Total 39,578 skills
Showing 12 of 39578 skills
Behavioral guardrails for Cavekit agents. Four principles — think before coding, simplicity first, surgical changes, goal-driven execution — that prevent over-engineering, silent assumptions, scope creep, and unfocused work. Every task-builder, reviewer, planner, and inspector must internalize these before writing a single line. Trigger phrases: "guardrails", "karpathy", "scope creep", "over-engineering", "stop adding features", "surgical fix".
Technical UI audit — a11y, performance, responsive. Produces a prioritized findings table. Invoke when the user asks for audit on their UI, or mentions 'audit' alongside design / UI / frontend work.
Homerun integration. Manage data, records, and automate workflows. Use when the user wants to interact with Homerun data.
Add or fix motion. Honors MOTION_INTENSITY and loads the stack reference if opted in. Invoke when the user asks for animate on their UI, or mentions 'animate' alongside design / UI / frontend work.
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
How to write Cavekit-quality kits that AI agents can consume effectively. Covers implementation-agnostic cavekit design, testable acceptance criteria, hierarchical structure, cross-referencing, cavekit templates, greenfield and rewrite patterns, cavekit compaction, and gap analysis. Trigger phrases: "write kits", "create kits", "cavekit this out", "define requirements for agents", "how to write kits for AI"
Extract and catalog attack patterns from cyber threat intelligence reports into a structured STIX-based library mapped to MITRE ATT&CK for detection engineering and threat-informed defense.
Conducts security testing of REST, GraphQL, and gRPC APIs to identify vulnerabilities in authentication, authorization, rate limiting, input validation, and business logic. The tester uses the OWASP API Security Top 10 as the testing framework, combining Burp Suite interception with Postman collections and custom scripts to test endpoint security at every privilege level. Activates for requests involving API security testing, REST API pentest, GraphQL security assessment, or API vulnerability testing.
Fetches trending skills directly from skills.sh, generates statistics, and creates a trend summary. Optimized for ultra-fast, direct execution without complex setup.
GoPay integration. Manage data, records, and automate workflows. Use when the user wants to interact with GoPay data.
Debug and inspect PostHog implementations on any website. Use this skill when a user wants to understand how PostHog is implemented on a page, troubleshoot tracking issues, verify configuration, check what events are being sent, or audit a PostHog setup. Works with Chrome DevTools MCP and Playwright MCP to inspect live websites.
PostHog integration for static Astro sites using SSG