Loading...
Loading...
Found 69 Skills
Debug Rails issues systematically. Use when encountering ActiveRecord errors like RecordNotFound, routing issues, N+1 query problems detected by Bullet, asset pipeline issues, migration failures, gem conflicts, ActionController errors, CSRF token problems, or any Ruby on Rails application errors requiring diagnosis.
Debug Django web applications with systematic diagnostic approaches. This skill covers troubleshooting Django-specific errors including TemplateDoesNotExist, ImproperlyConfigured, IntegrityError, migration conflicts, CSRF failures, N+1 query problems, and circular imports. Includes Django Debug Toolbar setup, ORM query logging, pdb/ipdb usage, shell_plus debugging, and comprehensive logging configuration. Provides four-phase methodology for root cause analysis and regression prevention.
Refactor Flask code to improve maintainability, readability, and adherence to best practices. This skill transforms Flask applications using the application factory pattern, Blueprint organization, and service layer separation. It addresses fat route handlers, missing error handling, improper context local usage, and security issues. Apply when you notice global app instances, routes without Blueprints, business logic in handlers, or missing CSRF protection.
Test automate security vulnerability testing covering OWASP Top 10, SQL injection, XSS, CSRF, and authentication issues. Use when performing security assessments, penetration tests, or vulnerability scans. Trigger with phrases like "scan for vulnerabilities", "test security", or "run penetration test".
Security audit checklist based on OWASP Top 10 and best practices. Covers authentication, injection, XSS, CSRF, secrets management, and more. Use when reviewing security, before deploy, asking "is this secure", "security check", "vulnerability".
Skill for enhancing search optimization (SEO) and security. Covers meta tags, semantic HTML, and security vulnerability checks. Use proactively when user asks about search ranking, security hardening, or vulnerability fixes. Triggers: SEO, security, meta tags, XSS, CSRF, 보안, セキュリティ, 安全, seguridad, etiquetas meta, optimización de búsqueda, sécurité, balises méta, optimisation pour les moteurs de recherche, Sicherheit, Meta-Tags, Suchmaschinenoptimierung, sicurezza, tag meta, ottimizzazione per i motori di ricerca Do NOT use for: backend-only APIs, internal tools, or basic development setup.
Ultimate 25+ years expert-level backend skill covering FastAPI, Express, Node.js, Next.js with TypeScript. Includes ALL databases (PostgreSQL, MongoDB, Redis, Elasticsearch), ALL features (REST, GraphQL, WebSockets, gRPC, Message Queues), comprehensive security hardening (XSS, CSRF, SQL injection, authentication, authorization, rate limiting), complete performance optimization (caching, database tuning, load balancing), ALL deployment strategies (Docker, Kubernetes, CI/CD), advanced patterns (microservices, event-driven, saga, CQRS), ALL use cases (e-commerce, SaaS, real-time, high-traffic), complete testing (unit, integration, E2E, load, security). Route protection, middleware, authentication implementation in PERFECTION. Use for ANY backend system requiring enterprise-grade security, performance, scalability, and architectural excellence.
Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.
Performs security audits and vulnerability assessments on Ruby on Rails application code. Use when reviewing Rails code for security risks, assessing authentication or authorization, auditing parameter handling, redirects, file uploads, secrets management, or checking for XSS, CSRF, SSRF, SQL injection, and other common vulnerabilities.
Maintain JSONL-only profiler performance test cases under csrc/ops/<op>/test in ascend-kernel. Collect data using torch_npu.profiler (with fixed warmup=5 and active=5), aggregate the Total Time(us) from ASCEND_PROFILER_OUTPUT/op_statistic.csv, and output a unified Markdown comparison report (custom operator vs baseline) that includes a DType column. Do not generate perf_cases.json or *_profiler_results.json. Refer to examples/layer_norm_profiler_reference/ for the reference implementation.
Apply Spatie's security guidelines when configuring applications, databases, or servers, or when reviewing code for security concerns; use for SSL setup, CSRF protection, password hashing, database permissions, and server hardening.
Use when implementing authentication with Better Auth in a TypeScript/Next.js app (session strategy, providers, cookies, CSRF, redirects, middleware, and security best practices).