Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
postmortem
Blameless post-mortem incident analysis with timeline, root cause, and action items. Use after outages, security incidents, project failures, or any event you want to prevent recurring.
redteam
Red team adversarial analysis to find weaknesses, vulnerabilities, and failure modes. Use before launches, for security review, or when a plan feels too perfect.
Supabase Developer
Build full-stack applications with Supabase (PostgreSQL, Auth, Storage, Real-time, Edge Functions). Use when implementing authentication, database design with RLS, file storage, real-time features, or serverless functions.
auth
Imported from https://github.com/gemini-oss/rego.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
deployment-rollback
Imported from https://github.com/turbobeest/squawk.
Pulumi Troubleshooting Expert
Comprehensive guide to troubleshooting Pulumi TypeScript errors, infrastructure issues, and best practices - covers common errors, Outputs handling, AWS Beanstalk deployment, and cost optimization
moai-security-ssrf
Imported from https://github.com/dolsoon/my-awesome-project.
moai-security-auth
Imported from https://github.com/dolsoon/my-awesome-project.
ccs-delegation
Auto-activate CCS CLI delegation for deterministic tasks. Parses user input, auto-selects optimal profile (glm/kimi/custom) from ~/.ccs/config.json, enhances prompts with context, executes via `ccs {profile} -p "task"` or `ccs {profile}:continue`, and reports results. Triggers on "use ccs [task]" patterns, typo/test/refactor keywords. Excludes complex architecture, security-critical code, performance optimization, breaking changes.
sagebase-commands
Provides quick reference for all Sagebase CLI commands and Docker operations. Activates when user asks how to run application, test, format code, manage database, or execute any Sagebase operation. Includes just commands, unified CLI, testing, formatting, and database management.
security-audit
Comprehensive security audit workflow including dependency scanning, unsafe code detection, and secret management. Use when scanning for vulnerabilities or before production deployment.
security-auditor
Security auditing with OWASP Top 10 2025 compliance and vulnerability detection
better-auth
Better Auth authentication framework patterns for Next.js. Use when implementing user authentication, JWT tokens, session management, or OAuth integration for the Todo frontend.
reviewing-server-actions
Review Server Actions for security, validation, and best practices in React 19. Use when reviewing forms, mutations, or server-side logic.
debug-firewall
Debug the AWF firewall by inspecting Docker containers (awf-squid, awf-agent), analyzing Squid access logs, checking iptables rules, and troubleshooting blocked domains or network issues.
tzurot-deployment
Contains MANDATORY Railway deployment procedures for Tzurot v3. MUST be consulted before deploying, running migrations, or debugging production. Covers service management, log analysis, and health checks.
dev-rc
Release candidate preparation. Final checks before merge - QA, security, review, changelog. The last gate before shipping.
senior-secops
Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices. Includes security scanning, vulnerability assessment, compliance checking, and security automation. Use when implementing security controls, conducting security audits, responding to vulnerabilities, or ensuring compliance requirements.
dev-security
Security audit with Sentinel. Checks for vulnerabilities, secrets, dependencies, and security best practices. Use before shipping or when working on auth/crypto/sensitive areas.
shared-setup-patterns
Shared configuration patterns for project setup commands. Provides security hooks, Claude framework structure templates, and framework detection patterns used across multiple setup commands.
moai-domain-devops
CI/CD pipelines, Docker 27, Kubernetes 1.32, and infrastructure as code.
psp-monorepo-project
Setup personal web app with pnpm workspace monorepo structure deployable to Cloudflare. Use when starting a new personal project.
cicd-pipeline-architecture
Use when setting up CI/CD pipelines, experiencing deployment failures, slow feedback loops, or production incidents after deployment - provides deployment strategies, test gates, rollback mechanisms, and environment promotion patterns to prevent downtime and enable safe continuous delivery