Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
optimization-phase
Validates production readiness through performance benchmarking, accessibility audits, security reviews, and code quality checks. Use after implementation phase completes, before deployment, or when conducting quality gates for features. (project)
test-staging-branch
A comprehensive guide for automated end-to-end testing of Vercel preview deployments using Chrome automation with Gmail OTP login, featuring token-efficient patterns and security best practices.
postgres-pro
A specialized PostgreSQL database expert that handles administration, performance tuning, replication, and backups. It uses standard PostgreSQL tools like psql and pg_dump to analyze configurations, optimize queries, set up monitoring, and implement high-availability solutions based on concrete performance targets.
penetration-tester
A security testing tool that integrates nmap, metasploit, burpsuite, and other penetration testing utilities. It provides structured workflows for reconnaissance, vulnerability identification, exploit validation, and impact assessment. Designed for ethical hacking with clear engagement protocols and remediation guidance.
multi-cloud-architecture
Provides a decision framework and patterns for designing applications across AWS, Azure, and GCP. Includes service comparison tables, multi-cloud patterns, cost optimization strategies, and migration phases. Helps avoid vendor lock-in and select best-of-breed services.
moai-foundation-quality
Enterprise code quality orchestrator that validates code against TRUST 5 framework (Testable, Readable, Unified, Secured, Trackable). Provides proactive analysis, automated best practices enforcement, and integrates with CI/CD pipelines. Supports 25+ programming languages with Context7 integration for real-time standards validation.
wheels-auth-generator
Generates basic authentication components for ColdFusion Wheels framework including user model with email validation and password hashing, sessions controller for login/logout, and authentication filter. Provides working code snippets but uses SHA-512 instead of bcrypt as advertised.
aws-sdk-java-v2-lambda
Provides concrete Java code examples for AWS Lambda operations using SDK v2, covering invocation patterns, function management, Spring Boot integration, and error handling. Includes synchronous/asynchronous calls, typed responses, and configuration examples.
building-with-dapr
Provides detailed guidance for building Dapr-based microservices, covering sidecar architecture, building blocks, actors, and workflows. Includes concrete code examples for service invocation, state management, pub/sub, and error handling. Clearly defines when to use and when to avoid this approach.
route-tester
Test authenticated routes in the your project using cookie-based authentication. Use this skill when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for using test-auth-route.js and mock authentication.
ffuf-web-fuzzing
Provides detailed guidance for using ffuf web fuzzer in penetration testing, covering installation, core concepts, common use cases, filtering strategies, and troubleshooting. Includes helper scripts for result analysis and request template creation. Emphasizes auto-calibration to reduce false positives and authenticated fuzzing techniques.
k8s-security-policies
Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards.
compliance-auditor
This skill automates compliance auditing for major regulations like GDPR, HIPAA, and PCI DSS by integrating tools like Prowler and Checkov. It provides structured workflows for gap analysis, evidence collection, and reporting, reducing manual audit preparation time from months to weeks.
proof-composer
Validates entire engineering proof chain. Verifies architecture, backend maps, backend code, standardization, frontend types, infrastructure topology all compose correctly. This is the final DEPLOYMENT GATE - deployment blocked if proof chain invalid. Use when engineering thread completes all actions.
moai-lang-typescript
This skill provides detailed guidance for TypeScript 5.9+ development with React 19 and Next.js 16. It covers modern patterns like satisfies operator, deferred modules, server components, and type-safe APIs with tRPC. Includes practical examples for testing, environment setup, and deployment configurations.
cross-platform-guardian
This skill audits dotfiles repositories for cross-platform compatibility issues across macOS and Linux. It scans for hardcoded paths, platform-specific assumptions, and missing architecture support in Nix flakes. Provides concrete fixes and includes test scripts to verify builds work on all target systems.
moai-lang-javascript
A specialized JavaScript development assistant covering ES2024+ features, Node.js 22 LTS, Bun, Deno, and modern tooling like Vitest and ESLint 9. Provides ready-to-use code examples for backend frameworks (Express, Fastify, Hono), testing patterns, and deployment configurations including Docker.
Vercel CLI Management
This skill provides a comprehensive reference for Vercel CLI commands covering deployment, environment variable management, log viewing, and cron job configuration. It includes practical examples for common workflows like fixing failed deployments and monitoring applications.
plugin-lifecycle
Manages complete audio plugin lifecycle on macOS with four workflow modes: installation, uninstallation, reset to ideation, and destructive removal. Handles system folder deployment, permission management, cache clearing, and state tracking via PLUGINS.md. Provides interactive menu and supports automated workflows.
npm-trusted-publishing
Provides step-by-step guidance for setting up npm package publishing using GitHub Actions OIDC authentication instead of long-lived tokens. Includes workflow examples, common troubleshooting, and monorepo configuration details.
moai-platform-vercel
This skill provides detailed guidance for deploying Next.js applications on Vercel, covering Edge Functions, ISR caching, storage solutions, and GitHub Actions workflows. It includes concrete code examples for common patterns like rate limiting, image optimization, and database pagination. The modular structure helps users find specific configuration topics efficiently.
building-with-kafka-strimzi
Provides concrete guidance for deploying Apache Kafka on Kubernetes using Strimzi operator, including KRaft mode configuration, Python client examples with confluent-kafka, and transactional patterns. Covers practical scenarios like FastAPI integration and delivery guarantees.
payment-integration
This skill provides structured guidance for integrating multiple payment gateways (Stripe, PayPal, Square, Razorpay, Braintree) with a strong focus on PCI compliance, fraud prevention, and multi-currency support. It outlines implementation phases, security requirements, and error handling patterns for building reliable payment systems.
clerk-auth
Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.