Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
docker-containerization
A specialized skill for creating optimized, secure Docker containers using multi-stage builds, layer caching, security scanning with Trivy, Docker Compose orchestration, and BuildKit features for production environments.
talos-os-expert
Elite Talos Linux expert specializing in immutable Kubernetes OS, secure cluster deployment, machine configurations, talosctl CLI operations, upgrades, and production-grade security hardening. Expert in Talos 1.6+, secure boot, disk encryption, and zero-trust infrastructure. Use when deploying Talos clusters, configuring machine configs, troubleshooting node issues, or implementing security best practices.
api-expert
Expert API architect specializing in RESTful API design, GraphQL, gRPC, and API security. Deep expertise in OpenAPI 3.1, authentication patterns (OAuth2, JWT), rate limiting, pagination, and OWASP API Security Top 10. Use when designing scalable APIs, implementing API gateways, or securing API endpoints.
cicd-expert
Elite CI/CD pipeline engineer specializing in GitHub Actions, GitLab CI, Jenkins automation, secure deployment strategies, and supply chain security. Expert in building efficient, secure pipelines with proper testing gates, artifact management, and ArgoCD/GitOps patterns. Use when designing pipelines, implementing security gates, or troubleshooting CI/CD issues.
docker-ros2-development
$37
robotics-security
Security hardening and best practices for robotic systems, covering SROS2 DDS security, network segmentation, secrets management, secure boot, and the physical-cyber safety intersection. Use this skill when securing ROS2 communications, configuring DDS encryption and access control, hardening robot onboard computers, managing certificates and credentials, setting up network segmentation for robot fleets, or addressing the unique security challenges where cyber vulnerabilities become physical safety risks. Trigger whenever the user mentions SROS2, DDS security, robot security, robot hardening, ROS2 encryption, ROS2 access control, robot network security, secure robot deployment, robot certificates, keystore generation, robot firewall, e-stop security, safety controller isolation, or IEC 62443 for robotics.
verification-loop
A comprehensive verification system for code development sessions that runs build, type checks, linting, tests, security scans, and diff reviews to ensure code quality before PR submission.
kafka
Apache Kafka on Kubernetes with Strimzi (KRaft mode, no ZooKeeper). This skill should be used when users ask to deploy Kafka clusters, build producers/consumers, implement event-driven patterns, or debug Kafka issues. Includes tested manifests and Makefile for one-command deployment.
docker
Production-grade Docker containerization for Python and Node.js applications. This skill should be used when users ask to containerize applications, create Dockerfiles, dockerize projects, or set up Docker Compose. Auto-detects project structure, analyzes .env for secrets, validates security, and generates tested Dockerfiles.
kubernetes
Production-grade Kubernetes manifests and debugging for containerized applications. This skill should be used when users ask to deploy to Kubernetes, create K8s manifests, containerize for K8s, set up Deployments/Services/Jobs/StatefulSets/CronJobs, create namespaces with resource quotas, set up multi-team isolation, configure ResourceQuota/ LimitRange, secure with RBAC (ServiceAccount, Role, RoleBinding), configure init containers (model download, db wait, migrations), set up sidecars (logging, metrics), or debug pods (CrashLoopBackOff, logs, exec, describe, events). Auto-detects from Dockerfile/code, generates hardened manifests with educational comments. CKAD-aligned.
optimizing-database-connection-pooling
Use when you need to work with connection management. This skill provides connection pooling and management with comprehensive guidance and automation. Trigger with phrases like "manage connections", "configure pooling", or "optimize connection usage".
code-review-pro
Comprehensive code review covering security vulnerabilities, performance bottlenecks, best practices, and refactoring opportunities. Use when user requests code review, security audit, or performance analysis.
code-reviewer
Copilot agent that assists with comprehensive code review focusing on code quality, SOLID principles, security, performance, and best practices Trigger terms: code review, review code, code quality, best practices, SOLID principles, code smells, refactoring suggestions, code analysis, static analysis Use when: User requests involve code reviewer tasks.
code-quality-audit
Use when auditing code quality, security vulnerabilities, checking coverage, finding SOLID/DRY violations, running TDD - supports both Drupal (PHPStan, PHPMD, PHPCPD, Psalm, Semgrep, Trivy, Gitleaks via DDEV) and Next.js (ESLint, Jest, jscpd, madge, Semgrep, Trivy, Gitleaks) projects
infra-planner
Preview infrastructure changes - run Terraform plan to show what resources will be created, modified, or destroyed. Generate human-readable plan summaries showing resource changes before deployment.
security-awareness-agent
Imported from https://github.com/starwreckntx/IRP__METHODOLOGIES-.
security-orchestration-agent
Imported from https://github.com/starwreckntx/IRP__METHODOLOGIES-.
ring:dev-multi-tenant
Multi-tenant development cycle orchestrator following Ring Standards. Auto-detects the service stack (PostgreSQL, MongoDB, Redis, RabbitMQ, S3) and service type (plugin vs product), then executes a gate-based implementation using tenantId from JWT for database-per-tenant isolation via lib-commons v4 tenant-manager sub-packages (postgres.Manager, mongo.Manager). For plugins: includes mandatory M2M credential retrieval from AWS Secrets Manager via lib-commons v4 secretsmanager package (per-tenant authentication with product APIs). MUST update lib-commons v4 first; lib-auth v2 depends on it. Both are required dependencies. Each gate dispatches ring:backend-engineer-golang with context and section references. The agent loads multi-tenant.md via WebFetch and has all code examples.
editorconfig-config
EditorConfig file validation and template for enforcing consistent coding styles across editors and IDEs in monorepos. Includes 4 required standards (root declaration, universal settings with UTF-8/LF/2-space defaults, language-specific sections for JS/TS/JSON/YAML/Markdown/Python/Shell/SQL/Docker/Prisma, root-only placement in monorepos). Use when creating or auditing .editorconfig files to ensure consistent code formatting.
auth-implementation-patterns
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.
cicd
Imported from https://github.com/tidemann/st44-home.
security-engineering
This skill should be used when auditing code for security issues, reviewing authentication/authorization, evaluating input validation, analyzing cryptographic usage, or reviewing dependency security. Provides OWASP patterns, CWE analysis, and threat modeling guidance.
docker
Imported from https://github.com/alex-tgk/saasquatch.
devops-deployer
Imported from https://github.com/ajianaz/skills-collection.