بنقرة واحدة
skills-validator
يحتوي skills-validator على 30 من skills المجمعة من moutons، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.
Skills في هذا المستودع
A skill that contains a binary file for testing detection.
Skill with a broken reference for testing.
Skill with circular references for testing.
Skill with unreferenced files for testing.
A skill with a very long content body to test parser performance with large files.
A skill with unicode characters in the description and content. Tests parser handling of émoji 🚀, 中文, العربية, and other unicode.
This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.
Automatically extract reusable patterns from Claude Code sessions and save them as learned skills for future use.
Instinct-based learning system that observes sessions via hooks, creates atomic instincts with confidence scoring, and evolves them into skills/commands/agents.
Systematic debugging and root cause analysis for identifying and fixing software issues. Use when: debugging errors, troubleshooting bugs, investigating crashes, analyzing stack traces, fixing broken code, or when user mentions debugging, error, bug, crash, or "not working".
Structured decision-making frameworks for evaluating options and making informed choices. Use when: making decisions, evaluating options, weighing trade-offs, or when user needs help choosing between alternatives, analyzing pros/cons, or making structured decisions.
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.
Modern web development expertise covering React, Node.js, databases, and full-stack architecture. Use when: building web applications, developing APIs, creating frontends, setting up databases, deploying web apps, or when user mentions React, Next.js, Express, REST API, GraphQL, MongoDB, PostgreSQL, or full-stack development.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Universal coding standards, best practices, and patterns for TypeScript, JavaScript, React, and Node.js development.
Idiomatic Go patterns, best practices, and conventions for building robust, efficient, and maintainable Go applications.
Go testing patterns including table-driven tests, subtests, benchmarks, fuzzing, and test coverage. Follows TDD methodology with idiomatic Go practices.
Pythonic idioms, PEP 8 standards, type hints, and best practices for building robust, efficient, and maintainable Python applications.
This skill should be used when the user asks to "analyze network traffic with Wireshark", "capture packets for troubleshooting", "filter PCAP files", "follow TCP/UDP streams", "detect network anomalies", "investigate suspicious traffic", or "perform protocol analysis". It provides comprehensive techniques for network packet capture, filtering, and analysis using Wireshark.
Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Trigger only when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do not trigger for general maintainer lists or non-security ownership questions.
Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work.
Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.
A skill with present but empty optional fields to test validation behavior.
This skill has a name that violates naming rules (contains spaces and uppercase)
This has broken TOML syntax with unclosed brackets and bad quotes
This skill has valid required fields but unknown optional fields
A test skill for validation
Another test skill (duplicate) for duplicate detection testing
Test skill with invalid name
A valid test skill