Browse Skills

performance-testing.md

7

1 export performance-testing

2 from "youdotcom-oss/dx-toolkit"

3 Performance testing and monitoring system for dx-toolkit packages - measurements, thresholds, regression handling

2026-01-05

security-workflow.md

7

1 export security-workflow

2 from "jpoley/flowspec"

3 Use when creating backlog tasks from security findings, integrating security scans into workflow states, or managing security remediation tracking. Invoked for security workflow integration and task automation.

2026-01-05

backend-development.md

7

1 export backend-development

2 from "samhvw8/dotfiles"

3 Production backend systems development. Stack: Node.js/TypeScript, Python, Go, Rust | NestJS, FastAPI, Django, Express | PostgreSQL, MongoDB, Redis. Capabilities: REST/GraphQL/gRPC APIs, OAuth 2.1/JWT auth, OWASP security, microservices, caching, load balancing, Docker/K8s deployment. Actions: design, build, implement, secure, optimize, deploy, test APIs and services. Keywords: API design, REST, GraphQL, gRPC, authentication, OAuth, JWT, RBAC, database, PostgreSQL, MongoDB, Redis, caching, microservices, Docker, Kubernetes, CI/CD, OWASP, security, performance, scalability, NestJS, FastAPI, Express, middleware, rate limiting. Use when: designing APIs, implementing auth/authz, optimizing queries, building microservices, securing endpoints, deploying containers, setting up CI/CD.

2026-01-05

lang-python.md

7

1 export lang-python

2 from "joncrangle/.dotfiles"

3 Python 3.13+ development specialist covering FastAPI, Django, async patterns, data science, testing with pytest, and modern Python features. Use when developing Python APIs, web applications, data pipelines, or writing tests.

2026-01-05

dependency-injection-review.md

7

1 export dependency-injection-review

2 from "kateusz/GameEngine"

3 Review code for proper DI patterns using DryIoc. Ensures no static singletons, validates constructor injection and service lifetimes. Use when reviewing code, refactoring static access, or debugging DI issues.

2026-01-05

github-actions-writer.md

7

1 export github-actions-writer

2 from "JamesPrial/github-skills"

3 This skill should be used when users need to create, modify, optimize, or troubleshoot GitHub Actions CI/CD workflows. Use when users ask about automating builds, tests, deployments, or any GitHub Actions-related tasks. Triggers include requests like "create a CI workflow", "deploy to AWS", "automate testing", "setup GitHub Actions", or when debugging workflow failures.

2026-01-05

tzurot-security.md

7

1 export tzurot-security

2 from "lbds137/tzurot"

3 Security best practices for Tzurot v3 - Secret management, AI-specific security (prompt injection, PII scrubbing), Economic DoS prevention, Discord permission verification, microservices security, and supply chain integrity. Use when handling secrets, user input, or security-critical code.

2026-01-05

security-reviewer.md

7

1 export security-reviewer

2 from "jpoley/flowspec"

3 Use when reviewing code for security vulnerabilities, conducting threat modeling, ensuring SLSA compliance, or performing security assessments. Invoked for security analysis, vulnerability detection, and compliance verification.

2026-01-05

pm-planner.md

7

1 export pm-planner

2 from "jpoley/flowspec"

3 Use when creating, editing, or breaking down backlog tasks. Invoked for task management, feature decomposition, writing acceptance criteria, and ensuring tasks follow atomic, testable, independent guidelines.

2026-01-05

cpython-build-and-test.md

7

1 export cpython-build-and-test

2 from "gpshead/cpython-skills"

3 Use this skill when configuring, building, or rebuilding CPython from source, running tests, or debugging test failures. Covers ./configure with --with-pydebug, make commands, ccache for faster rebuilds, Argument Clinic regeneration (make clinic), unittest-based testing with python -m test (NOT pytest), --match filtering, code coverage collection, and platform-specific build paths (Linux vs macOS).

2026-01-05

test-ambiguity-detector.md

7

1 export test-ambiguity-detector

2 from "SprocketLab/slop-code-bench"

3 Analyze test cases against specifications to find ambiguous assumptions. Use when tests might be making assumptions not explicitly defined in the spec. Invoke with /test-ambiguity-detector <problem> <checkpoint>.

2026-01-05

bugfix.md

7

1 export bugfix

2 from "doodledood/claude-code-plugins"

3 Systematic bug investigation and fixing workflow with root cause analysis, reproduction tests, and verified fixes. Orchestrates the multi-phase process: gather context, investigate, reproduce, fix, verify.

2026-01-05

component-workflow.md

7

1 export component-workflow

2 from "kateusz/GameEngine"

3 Guide the creation of new ECS components following established architectural patterns including component class creation, JSON serialization support, editor UI implementation, dependency injection registration, and documentation. Use when adding new component types to the engine or extending existing component functionality.

2026-01-05

lang-javascript.md

7

1 export lang-javascript

2 from "joncrangle/.dotfiles"

3 JavaScript ES2024+ development specialist covering Bun runtime, Hono web framework, modern testing, linting (Biome), and edge-first development. Use when developing JavaScript APIs, web applications, or server-side projects.

2026-01-05

resource-management-audit.md

7

1 export resource-management-audit

2 from "kateusz/GameEngine"

3 Audit resource management including IDisposable pattern implementation, proper cleanup of OpenGL resources (buffers, textures, shaders, framebuffers), memory leak detection, resource lifetime management, and GPU resource tracking. Use when investigating memory leaks, GPU resource exhaustion, or implementing new resource types.

2026-01-05

better-auth.md

7

1 export better-auth

2 from "samhvw8/dotfiles"

3 TypeScript authentication framework (framework-agnostic). Features: email/password, OAuth (Google, GitHub, Discord), 2FA (TOTP, SMS), passkeys/WebAuthn, session management, RBAC, rate limiting, database adapters. Actions: implement, configure, secure authentication systems. Keywords: Better Auth, authentication, authorization, OAuth, email/password, 2FA, MFA, TOTP, passkeys, WebAuthn, session management, RBAC, rate limiting, database adapter, TypeScript auth, social login, Google auth, GitHub auth, Discord auth, email verification, password reset. Use when: implementing TypeScript auth, adding OAuth providers, setting up 2FA/MFA, managing sessions, configuring RBAC, building secure auth systems.

2026-01-05

checkpoint-ambiguity-review.md

7

1 export checkpoint-ambiguity-review

2 from "SprocketLab/slop-code-bench"

3 Review checkpoint specs and tests to identify tests that encode ambiguous interpretations rather than explicit requirements. Use when asked to check checkpoint_N.md against test_checkpoint_N.py, when auditing tests for ambiguity, or when reviewing snapshot eval failures for interpretive issues.

2026-01-05

review-security.md

7

1 export review-security

2 from "ssiumha/dots"

3 보안 관점에서 코드를 검토합니다. OWASP Top 10, credential 노출, injection 공격 등을 체크합니다.

2026-01-05

debug-asan-build.md

7

1 export debug-asan-build

2 from "coderealm-atlas/cert-ctrl"

3 Build and test this repo with the CMake preset debug-asan (AddressSanitizer). Use when asked how to configure, build, run, or test with ASAN/debug builds in this project.

2026-01-05

code-patterns.md

7

1 export code-patterns

2 from "youdotcom-oss/dx-toolkit"

3 Universal code patterns and best practices for dx-toolkit (Bun APIs, testing, error handling, type guards)

2026-01-05

infra-engineer.md

7

1 export infra-engineer

2 from "samhvw8/dotfiles"

3 Comprehensive infrastructure engineering covering DevOps, cloud platforms, FinOps, and DevSecOps. Platforms: AWS (EC2, Lambda, S3, ECS, EKS, RDS, CloudFormation), Azure basics, Cloudflare (Workers, R2, D1, Pages), GCP (GKE, Cloud Run, Cloud Storage), Docker, Kubernetes. Capabilities: CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins), GitOps, infrastructure as code (Terraform, CloudFormation), container orchestration, cost optimization, security scanning, vulnerability management, secrets management, compliance (SOC2, HIPAA). Actions: deploy, configure, manage, scale, monitor, secure, optimize cloud infrastructure. Keywords: AWS, EC2, Lambda, S3, ECS, EKS, RDS, CloudFormation, Azure, Kubernetes, k8s, Docker, Terraform, CI/CD, GitHub Actions, GitLab CI, Jenkins, ArgoCD, Flux, cost optimization, FinOps, reserved instances, spot instances, security scanning, SAST, DAST, vulnerability management, secrets management, Vault, compliance, monitoring, observability. Use when: deploying to AWS/Azure/GCP/Cloudflare, s

2026-01-05

fuzzing-strategist.md

7

1 export fuzzing-strategist

2 from "jpoley/flowspec"

3 Fuzzing strategist persona specializing in dynamic testing guidance, fuzzing strategy development, and crash analysis

2026-01-05

kubernetes-best-practices.md

7

1 export kubernetes-best-practices

2 from "armanzeroeight/fastagent-plugins"

3 Provides production-ready Kubernetes manifest guidance including resource management, security, high availability, and configuration best practices. This skill should be used when working with Kubernetes YAML files, deployments, pods, services, or when users mention k8s, container orchestration, or cloud-native applications.

2026-01-05

security-workflow.md

7

1 export security-workflow

2 from "jpoley/flowspec"

3 Use when creating backlog tasks from security findings, integrating security scans into workflow states, or managing security remediation tracking. Invoked for security workflow integration and task automation.

2026-01-05