outreach strategy. Also triggers on "cold email", "email sequence", "deliverability", "warmup", "SPF", "DKIM", "DMARC", "bounce rate", "spam", "inbox placement", "email template", "follow-up email", "outbound email", "Instantly", "Smartlead", "email copy", "subject line", "personalization". Do NOT use for marketing emails or newsletters.
Security-first visual testing combining URL validation, PII detection, and visual regression with parallel viewport support. Use when testing web applications that handle sensitive data, need visual regression coverage, or require WCAG accessibility compliance.
Tailwind CSS v4.1 best practices with WCAG 2.1 AA accessibility, theming, and dark mode support. Use when working with HTML, CSS, styling components, accessibility (a11y), WCAG compliance, color contrast, focus states, screen readers, theming, light mode, dark mode, or building accessible UI patterns like buttons, forms, cards, and navigation. Complements the angular-best-practices skill for Angular frontends.
3-gate regulatory template orchestrator - manages setup, Gate 1 (analysis), Gate 2 (validation), Gate 3 (generation) for BACEN/RFB compliance.
WCAG AA and ARIA best practices — screen readers, keyboard navigation, focus management. Use when building any user-facing interface or reviewing accessibility compliance.