Loading...
Loading...
Found 939 Skills
Security best practices and vulnerability prevention for Golang. Covers injection (SQL, command, XSS), cryptography, filesystem safety, network security, cookies, secrets management, memory safety, and logging. Apply when writing, reviewing, or auditing Go code for security, or when working on any risky code involving crypto, I/O, secrets management, user input handling, or authentication. Includes configuration of security tools.
Laravel 13 testing with Pest PHP 4 or PHPUnit 12. Use when writing feature tests, unit tests, or any test code in a Laravel application. Triggers on tasks involving HTTP tests, model factories, database assertions, mocking facades, authentication testing, or test organisation patterns.
Scaffold signin and signup authentication endpoints for a project. Use when the user wants to add authentication, create login/register flows, or set up auth from scratch.
Verify phone numbers via SMS, Flashcall, Phone Call, Data (seamless carrier-level), or WhatsApp with Sinch Verification API. Use when implementing user phone verification, OTP, two-factor authentication, or number ownership confirmation flows.
Trust Wallet API for crypto data — token search, prices, trending tokens, swap quotes, market data, security checks, address validation, asset info, and coin status across 100+ blockchains. Use whenever the user asks about crypto prices, token info, swap rates, market cap, trending coins, token risk, honeypot detection, address validation, or wants to call the Trust Wallet / tws.trustwallet.com API directly. Covers HMAC-SHA256 authentication, supported chains, and all REST endpoints.
Security review for Go applications: input validation, SQL injection, authentication/authorization, secrets management, TLS, OWASP Top 10, and secure coding patterns. Use when performing security reviews, checking for vulnerabilities, hardening Go services, or reviewing auth implementations. Trigger examples: "security review", "check vulnerabilities", "OWASP", "SQL injection", "input validation", "secrets management", "auth review". Do NOT use for dependency CVE scanning (use go-dependency-audit) or concurrency safety (use go-concurrency-review).
This skill should be used when users want to train or fine-tune language models using TRL (Transformer Reinforcement Learning) on Hugging Face Jobs infrastructure. Covers SFT, DPO, GRPO and reward modeling training methods, plus GGUF conversion for local deployment. Includes guidance on the TRL Jobs package, UV scripts with PEP 723 format, dataset preparation and validation, hardware selection, cost estimation, Trackio monitoring, Hub authentication, and model persistence. Should be invoked for tasks involving cloud GPU training, GGUF conversion, or when users mention training on Hugging Face Jobs without local GPU setup.
Analyze wallet portfolios on supported blockchains: view token holdings with current values, track transaction activity and history, check PnL (profit and loss) statistics over different time windows, and query total wallet net worth. Also supports querying the authenticated user's own LiberFi TEE wallet portfolio without needing to provide a wallet address — use the `me` commands when the user wants to check their own LiberFi account's holdings, activity, stats, or net worth. Trigger words: wallet, portfolio, holdings, my tokens, my coins, my balance, what do I hold, what tokens do I have, wallet balance, wallet holdings, wallet activity, transaction history, recent transactions, transfers, swaps, trade history, wallet stats, PnL, profit and loss, profit, loss, gains, returns, performance, how much did I make, how much did I lose, win rate, net worth, total value, portfolio value, total balance, how much is my wallet, wallet overview, wallet summary, wallet analysis, check wallet, view wallet, my portfolio, account balance, my LiberFi wallet, my TEE wallet, my account portfolio, check my account, my holdings without address. Chinese: 钱包, 持仓, 我的代币, 我持有什么, 余额, 钱包余额, 交易记录, 交易历史, 最近交易, 转账记录, 钱包统计, 盈亏, 利润, 亏损, 收益, 收益率, 胜率, 净值, 总价值, 钱包总价值, 钱包概览, 钱包分析, 查看钱包, 我的LiberFi钱包, 我的TEE钱包, 我的账户持仓, 不知道地址查我的钱包. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Public `wallet` commands require both chain and wallet address — always ask the user for these if not provided. CRITICAL: `me` commands do NOT require a wallet address — they use the authenticated user's TEE wallet automatically. They DO require authentication (run `lfi status` first, then `lfi login key` if needed). Do NOT use this skill for: - Token search, info, security audit, K-line → use liberfi-token - Trending tokens or new token rankings → use liberfi-market - Swap quotes, trade execution, or transaction broadcast → use liberfi-swap - Token holder analysis (for a specific token) → use liberfi-token Do NOT activate on vague inputs like "wallet" alone without a wallet address or clear intent to check portfolio data.
Postmark platform help — transactional email delivery via REST API (`POST /email`, `POST /email/batch`), SMTP relay, Message Streams (transactional vs broadcast isolation), Handlebars Templates with layout inheritance, Inbound Email parsing, Webhooks (bounce, delivery, open, click, spam complaint, subscription change, inbound), DMARC Monitoring, Bounce Management (Rebound), Suppressions, Statistics, Bulk API, Sender Signatures, and domain authentication. Use when asking 'how do I do X in Postmark', sending transactional email with Postmark, configuring Message Streams, setting up Postmark templates, processing inbound email via Postmark, managing bounces and suppressions, or troubleshooting Postmark deliverability. Do NOT use for general email marketing strategy (use /sales-email-marketing), cross-platform email deliverability (use /sales-deliverability), email open/click tracking strategy (use /sales-email-tracking), or SendGrid-specific questions (use /sales-sendgrid).
Configure GitHub authentication for Cyrus — gh CLI login and git config for creating pull requests.
Guides the agent through installing, authenticating, configuring, and using the Capawesome CLI (@capawesome/cli). Covers installation, interactive and token-based authentication, project linking via capawesome.config.json, the full command reference (app management, native builds, live updates, certificates, environments, channels, deployments, destinations, devices), CI/CD integration with token auth and JSON output, and diagnostics via the doctor command. Do not use for Capawesome Cloud feature setup (native builds workflow, live updates workflow, app store publishing) — use the capawesome-cloud skill instead.
Configure Claude Code authentication for Cyrus — API key, OAuth token, or third-party provider.