Loading...
Loading...
Found 207 Skills
Build PHPStan rules, collectors, and extensions that analyze PHP code for custom errors. Use when asked to create, modify, or explain PHPStan rules, collectors, or type extensions. Triggers on requests like "write a PHPStan rule to...", "create a PHPStan rule that...", "add a PHPStan rule for...", "write a collector for...", or when working on a phpstan extension package.
Autonomous white-box AI pentester for web applications and APIs using source code analysis and live exploit execution
Runs full trailmark structural analysis with all pre-analysis passes (blast radius, taint propagation, privilege boundaries, complexity hotspots). Use when vivisect needs detailed structural data for a target. Triggers: structural analysis, blast radius, taint analysis, complexity hotspots.
Comprehensive Go backend code review with optional parallel agents
This skill MUST be used for semantic Rust navigation and analysis: resolving definitions across crate boundaries, finding all references to a symbol, inspecting inferred types or trait implementations, searching symbols by name, and renaming symbols safely. SHOULD be preferred over grep or file reads whenever the task requires Rust-aware understanding.
Semgrep integration. Manage Rules, Scans. Use when the user wants to interact with Semgrep data.
Analyzes PHP code for SSRF vulnerabilities. Detects unvalidated URLs, internal network access, DNS rebinding, cloud metadata access, URL parsing bypass attempts.
Official GitHub MCP Server for AI-powered repository management, issue/PR automation, CI/CD monitoring, and code analysis through natural language
Performs AI-powered code review on Git changes using the `ocr` CLI from alibaba/open-code-review. Use when the user asks to review code, review a pull request, review staged/unstaged changes, review a commit, or compare branches for code quality issues. Produces line-level review comments and can automatically apply fixes when requested. With appropriate review rules, can detect various types of issues including bugs, security vulnerabilities, performance problems, and code quality concerns.
Mandatory analysis workflow for understanding codebase before changes
Deep contextual grep for codebases. Expert at finding patterns, architectures, implementations, and answering "Where is X?", "Which file has Y?", and "Find code that does Z" questions. Use when exploring unfamiliar codebases, finding specific implementations, understanding code organization, discovering patterns across multiple files, or locating functionality in a project. Supports three thoroughness levels quick, medium, very thorough.
Android APK decompiler that converts DEX bytecode to readable Java source code. Use when you need to decompile APK files, analyze app logic, search for vulnerabilities, find hardcoded credentials, or understand app behavior through readable source code.