Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
agentdb-optimization
Provides concrete optimization techniques for AgentDB vector databases, including quantization methods (binary, scalar, product) for 4-32x memory reduction and HNSW indexing for 150x faster search. Offers specific configuration recipes for different scale levels and use cases with measurable performance benchmarks.
verification-quality
Provides automated code quality verification with truth scoring (0.0-1.0 scale) and automatic rollback when scores fall below a configurable threshold (default 0.95). Integrates with CI/CD pipelines, offers real-time monitoring dashboards, and includes pre-commit hooks for preventing low-quality code from being committed.
auth-patterns
Provides ready-to-use authentication and authorization patterns for backend applications, including JWT, session-based auth, OAuth 2.0, password security, RBAC, ABAC, and security best practices with TypeScript examples. Covers token storage, rate limiting, account lockout, MFA, and refresh token rotation.
burp-suite
This skill documents Burp Suite Professional, a leading HTTP interception proxy for web application security testing. It provides detailed workflows for proxy configuration, active/passive scanning, and fuzzing with Intruder. The guide includes practical examples for Docker integration and common troubleshooting scenarios.
MCP Integration
Comprehensive guide for integrating MCP servers into Claude Code plugins with clear configuration examples, server type explanations, and security best practices.
isms-audit-expert
Senior ISMS Audit Expert for internal and external information security management system auditing. Provides ISO 27001 audit expertise, security audit program management, security control assessment, and compliance verification. Use for ISMS internal auditing, external audit preparation, security control testing, and ISO 27001 certification support.
flow-nexus-platform
Provides a unified interface for managing Flow Nexus cloud platform features including user authentication, code sandboxes, app deployment, credit payments, and coding challenges. Offers detailed API examples for each function with practical use cases.
audit-context-building
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
performance-analysis
A CLI tool for analyzing Claude Flow swarm performance, detecting bottlenecks in communication, processing, memory, and network. Provides actionable recommendations and can auto-fix issues. Includes real-time profiling, report generation, and CI/CD integration with JSON/HTML outputs.
quality-metrics
A comprehensive and actionable quality metrics framework that effectively distinguishes meaningful metrics from vanity metrics, with excellent DORA integration and practical implementation guidance.
wordpress-plugin-core
Build secure WordPress plugins with hooks, database interactions, Settings API, custom post types, and REST API. Covers Simple, OOP, and PSR-4 architecture patterns plus the Security Trinity. Includes WordPress 6.7-6.9 breaking changes. Use when creating plugins or troubleshooting SQL injection, XSS, CSRF, REST API vulnerabilities, wpdb::prepare errors, nonce edge cases, or WordPress 6.8+ bcrypt migration.
secrets-management
Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
release-prep
Automates release preparation for MassGen projects by generating CHANGELOG entries, announcement text, and validating documentation. Handles git operations, archives previous releases, suggests screenshots, and provides a release checklist. Specifically designed for projects following Keep a Changelog format.
git-commit-message
This skill analyzes staged git changes to generate commit messages following Conventional Commits specification. It uses a three-tier format system that matches message detail to commit importance, from detailed documentation for critical features to concise messages for minor updates. The tool includes validation rules to block generic messages and provides security guidance for sensitive commits.
differential-review
Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.
security-testing
Provides a structured approach to security testing based on OWASP Top 10, with ready-to-use test code for access control, injection, and crypto failures. Includes CI/CD integration examples and coordination for multiple security-focused agents.
senior-security
Comprehensive security engineering skill for application security, penetration testing, security architecture, and compliance auditing. Includes security assessment tools, threat modeling, crypto implementation, and security automation. Use when designing security architecture, conducting penetration tests, implementing cryptography, or performing security audits.
bunjs-production
Provides complete Docker multi-stage builds, AWS ECS task definitions, Redis caching patterns, and graceful shutdown handlers for Bun.js TypeScript backends. Includes production-ready configurations with health checks, non-root users, and environment-specific setups.
code-review
This skill analyzes code for security vulnerabilities, performance bottlenecks, and quality issues using a structured template. It checks for injection risks, algorithm efficiency, SOLID violations, and maintainability problems, providing specific fixes and severity ratings.
test-automation-strategy
A comprehensive and well-structured test automation strategy skill providing clear guidance on pyramid principles, patterns, CI/CD integration, and flaky test management with practical examples.
rclone
This skill provides rclone commands for uploading, syncing, and managing files across multiple cloud storage providers. It includes setup verification, configuration guidance for S3, R2, B2, Google Drive, and Dropbox, plus practical commands with flags for different transfer scenarios.
agent-sandbox-skill
This skill provides a CLI wrapper for E2B sandboxes, enabling safe execution of code, commands, and file operations in isolated environments. It handles sandbox lifecycle, file transfers, and browser automation with clear prerequisites and troubleshooting steps.
address-sanitizer
AddressSanitizer detects memory errors during fuzzing. Use when fuzzing C/C++ code to find buffer overflows and use-after-free bugs.
fastmcp
Build MCP servers in Python with FastMCP to expose tools, resources, and prompts to LLMs. Supports storage backends, middleware, OAuth Proxy, OpenAPI integration, and FastMCP Cloud deployment. Prevents 30+ errors. Use when: creating MCP servers, or troubleshooting module-level server, storage, lifespan, middleware, OAuth, background tasks, or FastAPI mount errors.