Loading...
Loading...
Found 1,678 Skills
Prevent Cross-Site Scripting (XSS) attacks through input sanitization, output encoding, and Content Security Policy. Use when handling user-generated content in web applications.
Implement Cross-Site Request Forgery (CSRF) protection using tokens, SameSite cookies, and origin validation. Use when building forms and state-changing operations.
Use this skill when users manage multiple businesses, need help prioritizing across ventures, want a business health check, or ask "which business should I focus on." Activates for multi-business orchestration, portfolio management, and cross-venture resource allocation.
AWS CloudFormation patterns for infrastructure security, secrets management, encryption, and secure data handling. Use when creating secure CloudFormation templates with AWS Secrets Manager, KMS encryption, secure parameters, IAM policies, VPC security groups, TLS/SSL certificates, and encrypted traffic configurations. Covers template structure, parameter best practices, cross-stack references, and defense-in-depth strategies.
Generate cross-platform installation scripts for any software, library, or module. Use when users ask to "create an installer", "generate installation script", "automate installation", "setup script for X", "install X on any OS", or need automated deployment across Windows, Linux, and macOS. The skill follows a three-phase approach: (1) Environment exploration - detect OS, gather system info, check dependencies; (2) Installation planning - propose steps with verification; (3) Execution with documentation generation.
Validates planning artifacts (spec.md, plan.md, data-model.md, contracts/) for quality, completeness, and consistency. Checks for mandatory sections, cross-artifact consistency, and constitution compliance. Always run after /speckit.plan completes.
Implement Cross-Site Request Forgery (CSRF) protection for API routes. Use this skill when you need to protect POST/PUT/DELETE endpoints, implement token validation, prevent cross-site attacks, or secure form submissions. Triggers include "CSRF", "cross-site request forgery", "protect form", "token validation", "withCsrf", "CSRF token", "session fixation".
Google Gemini CLI orchestration for AI-assisted development. Capabilities: second opinion/cross-validation, real-time web search (Google Search), codebase architecture analysis, parallel code generation, code review from different perspective. Actions: query, search, analyze, generate, review with Gemini. Keywords: Gemini CLI, second opinion, cross-validation, Google Search, web research, current information, parallel AI, code review, architecture analysis, gemini prompt, AI comparison, real-time search, alternative perspective, code generation. Use when: needing second AI opinion, searching current web information, analyzing codebase architecture, generating code in parallel, getting alternative code review, researching current events/docs.
BullMQ queue system reference for Redis-backed job queues, workers, flows, and schedulers. Use when: (1) creating queues and workers with BullMQ, (2) adding jobs (delayed, prioritized, repeatable, deduplicated), (3) setting up FlowProducer parent-child job hierarchies, (4) configuring retry strategies, rate limiting, or concurrency, (5) implementing job schedulers with cron/interval patterns, (6) preparing BullMQ for production (graceful shutdown, Redis config, monitoring), or (7) debugging stalled jobs or connection issues
Set up and manage a Memory Bank system for cross-session context continuity across AI coding agents. Use when the user mentions 'memory bank' with any action intent — setup, install, initialize, init, update, refresh, sync, status, check, read, show, review, display, or equivalents in any language (e.g. Turkish: kur, kurulum, güncelle, durumu, oku; German: einrichten, aktualisieren; Spanish: configurar, actualizar; French: installer, mettre à jour). Supports Claude Code, Cursor, Windsurf, Cline, GitHub Copilot, Roo Code, Aider, Antigravity, and OpenAI Codex.
Lemlist platform help — multichannel sequences, lead database, enrichment, Lemwarm, unified inbox, AI personalization, LinkedIn automation, calls, WhatsApp, API, integrations. Use when asking 'how do I do X in Lemlist', configuring Lemlist settings, setting up sequences, managing leads, using Lemwarm warmup, connecting integrations, using the People Database, or using the Lemlist API. Do NOT use for building prospect lists (use /sales-prospect-list), designing cadence strategy (use /sales-cadence), cross-platform deliverability (use /sales-deliverability), or enriching contacts outside Lemlist (use /sales-enrich).
Mixmax platform help — sequences, email tracking, one-click meetings, rules engine, dialer, AI Compose, Salesforce/HubSpot integration, polls, reporting. Use when asking 'how do I do X in Mixmax', setting up Mixmax sequences, configuring Mixmax rules or automations, connecting Mixmax to Salesforce or HubSpot, using Mixmax scheduling, or troubleshooting Mixmax tracking. Do NOT use for general outbound cadence strategy (use /sales-cadence), cross-platform email deliverability (use /sales-deliverability), meeting scheduling strategy (use /sales-meeting-scheduler), email tracking strategy (use /sales-email-tracking), or connecting Mixmax to other tools via Zapier (use /sales-integration).