Loading...
Loading...
Found 81 Skills
TypeScript best practices, type safety, and toolchain standards. Use when: - Writing or reviewing TypeScript code - Setting up TypeScript projects or tsconfig - Choosing state management patterns - Configuring build tools (tsup, Vitest) - Avoiding type gymnastics or any-abuse Keywords: TypeScript, tsconfig, strict mode, no-any, pnpm, Vitest, tsup, TanStack Query, discriminated unions, type safety, ESLint
Use this skill when the user wants to check if their system is affected by the axios npm supply chain attack (March 31, 2026), scan for malicious axios versions (1.14.1, 0.30.4), check for malware artifacts, or audit package manager security settings (pnpm, npm, bun, yarn) for protections against supply chain attacks. Trigger on phrases like "axios vulnerability", "axios supply chain", "check if affected by axios", "scan for axios malware", or "package manager security audit".
Use when scaffolding a new repository (public or private) to the Patina Project baseline, when realigning an existing repository with that baseline, or when auditing or adding commit conventions, PR templates, husky + commitlint, PNPM tooling, release-please, agent docs (AGENTS.md, CLAUDE.md), or AI agent plugin manifests for Claude Code, Codex, Cursor, Windsurf, and Copilot. Triggers on phrases like "scaffold this repo", "scaffold a Patina plugin", "realign with the baseline", "audit our repo conventions", "set up commitlint and husky", or "add Codex/Cursor/Windsurf surfaces".
Adopt Prisma Next into a new project, onto an existing database, or as the first move after a bootstrap tool dropped you into a scaffold. Use for "what can I do with Prisma Next", "what can I do next with Prisma", "where do I start", "what should I do first", "just ran createprisma", "createprisma", "npx createprisma", "npx create-prisma", "first steps", "first query", "I have a scaffolded Prisma Next project what now"; for `pnpm dlx prisma-next init` greenfield setup; and for `prisma-next contract infer` + `db sign` against an existing database. Also covers the connect-write-read first-arc orientation, the day-to-day commands (`contract emit`, `db init`, `db update`, `migration plan`, `migrate`, `db schema`, `db verify`), and routing to `prisma-next-contract` / `prisma-next-queries` / `prisma-next-runtime` for the next move. Flags: --target, --authoring, --schema-path, --probe-db, --output.
Audit and reduce JavaScript package dependency footprint across npm, pnpm, Yarn, and Bun projects. Use when asked to remove unused dependencies, deduplicate workspace dependency versions, lockfiles or node_modules, analyze direct dependencies' transitive lockfile closure, find low-risk upgrades that reduce dependency trees, inline trivial dependencies, or apply e18e dependency replacement recommendations.
Audit and fix npm supply-chain security issues in the current repo. Detects the package manager, checks for missing protections (lockfile, lifecycle script blocking, release-age cooldown, pnpm exotic subdeps/trust policy, Yarn Berry hardened mode), presents findings, and applies fixes after user confirmation. Supports npm, pnpm, Yarn, Bun, and Aube. Use when asked to "harden npm", "fix supply chain", "secure dependencies", or "audit npm security".
Refatore apps ou sites setoriais de qualquer tecnologia de origem para o padrão do repositório Elinsa. Use ao migrar projetos externos, legados, protótipos, HTML/CSS/JS puro, jQuery, Vue, Angular, React/Vite, PHP, Laravel, WordPress, templates server-side, sistemas de almoxarifado, formulários de pedidos ou ferramentas internas para Node 26+, pnpm, Next.js 16+ App Router, React Server Components, Tailwind 4+, Biome, shadcn/radix no preset Elinsa, React Hook Form, Zod, Better Auth e Drizzle ORM com PostgreSQL. Use também quando o projeto não tiver Git/versionamento, vier de ZIP/pasta local ou tiver sido criado em Lovable/no-code/AI builder: primeiro transforme em repositório GitHub revisável, depois migre para submissão à TI e futura integração como rotas, páginas, APIs ou componentes.
MDX 语法预检查工具。**推荐**:先使用 eslint-mdx 和 prettier 进行基础检查, 再使用本 skill 进行 Fumadocs 特定问题的专项检查(图片文件名、翻译完整性)。 在 article-translator 翻译后、pnpm build 前使用。
Use Bun instead of Node.js, npm, pnpm, or vite. Provides command mappings, Bun-specific APIs, and development patterns.
Hairy's {Opinionated} preferences and best practices for web development
Anthony Fu's opinionated tooling and conventions for JavaScript/TypeScript projects. Use when setting up new projects, configuring ESLint/Prettier alternatives, monorepos, library publishing, or when the user mentions Anthony Fu's preferences.
Import, merge, or combine repositories into an Nx workspace using nx import. USE WHEN the user asks to adopt Nx across repos, move projects into a monorepo, or bring code/history from another repository.