code-quality
50
sanity-install-rules
Installs Sanity agent rules directly into the local project. Use when setting up a new editor environment.
sanity-io
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
testing
50
testing-coverage
Your approach to handling testing coverage. Use this skill when working on files where testing coverage comes into play.
nanorepublica
testing-security
testing
50
testing-test-writing
Your approach to handling testing test writing. Use this skill when working on files where testing test writing comes into play.
nanorepublica
testing-security
testing
50
testing-unit-tests
Your approach to handling testing unit tests. Use this skill when working on files where testing unit tests comes into play.
nanorepublica
testing-security
code-quality
49
javascript-practices
JS/TS conventions for syntax, modules, and types. Use when writing or reviewing JavaScript/TypeScript code.
eser
testing-security
security
49
owasp-security
Implement secure coding practices following OWASP Top 10. Use when preventing security vulnerabilities, implementing authentication, securing APIs, or conducting security reviews. Triggers on OWASP, security, XSS, SQL injection, CSRF, authentication security, secure coding, vulnerability.
hoodini
testing-security
security
49
security-auditor
Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on file changes. Scans for SQL injection, XSS, secrets exposure, auth issues. Triggers on file changes, security mentions, deployment prep.
jason0x43
testing-security
code-quality
48
code-review
Review frontend code for best practices, bugs, and improvements. Use when reviewing PRs, checking code quality, or before committing.
echoVic
testing-security
security
48
openlark-validation-style
OpenLark Rust SDK 的 feature-crate 参数校验规范(必填校验)。当需要统一/评审 `validate()` 写法,或用户询问 `openlark_core::validate_required`(函数)与 `openlark_core::validate_required!`(宏)的区别、是否需要宏、空白字符串处理等问题时使用。
foxzool
testing-security
code-quality
47
osprey-pre-commit
Validates code before committing. Runs linting, formatting, and tests to catch issues early. Use when ready to commit, before pushing, or when the user asks to run checks, validate, or verify their changes.
als-apg
testing-security
testing
47
playwright
Playwright E2E testing patterns. Trigger: When writing E2E tests - Page Objects, selectors, MCP workflow.
yacosta738
testing-security
security
46
security-ai-keys
Review AI API key leakage patterns and redaction strategies. Use for identifying exposed keys for OpenAI, Anthropic, Gemini, and 10+ other providers. Use proactively when code integrates AI providers or when environment variables/keys are present. Examples: - user: "Check for leaked OpenAI keys" → scan for `sk-` patterns and client-side exposure - user: "Is my Gemini integration secure?" → audit vertex AI config and key redaction - user: "Review AI provider logging" → ensure secrets are redacted from logs - user: "Scan for Anthropic secrets" → check for `ant-` keys in code and configs - user: "Audit Vertex AI integration" → verify proper IAM roles and service account usage
IgorWarzocha
testing-security
security
46
security-convex
Review Convex security audit patterns for authentication and authorization. Use for auditing query/mutation auth, row-level security, and validators. Use proactively when reviewing Convex apps (convex/ directory present). Examples: - user: "Audit these Convex mutations" → check for missing ctx.auth and input validators - user: "Check for IDOR in Convex queries" → verify ownership checks on document access - user: "Review Convex HTTP actions" → check for signature verification on webhooks - user: "Secure these Convex queries" → implement custom functions for enforced auth - user: "Check for data leaks in subscriptions" → verify filtered result sets
IgorWarzocha
testing-security
security
46
convex-auth
Implement Convex authentication and authorization patterns with OIDC providers or Convex Auth. Use for auth provider setup, ctx.auth usage, user identity handling, and auth-aware schema patterns. Use proactively when users mention auth, JWT, Clerk/Auth0/WorkOS, or Convex Auth. Examples: - user: "Add auth to Convex" → choose provider and outline setup - user: "Get current user" → use ctx.auth.getUserIdentity and checks - user: "Service-to-service access" → use shared secret pattern
IgorWarzocha
testing-security
security
46
security-fastapi
Review FastAPI security audit patterns for dependencies and middleware. Use for auditing auth dependencies, CORS configuration, and TrustedHost middleware. Use proactively when reviewing FastAPI apps. Examples: - user: "Audit FastAPI route security" → check for Depends() and Security() usage - user: "Check FastAPI CORS setup" → verify origins when allow_credentials=True - user: "Review FastAPI middleware" → check TrustedHost and HTTPSRedirect config - user: "Secure FastAPI API keys" → move from query params to header schemes - user: "Scan for FastAPI footguns" → check starlette integration and dependency order
IgorWarzocha
testing-security
security
46
security-django
Review Django security audit patterns for settings and middleware. Use for auditing SECRET_KEY, DEBUG, CSRF, and auth decorators. Use proactively when reviewing Django apps (settings.py or manage.py present). Examples: - user: "Audit my Django settings.py" → check SECRET_KEY, DEBUG, and ALLOWED_HOSTS - user: "Check Django views for auth" → verify @login_required and permission classes - user: "Review Django CSRF config" → check middleware and @csrf_exempt usage - user: "Scan for SQL injection in Django" → find raw SQL usage instead of ORM - user: "Audit Django REST framework config" → check default permissions and auth
IgorWarzocha
testing-security
testing
46
strict-enforcement
Use when running claudikins-kernel:verify, checking implementation quality, deciding pass/fail verdicts, or enforcing cross-command gates — requires actual evidence of code working, not just passing tests
elb-pr
testing-security
testing
46
template-generator
Generate workflow templates with coherent node graphs and integration tests
dafthunk-com
testing-security
testing
45
testing-guide
Testing pyramid and test writing standards for UT/IT/ST/E2E. Use when: writing tests, discussing test coverage, test strategy, or test naming. Keywords: test, unit, integration, e2e, coverage, mock, 測試, 單元, 整合, 端對端.
AsiaOstrich
testing-security
testing
44
ln-510-test-planner
Orchestrates test planning pipeline (research → manual → auto tests). Coordinates ln-511, ln-512, ln-513. Invoked by ln-500-story-quality-gate.
levnikolaevich
testing-security
testing
44
ln-500-story-quality-gate
Story-level quality orchestrator. Pass 1: code quality -> regression -> manual testing (fail fast). Pass 2: verify tests/coverage -> mark Story Done. Auto-discovers team/config.
levnikolaevich
testing-security
testing
44
ln-635-test-isolation-auditor
Test Isolation + Anti-Patterns audit worker (L3). Checks isolation (APIs/DB/FS/Time/Random/Network), determinism (flaky, order-dependent), and 6 anti-patterns.
levnikolaevich
testing-security
code-quality
44
moai-foundation-quality
Enterprise code quality orchestrator with TRUST 5 validation, proactive analysis, and automated best practices enforcement
modu-ai
testing-security
code-quality
44
ln-626-dead-code-auditor
Dead code & legacy audit worker (L3). Checks unreachable code, unused imports/variables/functions, commented-out code, backward compatibility shims, deprecated patterns. Returns findings.
levnikolaevich
testing-security