Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
database
PostgreSQL expert for .sql migration files, CREATE TABLE, ALTER TABLE, indexes, constraints, foreign keys, schema changes, docker/postgres/migrations/, init.sql, idempotent SQL, transactions, BEGIN/COMMIT, psql, database testing, schema_migrations
slidev-deployment
Deploy Slidev presentations to the web. Use this skill for GitHub Pages, Netlify, Vercel, and Docker deployments.
fastapi-backend
Build production-grade FastAPI backends with SQLModel, Pydantic, and JWT authentication. Use this skill when building REST APIs, integrating with Neon PostgreSQL, implementing Better Auth JWT verification, or creating CRUD endpoints. Includes patterns for audit logging, worker/agent parity, and OpenAPI documentation.
ansible-testing
This skill should be used when running ansible-lint, configuring linting rules, testing Ansible playbooks, validating playbook syntax, or setting up integration tests. Covers ansible-lint configuration and testing strategies.
checking-owasp-compliance
Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.
tenant-credit-analyst
Expert in tenant creditworthiness assessment and financial statement analysis. Use when evaluating tenant credit quality, analyzing financial ratios, assessing default risk, or structuring security requirements. Key terms include DSCR, current ratio, debt-to-equity, working capital, liquidity analysis, credit scoring, personal guarantee, security deposit, financial covenants
security-auditing
Guide for conducting comprehensive security audits of code to identify vulnerabilities. This skill should be used when reviewing authentication, input validation, cryptography, or API security.
vercel-deploy
Deploy applications and websites to Vercel. Use this skill when the user requests deployment actions such as "Deploy my app", "Deploy this to production", "Create a preview deployment", "Deploy and give me the link", or "Push this live". No authentication required - returns preview URL and claimable deployment link.
tauri
Cross-platform desktop application framework combining Rust backend with web frontend, emphasizing security and performance
harbor-expert
Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.
security-auditing
Imported from https://github.com/martinholovsky/claude-skills-generator.
security-scan-workflow
Automated security scanning workflow using Semgrep MCP. Scans changed files for OWASP Top 10 vulnerabilities, CWE patterns, hardcoded secrets, and security misconfigurations. Returns prioritized findings with remediation guidance. Use when security validation is needed for code changes (invoked by security-engineer, code-quality-validator, or /audit command). Scans only changed files for efficiency (10-15s overhead).
setup-security-scanning
Imported from https://github.com/nickromney/n-dotfiles.
create-change-request
Creates comprehensive ServiceNow change request documentation when users request CR creation, need to generate change requests, ask to prepare deployment documentation, or mention creating release documentation. Automatically analyzes git history, queries functional requirements from BigQuery, generates technical change summaries, and creates properly formatted YAML files for L'Oréal BTDP deployments.
logging-observability
Guidelines for structured logging, distributed tracing, and debugging patterns across languages. Covers logging best practices, observability, security considerations, and performance analysis.
gcp-project-auditor
Expert in auditing GCP projects for security, compliance, and best practices. **Use this skill when the user asks to audit a GCP project, review GCP project security, scan GCP resources, or check GCP project compliance.** Scans resources, IAM policies, service accounts, and detects excessive permissions in production environments.
moai-domain-cloud
Enterprise-grade cloud architecture expertise with production-ready patterns for AWS (Lambda 3.13, ECS/Fargate 1.4.0, RDS, CDK 2.223.0), GCP (Cloud Run Gen2, Cloud Functions 2nd gen, Cloud SQL), Azure (Functions v4, Container Apps, AKS), and multi-cloud orchestration (Terraform 1.9.8, Pulumi 3.x, Kubernetes 1.34). Covers serverless architectures, container orchestration, multi-cloud deployments, cloud-native databases, infrastructure automation, cost optimization, security patterns, and disaster recovery for 2025 stable versions.
e2e-testing-patterns
Master end-to-end testing with Playwright and Cypress to build reliable test suites that catch bugs, improve confidence, and enable fast deployment. Use when implementing E2E tests, debugging flaky tests, or establishing testing standards.
k8s-security-policies
Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards.
database-migration
Use when working with Supabase database schemas, migrations, RLS policies, or PostGIS features. Enforces UUID standards, timestamp columns, and security best practices.
golang-cli-review
Comprehensive code review for Golang CLI applications. Produces an actionable checklist covering error handling, CLI framework patterns (Cobra/urfave), testing, performance, security, and Go idioms. TRIGGERS: Review Go CLI, review golang command-line, code review .go CLI, audit CLI application, check golang tool, review cobra app
security-guardian
Expert en sécurité applicative pour détecter les vulnérabilités, auditer le code, et guider les bonnes pratiques de sécurité. OWASP Top 10, authentification, autorisation, cryptographie, gestion de secrets. Utiliser pour audits sécurité, reviews de code sensible, conception de features sécurisées, ou résolution de failles.
playwright-browser
Browser automation and E2E testing via local Playwright Docker container
claude-dev-pack
Developer toolkit: build, test, deploy, and debug with curated skills.