Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
code-reviewing
Review code for quality, security, and best practices. Use when the user asks for code review, wants feedback on their code, mentions reviewing changes, or asks about code quality.
aws-serverless-deployment
AWS SAM and AWS CDK deployment for serverless applications. Triggers on phrases like: use SAM, SAM template, SAM init, SAM deploy, CDK serverless, CDK Lambda construct, NodejsFunction, PythonFunction, SAM and CDK together, serverless CI/CD pipeline. For general app deployment with service selection, use deploy-on-aws plugin instead.
deploy
Deploy applications to AWS. Triggers on phrases like: deploy to AWS, host on AWS, run this on AWS, AWS architecture, estimate AWS cost, generate infrastructure. Analyzes any codebase and deploys to optimal AWS services.
vuln-nist
NIST vulnerability database lookup and CVE analysis
api-best-practices
REST API design patterns, OpenAPI specifications, versioning strategies, authentication, error handling, and security best practices. Use when designing APIs, creating endpoints, documenting APIs, or implementing backend services that expose HTTP APIs.
validate-build
Run production build validation (npm run build, vite build, tsc) to ensure code compiles and builds successfully. Returns structured output with build status, duration, size metrics, and error details. Used for quality gates and deployment readiness checks.
frontend-qc
Performs comprehensive frontend quality assurance reviews using browser automation. Systematically tests UI elements, discovers and reports bugs to GitHub Issues, and provides improvement recommendations. Uses Chrome DevTools Skill for interactive testing. This skill should be used when performing quality assurance reviews of frontend UI components, testing user interfaces for bugs or usability issues, validating frontend implementations before deployment, or conducting systematic UI testing across multiple components.
security-specialist
提供安全审计、风险评估和合规检查能力。当需要进行安全审查、风险评估或合规验证时使用。
gpg-multi-key
Advanced GPG multi-key management strategies for consultants, CI/CD automation, and enterprise teams. Configure, set up, run, and execute multi-key GPG workflows. Use when managing multiple GPG keys (personal + automation, per-client keys, enterprise keys), configuring CI/CD commit signing, implementing per-client key isolation, using conditional Git includes, setting up automated signing, or scaling GPG key strategies beyond single-key setups.
devops-specialist
提供部署、CI/CD、基础设施管理和 DevOps 自动化能力。当需要部署应用、配置基础设施或优化开发流程时使用。
qa-checklist
Formal Quality Assurance Checklist before every Merge/Deploy. 6-phase validation with Build Verification, Test Suite, No-Touch Zones, Region Check, Security Review, and QA Report generation. Activate on "merge", "deploy", "release", "production", or /qa command.
aws-lambda
Design, build, deploy, test, and debug serverless applications with AWS Lambda. Triggers on phrases like: Lambda function, event source, serverless application, API Gateway, EventBridge, Step Functions, serverless API, event-driven architecture, Lambda trigger. For deploying non-serverless apps to AWS, use deploy-on-aws plugin instead.
dockerfile-generator
Generates optimized Dockerfiles for various languages and frameworks with best practices (multi-stage builds, layer caching, security). Use when user asks to "create dockerfile", "dockerize app", "containerize", or "docker setup".
dependency-vulnerability-scanner
Scans dependencies for known vulnerabilities (npm audit, pip-audit, etc.), generates reports, and suggests fixes. Use when user asks to "check vulnerabilities", "security scan", "audit dependencies", "check CVEs", or "vulnerable packages".
multi-dockerfile-build
This skill should be used when the user asks to "build multiple Dockerfiles", "compile varios dockerfiles", "multi-container build", "multiple Docker images in GitLab", "parallel Docker builds", "monorepo Docker builds", "build frontend backend worker containers", or needs to build multiple Docker images from different Dockerfiles in a single GitLab project using To-Be-Continuous Docker template.
wrangler
Deploy and manage Cloudflare Workers, Pages, KV, R2, D1, and other Cloudflare services using the `wrangler` CLI.
vercel
Deploy and manage Vercel projects, domains, environment variables, and serverless functions using the `vercel` CLI.
dependency-scan
Scans project dependencies across multiple programming languages and package managers to detect known security vulnerabilities (CVEs), provides severity assessment, and offers remediation guidance including auto-fix options.
config-scan
This skill scans configuration files, Docker setups, Kubernetes manifests, and Infrastructure as Code (like Terraform) to detect security misconfigurations and vulnerabilities, helping to enforce security best practices.
appsec-expert
Elite Application Security engineer specializing in secure SDLC, OWASP Top 10 2025, SAST/DAST/SCA integration, threat modeling (STRIDE), and vulnerability remediation. Expert in security testing, cryptography, authentication patterns, and DevSecOps automation. Use when securing applications, implementing security controls, or conducting security assessments.
energyplus-assistant
Use this skill when analyzing EnergyPlus IDF building energy models, including QA/QC validation, HVAC topology analysis, ECM testing, or running simulations. Supports fast validation without Docker (direct parsing) and comprehensive analysis with MCP tools when needed. Handles Windows path formats, environment detection, and intelligent method selection. (project)
payloads
Imported from https://github.com/Eyadkelleh/awesome-claude-skills-security.
FastMCP Development
Use when creating or modifying Model Context Protocol (MCP) servers with FastMCP framework - guides through tools, resources, prompts, authentication, Claude Desktop integration, and production deployment with Python and TypeScript examples
chrome-devtools
Chrome debugging and inspection via local CDP Docker container