code-quality
7
security-audit
Perform a meticulous deep code audit covering Security, Logic, Completeness, and Quality. Manual analysis for critical systems.
JStaRFilms
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
code-quality
7
output-style-governance
Validate and govern output-style manifests under output-styles in the user workspace.
CsHeng
testing-security
code-quality
7
code-review
Conduct thorough, constructive code reviews for quality and security. Use when reviewing pull requests, checking code quality, identifying bugs, or auditing security. Handles best practices, SOLID principles, security vulnerabilities, performance analysis, and testing coverage.
supercent-io
testing-security
code-quality
7
prime-agent
Load project context including coding guidelines, styling rules, and folder structure before starting work.
JStaRFilms
testing-security
code-quality
7
check-secrets
Scan the codebase for potential secret leaks including API keys, tokens, passwords, hardcoded project IDs, and sensitive identifiers. Use when the user says "check for secrets", "scan for leaks", "security check", or before committing sensitive changes.
nozomi-koborinai
testing-security
code-quality
7
pyright-type-checker
Pyright fast Python type checker from Microsoft with VS Code integration and strict type checking modes
bobmatnyc
testing-security
code-quality
7
code-hardcode-audit
Detects hardcoded values, magic numbers, duplicate constants, and leaked secrets using Ruff, Semgrep, jscpd, and gitleaks. Use when auditing for hardcodes, magic numbers, PLR2004, constant detection, secret scanning, or before release.
terrylica
testing-security
code-quality
7
lint-markdown
Execute markdown validation with taxonomy-based classification and custom rules. Use when validating markdown compliance with LLM-facing writing standards or when generating structured validation reports.
CsHeng
testing-security
code-quality
7
rules-manager
Manages practice rules. Use when user states a preference or approach, or asks to add/modify rules for coding, architecture, tooling, or best practices.
fturkyilmaz
testing-security
code-quality
7
code-review
Run J-Star code review on staged changes. Analyze, fix P0/P1 issues, and iterate until clean.
JStaRFilms
testing-security
code-quality
7
semantic-reviewer
Review integrated code for semantic and design issues. Use after merging task branches to detect inconsistencies. Triggers on: review integration, semantic review, check design consistency.
frizynn
testing-security
code-quality
7
pre-review-gate
Run the local "ready for review" gate before asking for human review or opening a PR. Use to (1) run the repo’s lint/typecheck/tests (prefer the same commands CI runs), then (2) run `codex review` as a final automated review pass, and optionally (3) run CodeRabbit CLI (`coderabbit --prompt-only`) to catch additional issues and reduce GitHub Actions feedback loops.
rbright
testing-security
code-quality
7
code-review
Comprehensive code review for commits and pull requests. Covers security, TDD, code quality, and documentation standards.
ilandahan
testing-security
code-quality
7
tzurot-code-quality
Use when fixing lint warnings, refactoring complex functions, or understanding ESLint rules. Covers complexity limits, refactoring patterns, and when to suppress rules.
lbds137
testing-security
code-quality
7
code-comment-guidelines
Code comment guidelines based on industry best practices. Use when reviewing code, writing new code, or when asked about comment quality. Applies to all languages but specializes in TypeScript/JavaScript. Enforces "JSDoc for public APIs only, no redundant comments" principle. Automatically suggests comment additions, removals, or refactoring alternatives.
hiro0218
testing-security
security
7
secret-adapters
Secret management integration (密鑰管理整合). Use when working with HashiCorp Vault, credential management, or secure configuration. Covers secret storage (密鑰儲存), key management (金鑰管理), NestJS integration, online/offline modes, and automatic token renewal. Keywords: 密鑰, 機密, 金鑰, 秘密管理, secret, vault, credential, key management, HashiCorp, token, 環境變數, configuration
Rytass
testing-security
security
7
firebase-developmentvalidate
This skill should be used when reviewing Firebase code against security model and best practices. Triggers on "review firebase", "check firebase", "validate", "audit firebase", "security review", "look at firebase code". Validates configuration, rules, architecture, and security.
2389-research
testing-security
security
7
owasp-top-10
OWASP Top 10 security vulnerabilities with detection and remediation patterns. Use when conducting security audits, implementing secure coding practices, or reviewing code for common security vulnerabilities.
NickCrew
testing-security
security
7
better-auth-plugins
Better Auth plugin system for TypeScript. Use when adding advanced auth features (2FA, magic link, passkey, username, JWT, organizations) via server and client plugins.
bobmatnyc
testing-security
security
7
authentication-setup
Design and implement authentication and authorization systems. Use when setting up user login, JWT tokens, OAuth, session management, or role-based access control. Handles password security, token management, SSO integration.
supercent-io
testing-security
security
7
presidio-pii-specialist
Microsoft Presidio PII detection API for Vigil Guard v2.0.0. Use for dual-language PII (Polish + English), spaCy models, entity deduplication, custom recognizers (PESEL, NIP, REGON), integration with 3-branch detection, and performance optimization.
tbartel74
testing-security
security
7
better-auth-core
Better Auth core setup for TypeScript apps. Use when configuring the Better Auth instance, wiring server handlers and client instances, working with sessions, or calling server-side auth APIs.
bobmatnyc
testing-security