Browse Skills
9063 skills found
sbom-syft.md
4
1
export
sbom-syft
2
from
"AgentSecOps/SecOpsAgentKit"
from
"AgentSecOps/SecOpsAgentKit"
3
Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.
2026-01-05
ux-waiting-audit.md
4
1
export
ux-waiting-audit
2
from
"BayramAnnakov/ux-waiting-audit"
from
"BayramAnnakov/ux-waiting-audit"
3
Audit UX waiting states for web applications with long-running operations (30+ seconds). Use when asked to evaluate, audit, or analyze a product's loading states, wait times, progress indicators, or user experience during slow operations. Requires browser automation (Chrome MCP tools). Generates comprehensive reports with screenshots, checklist evaluation, and prioritized recommendations.
2026-01-05
systematic-debugging.md
4
1
export
systematic-debugging
2
from
"alexanderop/MarkVim"
from
"alexanderop/MarkVim"
3
Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes - four-phase framework (root cause investigation, pattern analysis, hypothesis testing, implementation) that ensures understanding before attempting solutions
2026-01-05
helm-charts-audit.md
4
1
export
helm-charts-audit
2
from
"huseyindeniz/gitops-lab"
from
"huseyindeniz/gitops-lab"
3
Audits Helm charts for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check Helm chart quality. Generates a comprehensive report under reports/YYYY-MM-DD/helm-charts-audit.md. (project)
2026-01-05
hammer-test-suite-generator.md
4
1
export
hammer-test-suite-generator
2
from
"Ronin15/SDL3_HammerEngine_Template"
from
"Ronin15/SDL3_HammerEngine_Template"
3
Generates complete test suite infrastructure (test scripts, functional tests, benchmark tests, output directories, CMake integration) for a new SDL3 HammerEngine system or manager following project conventions. Use when adding a new manager or system that needs testing infrastructure.
2026-01-05
webapp-testing.md
4
1
export
webapp-testing
2
from
"NickCrew/claude-cortex"
from
"NickCrew/claude-cortex"
3
Toolkit for interacting with and testing local web applications using Playwright. Use when verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.
2026-01-05
microsim-standardization.md
4
1
export
microsim-standardization
2
from
"dmccreary/claude-skills"
from
"dmccreary/claude-skills"
3
This skill standardizes MicroSim directories by validating structure, metadata, documentation, and required components against a comprehensive quality checklist. Use this when auditing or upgrading a MicroSim to ensure it meets all documentation and structural standards, including index.md formatting, metadata.json validation, iframe embeds, and p5.js editor links.
2026-01-05
python-testing-patterns.md
4
1
export
python-testing-patterns
2
from
"NickCrew/claude-cortex"
from
"NickCrew/claude-cortex"
3
Python testing patterns and best practices using pytest, mocking, and property-based testing. Use when writing unit tests, integration tests, or implementing test-driven development in Python projects.
2026-01-05
rust-best-practices-guide.md
4
1
export
rust-best-practices-guide
2
from
"mosif16/codex-Skills"
from
"mosif16/codex-Skills"
3
A comprehensive guide to modern Rust best practices covering style, error handling, performance, concurrency, project organization, dependency management, documentation, testing, security, and CI.
2026-01-05
sample-skill.md
4
1
export
sample-skill
2
from
"rp1-run/rp1"
from
"rp1-run/rp1"
3
A sample skill for testing - must be at least 20 characters
2026-01-05
k8s-security.md
4
1
export
k8s-security
2
from
"kcns008/cluster-code"
from
"kcns008/cluster-code"
3
Kubernetes and OpenShift security assessment, hardening, and compliance. Use this skill when:(1) Auditing cluster or workload security posture(2) Implementing Pod Security Standards/Admission(3) Configuring RBAC roles and permissions(4) Setting up NetworkPolicies for zero-trust(5) Managing Secrets securely (encryption, external secrets)(6) Scanning images for vulnerabilities(7) Implementing OCP SecurityContextConstraints(8) Compliance checking (CIS benchmarks, SOC2, PCI-DSS)(9) Security incident investigation(10) Hardening cluster components
2026-01-05
backend-api-patterns.md
4
1
export
backend-api-patterns
2
from
"duyet/duyetbot-agent"
from
"duyet/duyetbot-agent"
3
Backend and API implementation patterns for scalability, security, and maintainability. Use when building APIs, services, and backend infrastructure.
2026-01-05
k8s-troubleshooting.md
4
1
export
k8s-troubleshooting
2
from
"kcns008/cluster-code"
from
"kcns008/cluster-code"
3
Comprehensive Kubernetes and OpenShift cluster health analysis and troubleshooting based on Popeye's issue detection patterns. Use this skill when:(1) Proactive cluster health assessment and security analysis(2) Analyzing pod/container logs for errors or issues(3) Interpreting cluster events (kubectl get events)(4) Debugging pod failures: CrashLoopBackOff, ImagePullBackOff, OOMKilled, etc.(5) Diagnosing networking issues: DNS, Service connectivity, Ingress/Route problems(6) Investigating storage issues: PVC pending, mount failures(7) Analyzing node problems: NotReady, resource pressure, taints(8) Troubleshooting OCP-specific issues: SCCs, Routes, Operators, Builds(9) Performance analysis and resource optimization(10) Security vulnerability assessment and RBAC validation(11) Configuration best practices validation(12) Reliability and high availability analysis
2026-01-05
security-reporter.md
4
1
export
security-reporter
2
from
"jpoley/jp-spec-kit"
from
"jpoley/jp-spec-kit"
3
Use when generating comprehensive security audit reports, analyzing security scan results, calculating security posture, or creating OWASP Top 10 compliance assessments. Invoked for security reporting, vulnerability aggregation, and remediation planning.
2026-01-05
secrets-gitleaks.md
4
1
export
secrets-gitleaks
2
from
"AgentSecOps/SecOpsAgentKit"
from
"AgentSecOps/SecOpsAgentKit"
3
Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.
2026-01-05
manage-entity-tests.md
4
1
export
manage-entity-tests
2
from
"talbenmoshe/zdr-tools"
from
"talbenmoshe/zdr-tools"
3
Create or update test files for TypeScript classes that implement interfaces. Use when user asks to "create tests", "update tests", "generate test file", "fix tests", "test MyClass", or mentions needing tests for a class. Generates vitest test files with describe blocks, createClass helpers, and proper fake dependency injection.
2026-01-05
schema-e2e-validation.md
4
1
export
schema-e2e-validation
2
from
"terrylica/cc-skills"
from
"terrylica/cc-skills"
3
Run Earthly E2E validation for YAML schema contracts. Use when validating YAML schema changes, testing schema contracts against live ClickHouse, or regenerating Python types, DDL, and docs from YAML. For SQL schema design and optimization, use clickhouse-architect skill instead.
2026-01-05
debugging-and-diagnosis.md
4
1
export
debugging-and-diagnosis
2
from
"outfitter-dev/agents"
from
"outfitter-dev/agents"
3
Systematic debugging methodology using evidence-based investigation to identify root causes. Use when encountering bugs, errors, unexpected behavior, failing tests, or intermittent issues. Enforces four-phase framework (root cause investigation, pattern analysis, hypothesis testing, implementation) with the iron law NO FIXES WITHOUT ROOT CAUSE FIRST. Covers runtime errors, logic bugs, integration failures, and performance issues. Useful when debugging, troubleshooting, investigating failures, or when --debug flag is mentioned.
2026-01-05
threat-modeling-techniques.md
4
1
export
threat-modeling-techniques
2
from
"NickCrew/claude-cortex"
from
"NickCrew/claude-cortex"
3
Threat modeling methodologies using STRIDE, attack trees, and risk assessment for proactive security analysis. Use when designing secure systems, conducting security reviews, or identifying potential attack vectors in applications.
2026-01-05
code-quality-workflow.md
4
1
export
code-quality-workflow
2
from
"NickCrew/claude-cortex"
from
"NickCrew/claude-cortex"
3
Use when assessing or improving code quality, maintainability, performance, or security hygiene - provides workflows for analysis, code review, and systematic improvements with validation steps.
2026-01-05
forensics-osquery.md
4
1
export
forensics-osquery
2
from
"AgentSecOps/SecOpsAgentKit"
from
"AgentSecOps/SecOpsAgentKit"
3
SQL-powered forensic investigation and system interrogation using osquery to query operating systems as relational databases. Enables rapid evidence collection, threat hunting, and incident response across Linux, macOS, and Windows endpoints. Use when: (1) Investigating security incidents and collecting forensic artifacts, (2) Threat hunting across endpoints for suspicious activity, (3) Analyzing running processes, network connections, and persistence mechanisms, (4) Collecting system state during incident response, (5) Querying file hashes, user activity, and system configuration for compromise indicators, (6) Building detection queries for continuous monitoring with osqueryd.
2026-01-05
local-setup.md
4
1
export
local-setup
2
from
"toolkit-ai/magnet-mcp-server"
from
"toolkit-ai/magnet-mcp-server"
3
Interactive setup workflow for running the Magnet MCP server locally (project-specific, magnet-app directory only). Use when user says "local setup", "run locally", "test locally", "configure MCP", or "set up local development".
2026-01-05
backend-passport-js.md
4
1
export
backend-passport-js
2
from
"petbrains/mvp-builder"
from
"petbrains/mvp-builder"
3
Authentication middleware for Express.js and Node.js applications. Use when building Express APIs that need JWT authentication, OAuth, or custom auth strategies. Provides 500+ authentication strategies. Choose Passport.js over Auth.js for Express backends, pure API servers, or when you need maximum control over auth flow.
2026-01-05
container-grype.md
4
1
export
container-grype
2
from
"AgentSecOps/SecOpsAgentKit"
from
"AgentSecOps/SecOpsAgentKit"
3
Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.
2026-01-05