Loading...
Loading...
Found 2,234 Skills
Iterative UI/UX polishing workflow for web applications. Use when improving visual polish, refining desktop and mobile UX separately, running iterative enhancement cycles, applying design patterns like glassmorphism or bento grids, or auditing accessibility and WCAG compliance. Use for Stripe-level visual quality, responsive optimization, and design system alignment.
Database security auditor specialized in Row Level Security (RLS) enforcement, Zero-Trust database architecture, and forensic audit trails. Covers Supabase RLS policies, Postgres security, Convex auth guards, PGAudit configuration, JIT access controls, and database-specific compliance validation. Use when auditing database access policies, implementing RLS in Supabase or Postgres, configuring Convex auth guards, setting up audit logging, reviewing database security, or validating database-level compliance requirements.
TanStack Config for shared build tooling, Vite plugins, and package configuration across TanStack projects. Use when configuring TanStack library builds or contributing to TanStack packages. Use for tanstack-config, tanstack-cli, vite-plugin, package-config, library-build.
TanStack Table v8 headless data tables for React. Covers column definitions, sorting, filtering (fuzzy/faceted), server-side pagination with TanStack Query, infinite scroll, virtualization (TanStack Virtual), column/row pinning, row expanding/grouping, column resizing, and reusable Shadcn-styled components. Prevents 15 documented errors including infinite re-renders, React Compiler incompatibility, and server-side state mismatches. Use when building data tables, fixing table performance, implementing server-side pagination, adding filtering/sorting, or debugging table state issues.
Pino high-performance JSON logger for Node.js with worker thread transports, child loggers, redaction, and framework integrations. Use when setting up structured logging, configuring log transports, adding request correlation IDs, redacting sensitive data, or integrating with Fastify, Hono, or Express. Use for pino, logging, structured-logs, request-id, correlation, redaction, transports, pino-http, pino-pretty.
Advanced TypeScript patterns for strict mode development. Covers type utilities (Pick, Omit, Partial, Record, Awaited), generics with constraints and inference, type guards and narrowing, discriminated unions, conditional and mapped types, template literal types, const assertions, satisfies operator, module patterns, and modern JavaScript idioms (eslint-plugin-unicorn). Use when building type-safe APIs, preventing runtime errors through types, working with strict TypeScript configuration, debugging complex type errors, or enforcing modern JS idioms. Use for generics, type guards, utility types, strict mode, type inference, narrowing, type safety, const assertions, satisfies, module augmentation, unicorn, for-of, modern-js.
Application security covering threat modeling (STRIDE), OWASP Top 10 (2025), OWASP API Security Top 10 (2023), secure coding review, authentication/authorization patterns, input validation, encryption, security headers, supply chain security, compliance (GDPR/HIPAA/SOC2/PCI-DSS), and security monitoring. Use when reviewing code for vulnerabilities, implementing auth patterns, securing APIs, configuring security headers, hardening supply chain, preventing injection attacks, or preparing for compliance audits.
Vite build tool configuration and ecosystem. Covers vite.config.ts setup, plugin authoring and popular plugins, dev server configuration (proxy, HMR, HTTPS), build optimization (chunking, tree-shaking, manual chunks, rollupOptions), library mode for publishing packages, SSR configuration, environment variables (.env handling), multi-page apps, CSS handling (PostCSS, CSS modules, preprocessors), and asset handling. Use when configuring Vite projects, authoring Vite plugins, optimizing builds, setting up dev server proxies, configuring SSR, handling environment variables, or troubleshooting Vite issues.
Build WCAG 2.2 AA compliant interfaces with semantic HTML, ARIA, keyboard navigation, focus management, color contrast, and screen reader support. Covers forms, dialogs, tabs, live regions, skip links, alt text, and data tables. Use when implementing accessible UIs, auditing WCAG compliance, fixing screen reader issues, keyboard navigation, focus traps, or troubleshooting "focus outline missing", "aria-label required", "insufficient contrast", "missing alt text", "heading hierarchy".
Coding rules generator — Extract and generate coding-rules.md from project conventions. Scans CLAUDE.md, AGENTS.md, config files, existing source code, and installed skills to produce a unified coding-rules.md that spec-implement uses as a quality gate. English triggers: "Generate coding rules", "Create coding-rules.md", "Extract project rules" 日本語トリガー: 「コーディングルールを生成」「coding-rules.mdを作成」「プロジェクトルールを抽出」
Build responsive HTML emails with React Email components. Covers email structure (Html, Head, Body, Container), content components (Text, Heading, Button, Link, Img), layout (Section, Row, Column), styling with inline CSS and Tailwind, custom fonts, preview text, and rendering to HTML. Use when creating transactional emails, marketing templates, or email design systems. Use for email rendering, preview, Tailwind email styling, and provider integration with Resend, Nodemailer, or SendGrid.
Self-hosted TypeScript auth framework with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Supports Drizzle/Prisma/Kysely adapters. Self-hosted alternative to Clerk/Auth.js. Use when: configuring auth, adding plugins, social OAuth, multi-tenant SaaS, organizations with teams and RBAC, two-factor authentication (TOTP/OTP/backup codes), email verification, password reset flows, session management, rate limiting, CSRF and cookie security, Expo/mobile, D1 adapter errors, TanStack Start integration, additionalFields bugs, admin plugin, migrating from NextAuth, migrating from Clerk, migrating from Supabase Auth, or troubleshooting auth issues.