Implement Firecrawl scraping policy enforcement: domain blocklists, credit budgets, content filtering, and robots.txt compliance guardrails. Use when setting up scraping policies, enforcing crawl limits, or preventing accidental scraping of prohibited domains. Trigger with phrases like "firecrawl policy", "firecrawl guardrails", "firecrawl domain blocklist", "firecrawl scraping rules", "firecrawl compliance".
Avoid the top Replit anti-patterns: ephemeral filesystem, public secrets, port binding, Nix gotchas, and database limits. Use when reviewing Replit code, onboarding developers, or auditing existing Replit apps for common mistakes. Trigger with phrases like "replit mistakes", "replit anti-patterns", "replit pitfalls", "replit what not to do", "replit code review".
Manage incident response for Clerk authentication issues. Use when handling auth outages, security incidents, or production authentication problems. Trigger with phrases like "clerk incident", "clerk outage", "clerk down", "auth not working", "clerk emergency".
Detect env secret detector operations. Auto-activating skill for Security Fundamentals. Triggers on: env secret detector, env secret detector Part of the Security Fundamentals skill category. Use when working with env secret detector functionality. Trigger with phrases like "env secret detector", "env detector", "env".
Set up Clay account access, API keys, webhook URLs, and provider connections. Use when onboarding to Clay, connecting data providers, configuring API keys, or setting up webhook endpoints for programmatic data flow. Trigger with phrases like "install clay", "setup clay", "clay auth", "configure clay API key", "connect clay providers".
Apply Juicebox security best practices. Trigger: "juicebox security", "juicebox api key security".
Apply Apollo.io API security best practices. Use when securing Apollo integrations, managing API keys, or implementing secure data handling. Trigger with phrases like "apollo security", "secure apollo api", "apollo api key security", "apollo data protection".
Configure oauth client setup operations. Auto-activating skill for API Integration. Triggers on: oauth client setup, oauth client setup Part of the API Integration skill category. Use when working with oauth client setup functionality. Trigger with phrases like "oauth client setup", "oauth setup", "oauth".
Build Windsurf extensions and integrate with VS Code extension API events. Use when building custom Windsurf extensions, tracking editor events, or integrating Windsurf with external tools via extension development. Trigger with phrases like "windsurf extension", "windsurf events", "windsurf plugin", "build windsurf extension", "windsurf API".
Set up Instantly.ai API v2 authentication and project configuration. Use when creating a new Instantly integration, generating API keys, or configuring environment variables for the Instantly outreach platform. Trigger with phrases like "install instantly", "setup instantly", "instantly auth", "configure instantly API key", "instantly credentials".
Apply Ideogram security best practices for API key management and access control. Use when securing API keys, implementing key rotation, or auditing Ideogram security configuration. Trigger with phrases like "ideogram security", "ideogram secrets", "secure ideogram", "ideogram API key security", "ideogram key rotation".
Execute this skill enables AI assistant to manage and monitor ssl/tls certificates using the ssl-certificate-manager plugin. it is activated when the user requests actions related to ssl certificates, such as checking certificate expiry, renewing certificates, ... Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.
Set up OpenRouter API authentication and configure API keys. Use when starting a new OpenRouter integration, rotating keys, or troubleshooting auth issues. Triggers: 'openrouter setup', 'openrouter api key', 'configure openrouter auth', 'sk-or key'.
Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.
Check HIPAA compliance for healthcare data security requirements. Use when auditing healthcare applications. Trigger with 'check HIPAA compliance', 'validate health data security', or 'audit PHI protection'.
Configure with oauth2 flow helper operations. Auto-activating skill for Security Fundamentals. Triggers on: oauth2 flow helper, oauth2 flow helper Part of the Security Fundamentals skill category. Use when working with oauth2 flow helper functionality. Trigger with phrases like "oauth2 flow helper", "oauth2 helper", "oauth2".
Install and configure Linear SDK/CLI authentication. Use when setting up a new Linear integration, configuring API keys, OAuth2 flows, or initializing LinearClient in your project. Trigger: "install linear", "setup linear", "linear auth", "configure linear API key", "linear SDK setup", "linear OAuth".
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
Implement CodeRabbit PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for CodeRabbit integrations. Trigger with phrases like "coderabbit data", "coderabbit PII", "coderabbit GDPR", "coderabbit data retention", "coderabbit privacy", "coderabbit CCPA".
Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.
Implement security best practices with Clerk authentication. Use when securing your application, reviewing auth implementation, or hardening Clerk configuration. Trigger with phrases like "clerk security", "secure clerk", "clerk best practices", "clerk hardening".
Validate CORS policies for security issues and misconfigurations. Use when reviewing cross-origin resource sharing. Trigger with 'validate CORS', 'check CORS policy', or 'review cross-origin'.
Configure enterprise SSO integration for Windsurf. Activate when users mention "sso configuration", "single sign-on", "enterprise authentication", "saml setup", or "identity provider". Handles enterprise identity integration. Use when working with windsurf enterprise sso functionality. Trigger with phrases like "windsurf enterprise sso", "windsurf sso", "windsurf".
Secure API key management, OAuth best practices, and webhook verification for Linear integrations. Trigger: "linear security", "linear API key security", "linear OAuth", "secure linear", "linear webhook verification", "linear secrets management", "linear token refresh".
