Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
security-check
Automatically runs OWASP security checks on generated code, providing validation for common vulnerabilities like SQL injection and exposed secrets. It includes auto-fix suggestions for issues and can be run via command line scripts. The tool operates silently unless unfixable security issues are found.
evaluate
A testing and review automation tool for FABER workflows that runs test suites, checks code quality, and makes GO/NO-GO decisions to control build-evaluate loops. It provides structured feedback with specific failure details for retry cycles.
healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
django-verification
Verification loop for Django projects: migrations, linting, tests with coverage, security scans, and deployment readiness checks before release or PR.
rocm_vllm_deployment
Production-ready vLLM deployment on AMD ROCm GPUs. Combines environment auto-check, model parameter detection, Docker Compose deployment, health verification, and functional testing with comprehensive logging and security best practices.
deterministic-executor
A prototype workflow executor that addresses LLM hallucination by moving orchestration control from Claude to bash scripts. Bash manages step progression and verification while Claude handles individual step execution, preventing step skipping.
code-sentinel
This skill fixes recurring anti-patterns when specific tests fail, providing documented root causes and verification steps. It maps test failures to detailed anti-pattern documentation across CI workflows, build packaging, and application runtime issues.
cloudflare-workers-ci-cd
This skill provides a complete CI/CD guide for automating Cloudflare Workers deployments using GitHub Actions and GitLab CI. It enables automated testing, multi-environment deployments, preview environments, secure secrets management, and helps prevent common deployment failures and errors.
cfn-config
Consolidates two existing configuration skills into a single package for managing config files and sanitizing environment variables. Provides clear migration paths and directory structure for existing users. Focuses on practical configuration handling tasks.
cost-optimization
Provides concrete strategies for reducing cloud costs across AWS, Azure, and GCP. Includes specific examples like Terraform code for S3 lifecycle policies, budget alerts, and auto-scaling. Offers practical checklists and tagging strategies that teams can implement immediately.
k8s-browser
Browser automation for Kubernetes dashboards and web UIs. Use when interacting with Kubernetes Dashboard, Grafana, ArgoCD UI, or other web interfaces. Requires MCP_BROWSER_ENABLED=true.
cfn-deployment-lifecycle
Combines deployment and promotion workflows for Claude Skills into a single package. Manages transitions between APPROVED, DEPLOYED, staging, and production states with atomic operations. Useful for teams maintaining multiple skills.
cfn-redis-coordination
Provides Redis-based coordination for Claude agents using pub/sub and blocking list operations. Enables agent waiting modes, context sharing, and completion tracking in multi-agent workflows. Includes bash wrappers for common operations.
cloud-sandbox
This skill provides tools to create and manage isolated E2B sandboxes for running code in various languages. It supports multiple templates like Node.js, Python, and React, with features for file upload, command execution, and environment configuration. Useful for testing untrusted code or creating reproducible development setups.
linkerd-patterns
Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing zero-trust networking with minimal overhead.
django-pro
Master Django 5.x with async views, DRF, Celery, and Django Channels. Build scalable web applications with proper architecture, testing, and deployment. Use PROACTIVELY for Django development, ORM optimization, or complex Django patterns.
convert-to-apple-container
Switch from Docker to Apple Container for macOS-native container isolation. Use when the user wants Apple Container instead of Docker, or is setting up on macOS and prefers the native runtime. Triggers on "apple container", "convert to apple container", "switch to apple container", or "use apple container".
railway-environment
Query, stage, and apply configuration changes for Railway environments. Use for ANY variable or env var operations, service configuration (source, build settings, deploy settings), lifecycle (delete service), and applying changes. Prefer over railway-status skill for any configuration or variable queries.
ci-cd
CI/CD pipeline expert for GitHub Actions, GitLab CI, Jenkins, and deployment automation
kubernetes
Kubernetes operations expert for kubectl, pods, deployments, and debugging
kubernetes-specialist
Use when deploying or managing Kubernetes workloads requiring cluster configuration, security hardening, or troubleshooting. Invoke for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization.
code-review-checklist
Code review guidelines covering code quality, security, and best practices.
playwright-pro
Production-grade Playwright testing toolkit. Use when the user mentions Playwright tests, end-to-end testing, browser automation, fixing flaky tests, test migration, CI/CD testing, or test suites. Generate tests, fix flaky failures, migrate from Cypress/Selenium, sync with TestRail, run on BrowserStack. 55 templates, 3 agents, smart reporting.
insecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.