Loading...
Loading...
Found 282 Skills
GraphQL API design. Covers schema, queries, mutations, and resolvers. Use when building or consuming GraphQL APIs. USE WHEN: user mentions "GraphQL", "schema definition", "resolvers", "mutations", "queries", "DataLoader", "N+1 problem", asks about "how to design GraphQL API", "GraphQL schema", "GraphQL authentication", "GraphQL pagination", "Apollo Server" DO NOT USE FOR: REST APIs - use `rest-api` instead; tRPC - use `trpc` instead; GraphQL code generation - use `graphql-codegen` instead
Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated user can access or modify resources belonging to other users by manipulating object identifiers in API requests. The tester intercepts API calls, identifies object ID parameters (numeric IDs, UUIDs, slugs), and systematically replaces them with IDs belonging to other users to determine if the server enforces per-object authorization. This is OWASP API Security Top 10 2023 risk API1. Activates for requests involving BOLA testing, IDOR in APIs, object-level authorization testing, or API access control bypass.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for GraphQL schemas, persisted queries, RPC manifests, generated clients, OpenAPI drift, hidden operations, and contract-to-handler mismatches. Use when the user asks to inspect GraphQL or RPC requests, compare client contracts to live handlers, recover hidden operations, trace generated clients, or explain how schema or contract drift produces the decisive behavior. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
Linear project-management CLI for the terminal. Manage issues, projects, cycles, teams, initiatives, roadmaps, and customer records via the Linear GraphQL API with offline-capable SQLite sync. Use when the user asks about their Linear issues, wants today's queue, sprint velocity, team workload, bottlenecks, duplicate / stale / orphaned issues, release pipelines, or wants to create, update, or search Linear items from the terminal. Offline search and analytics work without an API round-trip after a one-time sync.
API design specialist for REST, GraphQL, gRPC, versioning strategies, and developer experienceUse when "api design, rest, graphql, grpc, openapi, swagger, versioning, pagination, rate limiting, endpoint, api, rest, graphql, grpc, openapi, swagger, versioning, pagination, rate-limiting, ml-memory" mentioned.
Insomnia API client for REST and GraphQL. Use for API testing.
Use when implementing GraphQL resolvers with resolver functions, context management, DataLoader batching, error handling, authentication, and testing strategies.
Complete Shopify development reference for Liquid templating, theme development (OS 2.0), GraphQL Admin API, Storefront API, custom app development, Shopify Functions, Hydrogen, performance optimisation, and debugging. Use when working with .liquid files, creating theme sections and blocks, writing GraphQL queries or mutations for Shopify, building Shopify apps with CLI and Polaris, implementing cart operations via Ajax API, optimising Core Web Vitals for Shopify stores, debugging Liquid or API errors, configuring settings_schema.json, accessing Shopify objects (product, collection, cart, customer), using Liquid filters, creating app extensions, working with webhooks, migrating from Scripts to Functions, or building headless storefronts with Hydrogen and React Router 7. Covers API version 2026-01.
Generate type-safe React Query hooks, Prisma-like ORM client, or inquirerer-based CLI from GraphQL endpoints, schema files/directories, databases, or PGPM modules using @constructive-io/graphql-codegen. Also generates documentation (README, AGENTS.md, skills/, mcp.json). Use when asked to "generate GraphQL hooks", "generate ORM", "generate CLI", "set up codegen", "generate docs", "generate skills", "export schema", or when implementing data fetching for a PostGraphile backend.
Shopify platform development. Stack: Shopify CLI, GraphQL/REST APIs, Polaris UI, Liquid templating. Capabilities: app development (OAuth), checkout UI extensions, admin UI extensions, POS extensions, theme development, webhooks, billing API, product/order/customer management. Actions: build, extend, customize, integrate Shopify apps/themes. Keywords: Shopify, Shopify CLI, GraphQL Admin API, REST API, Polaris, Liquid, checkout extension, admin extension, POS extension, theme, webhook, billing API, OAuth, app bridge, metafields, product, order, customer, storefront, hydrogen, oxygen. Use when: building Shopify apps, customizing checkout, creating admin interfaces, developing themes, integrating payments, managing store data via APIs, extending Shopify functionality.
Execute Shopify Admin API calls via GraphQL in Shopify Remix apps. Use when querying or mutating Shopify data (customers, orders, products, shop, segments, subscriptions), when writing GraphQL for the Admin API, or when handling throttling and retries.
Erstellt und optimiert GraphQL-Queries und Mutations fuer das microtech ERP-System buero+. Deckt den gesamten ERP-Datenbestand ab: Artikel, Warengruppen, Stuecklisten, Adressen mit Anschriften und Ansprechpartnern, Vorgaenge (Angebote, Auftragsbestaetigungen, Lieferscheine, Rechnungen, Gutschriften, Bestellungen), Vorgangspositionen, offene Posten, Lagerbestaende, Projekte, Dokumente (DMS), Kalender, Kontakte, Kontenplan, Zahlungsverkehr und SEPA-Mandate. Unterstuetzt Lesen, Anlegen, Aendern, Loeschen, Buchen (fnPost), Stornieren (fnReverse), Wandeln (fnConvert), Archivieren sowie ERP-Parametertabellen (Vorgangsarten, Steuerschluessel, Zahlungsbedingungen, Einheiten, Versandarten, Waehrungen, Mahnstufen, Adressstatus, Projektstatus, Dokumentenarten, Kommunikationsarten u.v.m.). Verwende diesen Skill wenn der Nutzer mit microtech ERP oder buero+ arbeiten will, ERP-Daten abfragen, Belege erstellen oder verarbeiten will, oder microtech-spezifische Begriffe wie tbl, fld, fnPost, fnConvert, rowRead, rowNew, rowSave, acoGPreis, lnkPostalAddresses, @acquireLocks erwaehnt. NICHT verwenden fuer andere ERP-Systeme (SAP, Shopify, Odoo, Dynamics), allgemeine SQL/Datenbank-Fragen oder generische GraphQL-Schemas ohne microtech-Bezug.