Loading...
Loading...
Found 49 Skills
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Includes memory architecture with pre-compaction flush (so context survives when the window fills), reverse prompting (surfaces ideas you didn't know to ask for), security hardening, self-healing patterns (diagnoses and fixes its own issues), and alignment systems (stays on mission, remembers who it serves). Battle-tested patterns for agents that learn from every interaction and create value without being asked.
Audit and harden authentication code for security best practices. Use when the user wants to check their auth implementation for vulnerabilities, harden session handling, fix credential storage, or apply OWASP-recommended security patterns.
Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate and audit workflows. Locks down install-time scripts, registries, version ranges, and CI checks.
MCP server building, advanced patterns, and security hardening. Use when building MCP servers, implementing tool handlers, adding authentication, creating interactive UIs, hardening MCP security, or debugging MCP integrations.
Performs comprehensive security audits of KrakenD configurations to identify vulnerabilities, authentication gaps, and security best practices violations with Flexible Configuration support
Audit and harden your OpenClaw configuration. Checks AGENTS.md, gateway settings, sandbox config, and permission policies for security weaknesses.
Omniscient APEX Ecosystem development skill. Triggers: apex code, omnihub development, tradeline build, aspiral feature, apex bug, fix apex, apex architecture, omnidash component, triforce guardian, man mode, apex security, apex test, armageddon test, apex deploy, apex optimize, semantic translation, web2 web3 bridge. Produces: zero-drift, first-pass success code for APEX OmniHub, TradeLine 24/7, aSpiral, and all connected applications. Compatible with all LLMs.
Generates minimal macOS Seatbelt sandbox configurations. Use when sandboxing, isolating, or restricting macOS applications with allowlist-based profiles.
Expert knowledge for Azure Attestation development including troubleshooting, best practices, security, configuration, and deployment. Use when validating attestation tokens, authoring SGX/TPM policies, configuring policy signers, or securing endpoints, and other Azure Attestation related development tasks. Not for Azure Confidential Computing (use azure-confidential-computing), Azure Virtual Enclaves (use azure-virtual-enclaves), Azure Key Vault (use azure-key-vault), Azure Security (use azure-security).
Systematic GitHub Actions workflow authoring skill for AI coding agents. Analyzes repositories to determine project type, language ecosystem, and deployment targets, then generates production-grade CI/CD workflows with proper security hardening, caching, and optimization. Handles greenfield projects (no workflows exist), brownfield updates (modify, optimize, secure existing workflows), and workflow audits with workflow-specific guidance for each. Use when the user requests GitHub Actions workflows: CI pipelines, CD deployments, release automation, scheduled jobs, or any .github/workflows YAML authoring. Also use when existing workflows need auditing, optimizing, securing, or restructuring. Triggers on phrases like "set up CI", "add CI/CD", "GitHub Actions workflow", "release automation", "deploy on tag", "publish to npm/PyPI", "schedule a job", "cron workflow", "matrix build", "workflow.yml", "actions/checkout", "permissions", "harden this pipeline", "pin actions to SHA", "OIDC", "least privilege", "supply-chain", "audit my workflows", "speed up CI", or "cache dependencies". Triggers when creating or editing files under `.github/workflows/`, `action.yml`/`action.yaml` (composite or Docker actions), or `.github/dependabot.yml`. Triggers when the user mentions migrating from GitLab CI, CircleCI, Travis, Jenkins, Drone, or Buildkite to GitHub Actions. Do NOT use for non-GitHub CI systems (GitLab CI, CircleCI, Jenkins) unless the user is migrating TO GitHub Actions. Do NOT use for general bash scripting, Makefiles, or local-only build configuration.
Refactor Flask code to improve maintainability, readability, and adherence to best practices. This skill transforms Flask applications using the application factory pattern, Blueprint organization, and service layer separation. It addresses fat route handlers, missing error handling, improper context local usage, and security issues. Apply when you notice global app instances, routes without Blueprints, business logic in handlers, or missing CSRF protection.
Build and operate modern Node.js applications with strong architecture, dependency hygiene, performance, resilience, observability, and security controls. Use when designing project layout, runtime/module strategy, testing and CI, release workflows, and production operations.