Loading...
Loading...
Found 939 Skills
Use this skill when integrating a third-party auth provider (Clerk, Auth0, WorkOS, Kinde, Stytch) with InsForge for authentication and RLS. Covers JWT configuration, client setup, database RLS policies, and provider-specific gotchas for each supported integration.
Scaffold and implement authentication in TypeScript/JavaScript apps using Better Auth. Detect frameworks, configure database adapters, set up route handlers, add OAuth providers, and create auth UI pages. Use when users want to add login, sign-up, or authentication to a new or existing project with Better Auth.
Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests using manual techniques and automated tools like sqlmap. The tester detects injection points through error-based, union-based, blind boolean, and time-based blind techniques across all major database engines (MySQL, PostgreSQL, MSSQL, Oracle) to demonstrate data extraction, authentication bypass, and potential remote code execution. Activates for requests involving SQL injection testing, SQLi exploitation, database security assessment, or injection vulnerability verification.
Scans code for security vulnerabilities — injection flaws, authentication gaps, XSS vectors, mass assignment, CSRF, insecure deserialization, sensitive data exposure, broken access control, and misconfigurations. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "security scan", "security audit", "vulnerability check", "find security issues".
Steedos Server real-time WebSocket system using Socket.IO. Covers the AppGateway (@WebSocketGateway), connection authentication via cookies, room-based event routing (tenant-scoped rooms), subscribe/unsubscribe events, metadata change notifications, record change events, notification broadcasting, and Moleculer event integration for cross-service real-time communication.
Operate Discord HTTP API through UXC with Discord OpenAPI schema. Bot token recommended for full API access including messages and server management. OAuth2 user authentication available for limited profile operations only.
Expert guidance for building conversational AI applications with Chainlit framework in Python. Use when (1) creating chat interfaces for LLM applications, (2) building apps with OpenAI, LangChain, LlamaIndex, or Mistral AI, (3) implementing streaming responses, (4) adding UI elements like images, files, charts, (5) handling user file uploads, (6) implementing authentication (OAuth, password), (7) creating multi-step workflows with visible steps, (8) building RAG applications with document upload, or (9) deploying chat apps to web, Slack, Discord, or Teams.
Build and debug Enable Banking API integrations for account information (AIS), payment initiation (PIS), ASPSP discovery, user sessions, JWT authentication with RSA certificates, sandbox setup, and TypeScript/Node clients. Use when Codex needs to implement Enable Banking request flows, generate or validate bearer JWTs, model Enable Banking schemas, handle PSU redirect callbacks, fetch accounts/balances/transactions, create payments, or troubleshoot Enable Banking API errors.
Implement and troubleshoot Sweden-specific Enable Banking behavior for Swedish ASPSPs, BankID/Mobile BankID SCA, personnummer/Swedish SSN handling, redirect and decoupled authentication, Swedish domestic SEK payments, SEPA EUR payments, Bankgirot/OCR/remittance rules, Swedish business account authorization, sandbox availability, and ASPSP-specific quirks for Swedbank, SEB, Handelsbanken, Nordea, Länsförsäkringar Bank, Danske Bank, and American Express. Use when Codex needs country-specific Open Banking guidance for Sweden.
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.
Use when adding Auth0 login, logout, and callback handling to Java Servlet web applications - integrates com.auth0:mvc-auth-commons SDK for server-side Java apps using javax.servlet with session-based authentication. Triggers on AuthenticationController, AuthorizeUrl, Tokens, IdentityVerificationException, Java MVC auth.
Expert in end-to-end testing with Playwright, the modern cross-browser testing framework. Specializes in test generation, page object patterns, visual regression testing, and CI/CD integration. Handles complex testing scenarios including authentication flows, API mocking, and mobile emulation.