Loading...
Loading...
Found 2,576 Skills
Use this skill when managing Linux servers, writing shell scripts, configuring systemd services, debugging networking, or hardening security. Triggers on bash scripting, systemd units, iptables, firewall, SSH configuration, file permissions, process management, cron jobs, disk management, and any task requiring Linux system administration.
Use this skill when auditing AI agent skills for security vulnerabilities, prompt injection, permission abuse, supply chain risks, or structural quality. Triggers on skill review, security audit, skill safety check, prompt injection detection, skill trust verification, skill quality gate, and any task requiring security analysis of AI agent skill files.
Research and analyze tokens on supported blockchains: search tokens by keyword, get token details (price, market cap, volume, supply), run security audits (honeypot, mint risk, proxy, tax), list DEX liquidity pools, view top holders, find smart money traders, and retrieve K-line candlestick chart data. Trigger words: token, coin, search token, find token, look up token, token info, token details, token data, token price, price of, how much is, what is the price, market cap, market capitalization, volume, trading volume, supply, total supply, circulating supply, FDV, fully diluted valuation, token security, security audit, is it safe, honeypot, rug pull, mint risk, proxy contract, buy tax, sell tax, token pools, liquidity pools, DEX pools, trading pools, LP, liquidity, token holders, top holders, who holds, whale holders, holder distribution, token traders, smart money, smart traders, KOL traders, top traders, candles, candlestick, K-line, kline, price chart, price history, OHLCV, token analysis, token research, due diligence, DYOR, check token. Chinese: 代币, 搜索代币, 查代币, 代币信息, 代币详情, 代币价格, 价格多少, 市值, 交易量, 总供应量, 代币安全, 安全审计, 是否安全, 蜜罐, 貔貅, 池子, 流动性, 持有者, 大户, 鲸鱼, 交易者, 聪明钱, K线, 蜡烛图, 价格走势. CRITICAL: Always use `--json` flag for structured output. CRITICAL: When user asks about token safety, ALWAYS run `token security` — do not guess. Do NOT use this skill for: - Trending token rankings or new token discovery → use liberfi-market - Wallet holdings, activity, or PnL stats → use liberfi-portfolio - Swap quotes, trade execution, or transaction broadcast → use liberfi-swap - General market trends without a specific token → use liberfi-market Do NOT activate on vague single-word inputs like "token" or "coin" without additional context specifying a search query, chain, or address.
Validate and sanitize user input to prevent XSS, injection attacks, and ensure data quality. Use this skill when you need to validate forms, sanitize user input, prevent cross-site scripting, use Zod schemas, or handle any user-generated content. Triggers include "input validation", "validate input", "XSS", "cross-site scripting", "sanitize", "Zod", "injection prevention", "validateRequest", "safeTextSchema", "user input security".
Complete security remediation workflow. Scans code for vulnerabilities using Snyk, fixes them, validates the fix, and optionally creates a PR. Supports both single-issue and batch mode for multiple vulnerabilities. Use this skill when: - User asks to fix security vulnerabilities - User mentions "snyk fix", "security fix", or "remediate vulnerabilities" - User wants to fix a specific CVE, Snyk ID, or vulnerability type (XSS, SQL injection, path traversal, etc.) - User wants to upgrade a vulnerable dependency - User asks to "fix all" vulnerabilities or "fix all high/critical" issues (batch mode)
iOS pentesting playbook. Use when testing iOS applications for keychain extraction, URL scheme hijacking, Universal Links exploitation, runtime manipulation, binary protection analysis, data storage issues, and transport security bypass during authorized mobile security assessments.
Check any AI agent codebase against the OWASP Agentic Security Initiative (ASI) Top 10 risks. Use this skill when: - Evaluating an agent system's security posture before production deployment - Running a compliance check against OWASP ASI 2026 standards - Mapping existing security controls to the 10 agentic risks - Generating a compliance report for security review or audit - Comparing agent framework security features against the standard - Any request like "is my agent OWASP compliant?", "check ASI compliance", or "agentic security audit"
Guides discovery and documentation of Solana DeFi protocol risks from public code and chain state—Anchor/native programs, PDAs, CPIs, oracles, pools, SPL mechanics, and historical tx reconstruction. Use when the user asks for Solana program security review, DeFi vulnerability triage, PDA or CPI safety, oracle or liquidity-pool risk, launchpad/bonding-curve issues, or evidence-backed severity findings without exploits or private keys.
Use when researching, compiling, or assessing best practices for any AWS service, building HA/DR/security checklists from official AWS documentation, or checking whether live AWS resources follow official recommendations. Requires aws-knowledge-mcp-server. Triggers on "best practices", "compile checklist", "summarize HA/DR best practices", "what are the best practices for", "find all best practices", "check my cluster", "audit my redis", "assess my redis", "assessment", "是否符合最佳实践", "检查现有资源", "查找最佳实践", "编译检查清单", "总结最佳实践", "帮我查找", "汇总成表", "帮我检查", "审计一下", "评估一下".
Routes Snowflake-related operations to Cortex Code CLI for specialized Snowflake expertise. Use when user asks about Snowflake databases, data warehouses, SQL queries on Snowflake, Cortex AI features, Snowpark, dynamic tables, data governance in Snowflake, Snowflake security, or mentions "Cortex" explicitly. Do NOT use for general programming, local file operations, non-Snowflake databases, web development, or infrastructure tasks unrelated to Snowflake.
Generates correct, deployable Salesforce permission set metadata (PermissionSet XML) with object, field, user, and app permissions. Use this skill when creating or editing permission set metadata, object permissions, field-level security (FLS), tab visibility, or deploying permission sets.
Plan, create, and configure production-ready Google Kubernetes Engine (GKE) clusters using the golden path Autopilot configuration. Covers Day-0 checklist, Autopilot vs Standard, networking (private clusters, VPC-native, Gateway API), security (Workload Identity, Secret Manager, RBAC hardening), observability, scaling, cost optimization, and AI/ML inference. WHEN: create GKE cluster, provision GKE environment, design GKE networking, secure GKE, optimize GKE cost, GKE autoscaling, GKE inference, GKE upgrade, GKE observability, GKE multi-tenancy, GKE batch, GKE HPC, GKE compute class.