The library
Everything we index — ranked by what works, never by stars.
forSalesMarketingHRFinanceLegalOpsProductEngineeringDataProductivitySupportsetup≤ plug & play≤ + a key≤ multi-tool
● works · ● untested / no effect · ● hurts — every rank is measured against a no-skill baseline
untested★38→untested★38→untested★38→untested★38→untested★17→untested★38→untested★2,144→untested★2,144→untested★32→untested★2,144→untested★84→untested★1→untested★2,144→untested★19→untested★60→untested★2,144→untested★60→untested★2,144→untested★14→untested★20→untested★2,144→untested★43→untested★69→untested★6→untested★13→untested★2,144→untested★13→untested★2,144→untested★41→untested★13→untested★1→untested★13→untested★1→untested★13→untested★1→untested★13→untested★0→untested★2,144→untested★13→untested★13→untested★2,144→untested★2,144→untested★2,144→untested★20→untested★1→untested★2,144→untested★9→untested★1→untested★2,144→untested★9→
Design delightful micro-interactionsskillEngineeringL1
delight · When you need one or two memorable micro-interactions that users would screenshot, not decorative animation.
Improve UI copy clarityskillEngineeringL1
clarify · When every button, error message, empty state, and form hint needs to be verb+object and actionable.
Refine typography and scaleskillEngineeringL1
typeset · When typography is technically correct but hierarchy is invisible — need font choice, modular scale, tracking, and micro-details (tabular-nums, balance, curly quotes).
Strip content to essenceskillEngineeringL1
distill · When UI has redundant elements, excessive color, or competing accents that distract from primary action.
Build Vara Sails blockchain applicationsskillEngineeringL3
vara-skills · When building modular agent workflows where reusable skills reduce duplication and improve testability.
Critique UI hierarchy and clarityskillEngineeringL1
critique · When you need structured feedback on code quality, design consistency, or anti-patterns before shipping.
Identify JWT vulnerabilities in security testsskillEngineeringL2
offensive-jwt · When you need to test JWT security (algorithm compliance, signature verification, expiration handling) in authorized penetration tests.
Test OAuth implementation for attack vectorsskillEngineeringL2
offensive-oauth · Testing OAuth implementations for authorization bypass and token leakage vulnerabilities.
Manage Traefik routing rules via APIskillEngineeringOpsL3
traefik-route-manager · Managing dynamic routing configurations for microservices without manual Traefik config editing.
Execute basic security exploits for testingskillEngineeringL2
offensive-basic-exploitation · Developing and validating exploits for vulnerable software in controlled lab environments.
Build modular Flask applications at scaleskillEngineeringL3
SKILL · Automating workflows for SKILL without manual intervention.
Write tests before implementation codeskillEngineeringL1
tdd · Enforcing test-driven development cycles to catch regressions early and guide design.
Analyze crash dumps for root causesskillEngineeringL2
offensive-crash-analysis · Developing and validating exploits for vulnerable software in controlled lab environments.
Write and test data transformations with SQLMeshskillDataEngineeringL3
sqlmesh · Automating workflows for sqlmesh without manual intervention.
Build styled component UIs with NuxtskillEngineeringL2
nuxt-ui · Automating workflows for nuxt ui without manual intervention.
Apply security mitigations to vulnerabilitiesskillEngineeringL2
offensive-mitigations · Developing and validating exploits for vulnerable software in controlled lab environments.
Build accessible headless Vue componentsskillEngineeringL2
reka-ui · Automating workflows for reka ui without manual intervention.
Exploit race conditions across system layersskillEngineeringL2
offensive-toctou · Developing and validating exploits for vulnerable software in controlled lab environments.
Instrument code for reliable metrics collectionskillEngineeringDataL2
sentry-instrumentation · Automating workflows for sentry instrumentation without manual intervention.
Generate technical diagrams and visualizationsskillProductEngineeringL2
tesserax · Automating workflows for tesserax without manual intervention.
Identify security bugs in code reviewskillEngineeringL1
offensive-bug-identification · Developing and validating exploits for vulnerable software in controlled lab environments.
Build AWS Lambda functions with best practicesskillEngineeringL2
powertools-aws · When writing Lambda functions that need structured logging, distributed tracing, and metrics in production.
Measure test coverage against requirementsskillEngineeringL2
ac-coverage · When you need to verify that acceptance criteria are actually tested before release.
Remote control Compose Desktop UI interactionsskillEngineeringL2
compose-ui-control · When you need to test Compose Desktop UI automatically via HTTP without native frameworks.
Auto-validate and commit code changesskillEngineeringL2
commit · When you need to commit code with automatic service detection and cross-service validation.
Run offensive fuzzing campaignsskillEngineeringL3
offensive-fuzzing · When you need a methodical approach to finding memory vulnerabilities in any target.
Create production hotfix with backmergeskillEngineeringL2
hotfix · When you need a safe prod hotfix with guaranteed backmerge to test and main.
Reference offensive vulnerability classesskillEngineeringL1
offensive-vuln-classes · When learning memory corruption exploit techniques with real CVE case studies.
End-to-end QA test Agent2 agentsskillEngineeringL3
agent-qa · When you need to validate agent behavior and confidence across multiple test cases.
Run validation lint and testsskillEngineeringL2
validate · When you need to quickly check if all affected services pass their lint/format/test rules.
Generate production CRUD REST APIskillEngineeringL2
api-crud-generator · When you need a complete, tested REST API with auth and docs from a single prompt.
Create isolated git worktreeskillEngineeringL2
worktree · When you need isolated branches without stashing or checking out locally.
Generate production CRUD REST APIskillEngineeringL2
api-crud-generator · When you need a complete, tested REST API with auth and docs from a single prompt.
Auto-fix lint and format issuesskillEngineeringL1
fix-lint · When you have lint errors and want automatic fixes before manual intervention.
Gate multi-step output with quality pipelineskillEngineeringL2
micro-pipeline · When building any multi-step output (docs, code, reports) and you need quality gates.
Create properly formatted pull requestskillEngineeringL2
create-pr · When you need to create a PR with automatic base branch detection.
Assess code against Claude Code patternsskillEngineeringL1
what-would-cc-do · When unsure what Claude Code skill to invoke next.
Develop offensive shellcode for securityskillEngineeringL3
offensive-shellcode · When you need robust, testable shellcode with immediate verification.
Review PR in isolated worktreeskillEngineeringL2
review-pr · When you need multi-angle code review (correctness, efficiency, style) with inline comments.
Automate hotfix backmerge flowskillEngineeringL2
backmerge · When releasing a hotfix and need to synchronize prod-test-main in proper order.
Reference Windows security mitigationsskillEngineeringL1
offensive-windows-mitigations · When auditing Windows binary defenses or preparing Week 8 exploit bypass techniques.
Test IoT and embedded device securityskillEngineeringL3
offensive-iot · When assessing smart-home or ICS device security via hardware and firmware analysis.
Penetrate Android and iOS applicationsskillEngineeringL3
offensive-mobile · When auditing mobile app security including deep-links WebView APIs and exported IPC.
Validate types with Zod schemasskillEngineeringL1
zod · When needing runtime type checking tied to static types in form data or API payloads.
Call Codex runtime from Claude CodeskillEngineeringL2
codex-cli-runtime · When delegating complex code repairs to Codex from within Claude Code subagents.
Run offensive OSINT methodologyskillOpsEngineeringL2
offensive-osint-methodology · When teaching or systematizing OSINT workflows to avoid ad-hoc recon drift.
Audit AI agent skills for safety and costskillEngineeringOpsL3
skill-eval · When vetting skills for inclusion in agent harnesses or production use.
Handle Codex output for end usersskillEngineeringL1
codex-result-handling · When consuming Codex outputs in automated Claude Code workflows.
Execute comprehensive OSINT reconnaissanceskillOpsEngineeringL2
offensive-osint · When starting reconnaissance on a target with only name or domain known.
Generate Postman API collection from RailsskillEngineeringL2
SKILL · When onboarding a new skill into a framework or verifying structure.