Loading...
Loading...
Found 845 Skills
Best practices and guidelines for Turbopack, the Rust-powered incremental bundler for Next.js and modern web development
Insecure deserialization playbook. Use when Java, PHP, or Python applications deserialize untrusted data via ObjectInputStream, unserialize, pickle, or similar mechanisms that may lead to RCE, file access, or privilege escalation.
Stack-aware review for local diffs, pull requests, and repository-wide audits. Routes review across shared policy plus language packs for TypeScript frontend, TypeScript backend/Bun, Go, Rust, and Python. Use after implementation, before merge, or when auditing an existing codebase.
Use this skill whenever performing security threat modeling, attack surface mapping, or trust boundary analysis on a codebase. Triggers on 'threat model', 'security review', 'attack surface', 'trust boundaries', or when assessing a project's security posture. Also trigger when the user is about to build security-sensitive features (auth, crypto, file I/O, network services, native bridges) and needs to understand the threat landscape first — even if they don't explicitly say "threat model." Also triggers on 'what changed' or 'diff analysis' for incremental security review of recent commits.
Evaluate source credibility using primary/secondary classification, internal/external criticism, triangulation, and misinformation detection. Use this skill when the user needs to assess whether information is trustworthy, evaluate research sources, fact-check claims, or detect misinformation — even if they say 'can I trust this source', 'is this real', 'how reliable is this data', or 'fact-check this for me'.
Combine multiple forecasting models into ensemble predictions for improved accuracy. Use this skill when the user needs to improve forecast reliability, combine ARIMA/Prophet/ETS outputs, or build a robust forecasting pipeline — even if they say 'combine forecasts', 'model averaging', or 'which forecast should I trust'.
Apply vertical (domain-first) codebase architecture to any project. Use this skill whenever a user asks where to put a file, how to structure a codebase, how to organize code by feature or domain, how to refactor a "horizontal" structure (components/, hooks/, utils/, types/), or asks about code colocation, monorepo boundaries, shared code, or module ownership. Also trigger when the user creates a new module and needs to decide where it belongs, or when reviewing a PR that touches file organization. Works for any language or framework (Python, TypeScript, Go, Rust, etc.) — not just React or frontend.
Structural validation and damage systems for Three.js building games. Use when implementing building stability (Fortnite/Rust/Valheim style), damage propagation, cascading collapse, or realistic physics simulation. Supports arcade, heuristic, and realistic physics modes.
Orchestrates the Security Ecosystem by running security-auditor and adaptive-guard in the correct order. Manages audit phases, trust scoring, guard activation, incident response, and calibration. Trigger on 'security orchestrator', 'run security', 'audit and guard', or 'security workflow'.
Stop being a "nice" manager. Learn Kim Scott's framework for caring personally while challenging directly—the combination that builds trust and drives performance. Use when: **Giving feedback** (positive or constructive); **Building trust** with direct reports; **Performance conversations** that need to happen; **Team culture building** for high performance; **New manager development** learning to have hard conversations
Grafana Pyroscope continuous profiling platform. Covers instrumentation of Go/Java/Python/Ruby/Node.js/ .NET/Rust apps via SDKs or eBPF (Alloy), flame graph analysis, ProfileQL queries, server configuration and architecture, Grafana Cloud Profiles integration, and trace-profile linking (Span Profiles). Use when working with profiling data, instrumenting apps for Pyroscope, analyzing performance profiles, or deploying Pyroscope server.
Generate a comprehensive, structured learning guide for any technical topic or technology. Use this skill whenever a user wants to learn a new technology, programming language, framework, tool, or concept — even if they phrase it casually (e.g., "teach me Rust", "how do I get started with Kubernetes", "I want to learn React", "help me understand GraphQL", "give me a roadmap for learning Docker"). This skill covers concept identification and categorization, weekly study schedules, local dev setup, concept explanations with examples, exercises, popular libraries, project ideas, and resources. Trigger for any "how do I learn X", "roadmap for X", "getting started with X", "study plan for X", or "teach me X" request — even if they don't explicitly ask for a guide or roadmap.