Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
hono-routing
Build type-safe APIs with Hono for Cloudflare Workers, Deno, Bun, Node.js. Routing, middleware, validation (Zod/Valibot), RPC, streaming (SSE), WebSocket, security (CSRF, secureHeaders). Use when: building Hono APIs, streaming SSE, WebSocket, validation, RPC. Troubleshoot: validation hooks, RPC types, middleware chains, JWT verify algorithm required (v4.11.4+), body consumed errors.
slo-implementation
Provides a concrete framework for implementing SLOs with Prometheus recording rules, alerting configurations, and Grafana dashboard queries. Includes specific SLI formulas, error budget calculations, and multi-window burn rate alerting strategies. Offers ready-to-use YAML examples for production monitoring systems.
.claude
Provides ClickHouse-specific development guidelines and CI report analysis tools. Includes code formatting rules, commit practices, and scripts to fetch and parse test results from ClickHouse's S3-based CI system. Helps maintain consistency in documentation and debugging test failures.
test-environment-management
This skill provides concrete guidance for managing test environments using Infrastructure as Code, Docker, and service virtualization. It includes specific examples for Docker Compose, Terraform, and cost optimization scripts. The skill helps teams avoid 'works on my machine' issues by ensuring environment parity with production.
dependency-conflict-resolver
Detect and resolve package dependency conflicts before installation across npm/yarn/pnpm, pip/poetry, cargo, and composer. Auto-trigger when installing/upgrading packages. Validates peer dependencies, version compatibility, security vulnerabilities. Auto-resolves safe conflicts (patches, dev deps), suggests manual review for breaking changes. Prevents conflicting versions, security vulnerabilities, broken builds.
solana-vulnerability-scanner
Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing. Use when auditing Solana/Anchor programs.
aws-beanstalk-expert
Expert knowledge for deploying, managing, and troubleshooting AWS Elastic Beanstalk applications with production best practices
mcporter
Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation.
entry-point-analyzer
Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by access level (public, admin, role-restricted, contract-only), and generates structured audit reports. Excludes view/pure/read-only functions. Use when auditing smart contracts (Solidity, Vyper, Solana/Rust, Move, TON, CosmWasm) or when asked to find entry points, audit flows, external functions, access control patterns, or privileged operations.
coverage-analysis
Coverage analysis measures code exercised during fuzzing. Use when assessing harness effectiveness or identifying fuzzing blockers.
cairo-vulnerability-scanner
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects. (project, gitignored)
nodejs-backend-patterns
Provides concrete code examples and architectural patterns for building Node.js backend services with Express and Fastify. Covers middleware setup, layered architecture, authentication with JWT, database integration, caching strategies, and API response formatting. Includes TypeScript examples and best practices for production deployment.
variant-analysis
Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.
fix-review
Verifies that git commits address security audit findings without introducing bugs. This skill should be used when the user asks to "verify these commits fix the audit findings", "check if TOB-XXX was addressed", "review the fix branch", "validate remediation commits", "did these changes address the security report", "post-audit remediation review", "compare fix commits to audit report", or when reviewing commits against security audit reports.
semgrep-rule-creator
Create custom Semgrep rules for detecting bug patterns and security vulnerabilities. This skill should be used when the user explicitly asks to "create a Semgrep rule", "write a Semgrep rule", "make a Semgrep rule", "build a Semgrep rule", or requests detection of a specific bug pattern, vulnerability, or insecure code pattern using Semgrep.
ecs
AWS ECS container orchestration for running Docker containers. Use when deploying containerized applications, configuring task definitions, setting up services, managing clusters, or troubleshooting container issues.
cloudflare-mcp-server
Build MCP servers on Cloudflare Workers - the only platform with official remote MCP support. TypeScript-based with OAuth, Durable Objects, and WebSocket hibernation. Prevents 24 documented errors. Use when: deploying remote MCP servers, implementing OAuth, or troubleshooting URL path mismatches, McpAgent exports, CORS issues, IoContext timeouts.
revert
Provides structured git revert operations at task, phase, or track levels with mandatory confirmation steps. Integrates with TodoWrite for workflow tracking and maintains project consistency through validation checks. Targets development teams using Conductor for project management.
azure-auth
Provides a complete implementation guide for Microsoft Entra ID authentication in React SPAs using MSAL.js, with backend token validation in Cloudflare Workers using the jose library. Covers common pitfalls like AADSTS50058 loops, Safari cookie issues, and multi-tenant configurations. Includes migration guidance for ADAL retirement and Azure AD B2C sunset.
supabase-usage
This skill provides practical guidance for working with Supabase databases, covering auth flows, RLS policies, table relationships, and query optimization. It includes specific examples for JavaScript and Python SDKs, common filter patterns, and pagination techniques. The documentation references detailed examples for authentication, security, and query patterns.
eks
AWS EKS Kubernetes management for clusters, node groups, and workloads. Use when creating clusters, configuring IRSA, managing node groups, deploying applications, or integrating with AWS services.
TanStack Router
Build type-safe, file-based React routing with TanStack Router. Supports client-side navigation, route loaders, and TanStack Query integration. Prevents 20 documented errors including validation structure loss, param parsing bugs, and SSR streaming crashes. Use when implementing file-based routing patterns, building SPAs with TypeScript routing, or troubleshooting devtools dependency errors, type safety issues, Vite bundling problems, or Docker deployment issues.
e2e-testing-patterns
Master end-to-end testing with Playwright and Cypress to build reliable test suites that catch bugs, improve confidence, and enable fast deployment. Use when implementing E2E tests, debugging flaky tests, or establishing testing standards.
tmux
This skill enables remote control of tmux sessions for running interactive command-line tools. It provides scripts for sending keystrokes, capturing output, and managing multiple sessions in parallel. Useful for orchestrating coding agents or automating REPL interactions.