Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
deploying-on-aws
Selecting and implementing AWS services and architectural patterns. Use when designing AWS cloud architectures, choosing compute/storage/database services, implementing serverless or container patterns, or applying AWS Well-Architected Framework principles.
signal-isolated-auth
Imported from https://github.com/plurigrid/asi.
Security Code Review
Identify security vulnerabilities and suggest secure coding practices
validator-role-skill
Professional software QA and code review skill for ensuring code quality, comprehensive test coverage, standards compliance, and security through rigorous testing and validation workflows.
devops-role-skill
Professional DevOps engineering skill for creating CI/CD pipelines, implementing infrastructure as code, managing environments, and establishing monitoring and observability across all deployment stages.
backend-dev-skill
Comprehensive backend development workflow that orchestrates expert analysis, architecture design, implementation, and deployment using the integrated toolset. Handles everything from API design and database architecture to security implementation and DevOps automation.
security-hardening
Reduces attack surface across OS, container, cloud, network, and database layers using CIS Benchmarks and zero-trust principles. Use when hardening production infrastructure, meeting compliance requirements, or implementing defense-in-depth security.
owasp-security
Implement secure coding practices following OWASP Top 10. Use when preventing security vulnerabilities, implementing authentication, securing APIs, or conducting security reviews. Triggers on OWASP, security, XSS, SQL injection, CSRF, authentication security, secure coding, vulnerability.
auditing-security
Imported from https://github.com/0xHoneyJar/arrakis.
Reverse Proxy Deployment
Deploy web applications behind Apache reverse proxy on rivsprod01 with relative URLs and proper path configuration
VibeSec-Skill
This skill helps Claude write secure web applications. Use this when working on any web application or when a user requests a scan or audit to ensure security best practices are followed.
github
GitHub API operations - repositories, issues, pull requests, actions, code security, discussions, gists, and more. Use for GitHub-related tasks like managing PRs, issues, searching code, and monitoring workflows.
route-tester
Test authenticated routes in the your project using cookie-based authentication. Use this skill when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for using test-auth-route.js and mock authentication.
system-environment-setup
Configure development and production environments for consistent and reproducible setups. Use when setting up new projects, Docker environments, or development tooling. Handles Docker Compose, .env configuration, dev containers, and infrastructure as code.
legal
Generate Privacy Policy, Terms of Service, and Cookie Policy pages. Use when setting up legal pages for a new project, when asked to "create privacy policy", "add terms of service", "generate legal pages", or when /arc:letsgo identifies missing legal documents.
playwright-ci-caching
Cache Playwright browser binaries in CI/CD pipelines (GitHub Actions, Azure DevOps) to avoid 1-2 minute download overhead on every build.
mcp-builder
Build MCP servers in Python with FastMCP. Workflow: define tools and resources, build server, test locally, deploy to FastMCP Cloud or Docker. Use when creating MCP servers, exposing tools/resources/prompts to LLMs, building Claude integrations, or troubleshooting FastMCP module-level server, storage, lifespan, middleware, OAuth, or deployment errors.
patchright-skill
Patchright-based browser automation with bot detection bypass. Use when Claude needs to interact with local web applications, test localhost/dev servers, take screenshots, or perform UI interactions on private networks. Ideal for QA automation, frontend debugging, E2E testing, and pre-deployment verification on local development environments.
code-review
Comprehensive code review with security, performance, and quality analysis. Use when users ask to review code, analyze code quality, evaluate pull requests, or mention code review, security analysis, or performance optimization.
security-audit
Imported from https://github.com/vladm3105/aidoc-flow-framework.
web-auth
Authenticate to websites with human-in-the-loop browser handoff. Use when user needs to log into a website, complete 2FA, or solve CAPTCHAs for agent access.
enhance-plugins
Use when analyzing plugin structures, MCP tools, and plugin security patterns.
enhance-plugins
Use when analyzing plugin structures, MCP tools, and plugin security patterns.
robel-auth
Integrate and maintain Robelest Convex Auth in apps by always checking upstream before implementation. Use when adding auth setup, updating auth wiring, migrating between upstream patterns, or troubleshooting @robelest/convex-auth behavior across projects.