Loading...
Loading...
Found 247 Skills
GitHub Actions security review for workflow exploitation vulnerabilities. Use when asked to "review GitHub Actions", "audit workflows", "check CI security", "GHA security", "workflow security review", or review .github/workflows/ for pwn requests, expression injection, credential theft, and supply chain attacks. Exploitation-focused with concrete PoC scenarios.
GitHub operations expert for PRs, issues, code review, Actions, and gh CLI
Prepare, publish, and automate releases for npm packages, especially scoped packages that need package.json fixes, publish scripts, npm dry-run checks, `.env`-managed `NPM_TOKEN` handling, npm org token setup, GitHub Actions secrets, semantic-release workflows, npmjs.org publishing, GitHub Packages publishing, GitHub Releases, or release troubleshooting. Use when Codex needs to make a repo publish-ready, verify what npm will ship, configure automated publishing, or diagnose failures involving package contents, registry auth, 2FA, tokens, tags, changelogs, GitHub Actions, or semantic-release.
GitHub Actions YAML with embedded output contract: security-first, minimal permissions, version pinning. For CI, release, PR checks. Differs from generic templates by spec compliance and auditability.
Vercel deployment and CI/CD expert guidance. Use when deploying, promoting, rolling back, inspecting deployments, building with --prebuilt, or configuring CI workflow files for Vercel.
Build a fully automated AI-powered data collection agent for any public source — job boards, prices, news, GitHub, sports, anything. Scrapes on a schedule, enriches data with a free LLM (Gemini Flash), stores results in Notion/Sheets/Supabase, and learns from user feedback. Runs 100% free on GitHub Actions. Use when the user wants to monitor, collect, or track any public data automatically.
Agent skill for workflow-automation - invoke with $agent-workflow-automation
Helps create, configure, and deploy Azure Static Web Apps using the SWA CLI. Use when deploying static sites to Azure, setting up SWA local development, configuring staticwebapp.config.json, adding Azure Functions APIs to SWA, or setting up GitHub Actions CI/CD for Static Web Apps.
gh, vercel, supabase, render CLI and deployment platform setup
Add Vitest testing infrastructure and GitHub Actions CI/CD to any TypeScript project. Supports Next.js, NestJS, and React projects with 80% coverage thresholds. Use this skill when setting up tests for a new project or adding CI/CD pipelines.
Automates releases and package publishing with changesets or semantic-release. Handles versioning, changelog generation, git tags, and release notes. Use for "release automation", "semantic versioning", "package publishing", or "changelog generation".
Comprehensive markdown linting guidance using markdownlint-cli2. Run, execute, check, and validate markdown files. Fix linting errors (MD0XX rules). Configure .markdownlint-cli2.jsonc (rules and ignores). Set up VS Code extension and GitHub Actions workflows. Supports markdown flavors including GitHub Flavored Markdown (GFM) and CommonMark. Use when working with markdown files, encountering validation errors, configuring markdownlint, setting up linting workflows, troubleshooting linting issues, establishing markdown quality standards, or configuring flavor-specific rules for tables, task lists, and strikethrough.