SKILL.md packages that extend Claude Code, Cursor, Copilot, and other AI agents.
Tags

ai-helpers
Run a six-specialist reviewer panel on an Architectural Decision Record (ADR) and produce a consolidated PDF report and PPTX slide deck to surface risks, recomm

orchestkit
Deep pull-request code review using parallel specialized agents (quality, security, tests, architecture, performance) and synthesized review reports for approve

xianzhi-research
A structured vulnerability research framework distilled from 5600+ security docs, covering web injection, deserialization, binary exploitation, domain pentest,

vibe-check
Present fixable issues from a vibe-check assessment and apply agent-assisted fixes only after explicit user approval.

EloPhanto (React agent)
Opinionated Solana dApp and program development skill: wallet UX, Anchor/Pinocchio programs, testing (LiteSVM/Surfpool), and migration/security checklists for p

claude-code-workflows
Opinionated, language-agnostic principles for writing maintainable, readable, and secure code — use when implementing features, refactoring, or reviewing code q

skillshub
Guidelines and CLI recipes for safely adding, upgrading, auditing and managing Go dependencies, including govulncheck, go.mod practices, vendoring, and automate

agent-skills-standard
Opinionated REST API design conventions: HTTP verbs, status codes, URL patterns, versioning, pagination, and OpenAPI requirements for reliable, versioned APIs.

scv-scan
Audit Solidity smart contract codebases for security vulnerabilities using a structured cheatsheet-driven sweep and selective deep validation, producing severit

CTF Skills Collection
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

skills
Returns docs-grounded guidance and exact GitHub docs links for writing, explaining, migrating, securing, or troubleshooting GitHub Actions workflows.

ethskills
Practical guide and patterns for smart contract tests using Foundry: unit tests, fuzzing, fork tests, and invariants to catch economic and integration bugs.

agent-toolkit-for-aws
Verified corrections and edge-case guidance for AWS IAM, STS, Organizations, SAML, and policy evaluation to avoid common authorization mistakes.

claude-code-blueprint
Run a comprehensive, multi-agent code review that covers quality, security, and database concerns and synthesises a severity-ranked findings table.

crucible
Adversarial review skill: iteratively attack artifacts (designs, plans, code, docs) and surface fatal/significant issues until clean or escalation.

claude-code-templates
Guides creating Hookify rule files (.claude/hookify.*.local.md) to detect patterns (dangerous commands, secrets, debug logs) and show warnings or block actions.

prompts
Orchestrates a three-phase adversarial code review (Hunter, Skeptic, Referee) to find, challenge, and verify bugs with high precision and reduced bias.

vgv-ai-flutter-plugin
Audit Dart/Flutter project dependencies for license compliance using the Very Good CLI; flags unknown or copyleft licenses and produces a structured compliance

agent-toolkit-for-aws
Verified guidance on AWS IAM edge-cases, pitfalls, and gotchas for agents working with roles, policies, STS, Organizations, and SAML/MFA.

CTF Skills Collection
Reference of cryptographic attack techniques and tools for CTF challenges (RSA, AES, ECC, lattices, PRNGs, padding oracles, and more).

springboot-skills-marketplace
Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

terrashark
Diagnose and fix Terraform/OpenTofu failure modes (identity churn, secret exposure, blast radius, CI drift, compliance gaps) and generate risk-controlled remedi

clawsec
Automated, multi-engine vulnerability scanner for agent platforms that runs dependency scans, SAST, CVE enrichment and agent-specific DAST harnesses to surface

opentelemetry-skill
Expert OpenTelemetry observability skill for designing collectors, pipelines, sampling, cardinality management, security, and production-ready deployment patter

code-audit
Perform professional code security audits across 9 languages with configurable quick/standard/deep modes and Docker-backed verification.

agent-skills
Infrastructure provisioning agent: designs Terraform/OpenTofu/Pulumi IaC, local dev stacks (Docker Compose), state strategy, and security/cost best practices fo

code-mode-skill
Add a sandboxed code mode tool to an MCP server so LLMs run small processing scripts against large API responses and only the script output enters the model con

claude-skill-registry
Expert guidance for writing, testing, and auditing Aiken smart contracts for Cardano, including validator patterns, testing practices, and off-chain MeshJS inte

claude-code-handbook
Guidelines and patterns for building robust REST APIs: correct HTTP status codes, RFC 7807 error responses, validation, sanitization, rate limiting, and central

claude-bughunter
A five-phase bug-hunting workflow and critical-thinking playbook that orients security hunting sessions, maps steps from recon to report, and enforces quality g