Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
quick-quality-check
A lightning-fast code quality assessment tool that runs parallel checks including theater detection, linting, security scanning, and basic tests to provide instant feedback on code quality and consistency.
security
A security specialist hub for application security, vulnerability assessment, and secure coding. It provides workflows for OWASP compliance, penetration testing, security audits, and requires evidence-based reporting for all findings.
testing-automation
Automated testing workflow that orchestrates unit, integration, and E2E tests with CI/CD integration
global-tech-stack
Maintain approved technology stack including TypeScript/Python languages, React/Tailwind frontend, Node.js/FastAPI backend, PostgreSQL/Redis persistence, and Ansible infrastructure automation with enforced quality gates. Use this skill when selecting technologies, adding dependencies, configuring tooling, or ensuring infrastructure-as-code practices. Applies to package.json, requirements.txt, CI/CD pipelines, Ansible playbooks, linters, formatters, testing frameworks, and all technology choices requiring documented approval and migration strategies.
helm
Production-grade Helm 4 chart development, release management, and debugging. This skill should be used when users ask to create Helm charts, deploy with Helm, manage releases (install/upgrade/rollback), push charts to OCI registries, debug failed deployments, configure chart dependencies, create umbrella charts, set up GitOps with ArgoCD/Flux, or troubleshoot Helm issues. Auto-detects from Dockerfile/code, generates production-hardened charts with library patterns. Complements kubernetes skill.
compliance
This Claude Skill provides regulatory compliance validation and documentation for major standards like GDPR, HIPAA, SOC 2, PCI-DSS, and ISO 27001, assisting with audits, control implementation, and certification preparation.
configuring-better-auth
Implement OAuth 2.1 / OIDC authentication using Better Auth with MCP assistance. Use when setting up a centralized auth server (SSO provider), implementing SSO clients in Next.js apps, configuring PKCE flows, or managing tokens with JWKS verification. Uses Better Auth MCP for guided setup. NOT when using simple session-only auth without OAuth/OIDC requirements.
containerize-apps
Containerizes applications with impact-aware Dockerfiles and docker-compose configurations. This skill should be used when containerizing projects for Docker, creating Dockerfiles, docker-compose files, or preparing applications for Kubernetes deployment. It performs impact analysis first (env vars, network topology, auth/CORS), then generates properly configured container configs. Invokes the impact-analyzer subagent for comprehensive project scanning.
AILANG Release Manager
Create new AILANG releases with version bumps, changelog updates, git tags, and CI/CD verification. Use when user says "ready to release", "create release", mentions version numbers, or wants to publish a new version.
moai-domain-security
Imported from https://github.com/kivo360/quickhooks.
api-security
API security best practices and common vulnerability prevention. Enforces security checks for authentication, input validation, SQL injection, XSS, and OWASP Top 10 vulnerabilities. Use when building or modifying APIs.
enterprise-sales
Create an Enterprise Deal Execution Pack (buying committee map + champion enablement, “no decision” prevention plan + mutual action plan, procurement/security packet, and POC-as-business-case plan + ROI model). Use for enterprise sales, procurement, security reviews, and enterprise pilots/POCs. Category: Sales & GTM.
shipping-products
Plan and execute a product launch/release with speed and safety. Produces a Shipping & Launch Pack (release brief, rollout/rollback plan, product quality list, comms + enablement, monitoring plan, post-launch review). Use for ship, launch, release, deploy, go live.
review-code
Multi-dimensional code review with structured reports. Analyzes correctness, readability, performance, security, testing, and architecture. Triggers on "review code", "code review", "审查代码", "代码审查".
macos-cleanup
When Claude needs to free up disk space on macOS, clean caches, remove unused files, or optimize storage. Triggers: cleanup, disk space, free space, dọn dẹp, xóa cache, giải phóng dung lượng, node_modules, brew cleanup, docker prune
auditing-wallet-security
Audit crypto wallet security including private key management and transaction signing. Use when auditing wallet security practices. Trigger with phrases like "audit wallet", "check security", or "verify signatures".
yaml-master
PROACTIVE YAML INTELLIGENCE: Automatically activates when working with YAML files, configuration management, CI/CD pipelines, Kubernetes manifests, Docker Compose, or any YAML-based workflows. Provides intelligent validation, schema inference, linting, format conversion (JSON/TOML/XML), and structural transformations with deep understanding of YAML specifications and common anti-patterns.
aws-solution-architect
Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
ms365-tenant-manager
Comprehensive Microsoft 365 tenant administration skill for setup, configuration, user management, security policies, and organizational structure optimization for Global Administrators
analyzing-dependencies
Check dependencies for known security vulnerabilities and outdated versions. Use when auditing third-party libraries. Trigger with 'check dependencies', 'scan for vulnerabilities', or 'audit packages'.
scanning-for-vulnerabilities
This skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. it identifies security vulnerabilities in code, dependencies, and configurations, including cve detection. use this skill when the user asks to scan fo...
reviewdog
Automated code review and security linting integration for CI/CD pipelines using reviewdog. Aggregates findings from multiple security and quality tools (SAST, linters, formatters) into unified code review comments on pull requests. Use when: (1) Integrating security scanning into code review workflows, (2) Automating security feedback on pull requests, (3) Consolidating multiple tool outputs into actionable review comments, (4) Enforcing secure coding standards in CI/CD pipelines, (5) Providing inline security annotations during development.
container-hadolint
Dockerfile security linting and best practice validation using Hadolint with 100+ built-in rules aligned to CIS Docker Benchmark. Use when: (1) Analyzing Dockerfiles for security misconfigurations and anti-patterns, (2) Enforcing container image security best practices in CI/CD pipelines, (3) Detecting hardcoded secrets and credentials in container builds, (4) Validating compliance with CIS Docker Benchmark requirements, (5) Integrating shift-left container security into developer workflows, (6) Providing remediation guidance for insecure Dockerfile instructions.
starknet-anonymous-wallet
Create an anonymous Starknet wallet via Typhoon and interact with Starknet contracts. Privacy-focused wallet creation for agents requiring anonymity.