The library
Everything we index — ranked by what works, never by stars.
forSalesMarketingHRFinanceLegalOpsProductEngineeringDataProductivitySupportsetup≤ plug & play≤ + a key≤ multi-tool
WORKS 48★12WORKS 48★15WORKS 48★7WORKS 48★2,144WORKS 48★2,144WORKS 48★2,144WORKS 48★2,144WORKS 48★2,144WORKS 48★2,144WORKS 48★2,144WORKS 48★2,094WORKS 48★4WORKS 48★2,096WORKS 48★10WORKS 48★7WORKS 48★2,333WORKS 48★2,052WORKS 48★392WORKS 48★381WORKS 48★3WORKS 48★0WORKS 48★0WORKS 48★381WORKS 48★381WORKS 48★0WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,275WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★1,791WORKS 48★145WORKS 48★1,791WORKS 42★19WORKS 49★1,791WORKS 44★1,791WORKS 48★1,791WORKS 44★1,791WORKS 43★1,791WORKS 48★82WORKS 42★1,791WORKS 48★46WORKS 45★1,791WORKS 48★1,791
Track Discord channel memoryskillOpsL2
discord-channel-memory · Maintaining agent memory across 3+ Discord channels without loading full history at session start
Manage media library with *arr stackskillOpsL3
media · Media Management (\*arr Stack) Skill
Decrypt WeChat backup databasesskillOpsL3
wx-backup-decrypt · Decrypt and extract WeChat backup database (
Penetration Test Wireless NetworksskillOpsL3
offensive-wifi · Red-team wireless assessments where authorized testing of WPA/WPA2/WPA3 PSK, EAP, or WPS security is needed.
Audit Enterprise WiFi SecurityskillOpsL3
offensive-wpa-enterprise · Corporate Wi-Fi engagements where 802.1X authentication is used and client cert validation is lax (BYOD, unmanaged devices).
Crack WiFi Passwords with GPUskillOpsL3
offensive-wpa2-psk · WPA2-PSK (pre-shared key) network cracking where offline dictionary attack is faster than online brute-force.
Test WPA3 Network DefensesskillOpsL3
offensive-wpa3-sae · Red-team testing of WPA3-transitional deployments on older access points or research into SAE side-channel vulnerabilities.
Exploit WiFi Protected SetupskillOpsL3
offensive-wps · Legacy or consumer-grade AP WPS vulnerability assessment when offline Pixie Dust is available (quick PIN recovery).
Secure Z-Wave Smart DevicesskillOpsL3
offensive-z-wave · Physical security assessment of Z-Wave smart home deployments on unencrypted networks (S0) or with recovered S2 keys.
Test IoT Mesh Network SecurityskillOpsL3
offensive-zigbee-thread-matter · Zigbee mesh network assessment on unencrypted networks or with recovered keys; Thread/Matter networks mainly for architecture testing.
Manage French condominium portfoliosskillOpsL2
syndic · coordinating French apartment building administration
Configure VoiceMode permissionsskillOpsL1
2603-permissions_2c281257 · When you need to configure tool access without constant prompts.
Set up web novel writing environmentskillOpsL2
story-setup · When deploying a complete writing environment with agents and hooks.
Document solved problems for team knowledgeskillOpsL1
compound · When capturing solutions to reduce repeated debugging and knowledge loss.
Diagnose computer performance issuesskillOpsL2
computer-diagnosis · Troubleshooting system performance issues with actionable remediation.
Upgrade SalesLoft API versionsskillOpsEngineeringL2
salesloft-upgrade-migration · Sales teams upgrading SalesLoft integration without losing historical data.
Manage multi-session project memoryskillOpsProductL1
memory-management · Systems requiring cache efficiency and memory leak prevention under load.
Define document template custom fieldsskillEngineeringOpsL2
fantasia-template-custom-fields · Template design when typed custom fields with orphan retention avoid data loss.
Bootstrap and verify Linux VMsskillEngineeringOpsL3
vm-bootstrap · VM setup when IaC templates and automated provisioning reduce manual overhead.
Generate project asset catalogskillOpsProductL2
generate-catalog · Catalog generation when templating beats manual page creation at scale.
Analyze document library health and maintenanceskillOpsL1
content-analyst · Library governance when actual document state analysis informs feature prioritization.
Refine OpenSpec proposals for completenessskillOpsL1
linear-iterate-on-plan · Technical planning when proposal quality gates improve before approval.
Automate GitHub issue triage and labelingskillOpsL2
ai-assisted-operations · GitHub issue triage at scale when AI summarization and tagging reduce manual work.
Assemble deep research handoff bundlesskillOpsL3
research-handoff-oracle · Team collaboration when research handoff to another LLM agent preserves context.
Audit contact cadence with teamskillOpsL2
people-audit · Teams tracking hundreds of contacts who need to know which relationships are stale before reaching out.
Exploit LDAP injection vulnerabilitiesskillEngineeringOpsL3
hunt-ldap · Penetrating directory-backed authentication systems.
Hunt and exploit local file inclusionskillEngineeringOpsL3
hunt-lfi · Extracting secrets via path traversal and filter chains.
Identify and exploit MFA bypass patternsskillOpsEngineeringL3
hunt-mfa-bypass · Hunting account takeover chains where MFA enforcement is incomplete or bypassable.
Hunt miscellaneous application vulnerabilitiesskillEngineeringOpsL3
hunt-misc · Discovering account boundary violations in multi-tenant SaaS with role-based access.
Hunt Next.js framework vulnerabilitiesskillEngineeringOpsL3
hunt-nextjs · Bypassing Server Actions auth or exploiting Image Optimizer SSRF on Next.js hosts.
Hunt Node.js code injection vulnerabilitiesskillEngineeringOpsL3
hunt-nodejs · Chaining prototype pollution to RCE on Express apps with unsafe merge operations.
Allocate inventory across fulfillment channelsskillOpsL3
omnichannel-fulfillment-allocator · Minimizing fulfillment cost per order in multi-warehouse, multi-channel retail.
Detect NoSQL injection and auth bypassesskillEngineeringOpsL3
hunt-nosqli · Extracting data from NoSQL services when parametrized queries are not used.
Hunt NTLM information disclosure on WindowsskillOpsEngineeringL2
hunt-ntlm-info · Lateral movement in Windows domains when Kerberos is unavailable.
Hunt OAuth security vulnerabilitiesskillEngineeringOpsL3
hunt-oauth · Stealing user sessions or escalating privileges via OAuth flow manipulation.
Find and chain open redirect vulnerabilitiesskillEngineeringOpsL3
hunt-open-redirect · Creating low-friction phishing links when the target's own domain is trusted.
Hunt race conditions in web applicationsskillEngineeringOpsL3
hunt-race-condition · Bypassing single-use limits (OTP, tokens) via parallel submission before invalidation.
Audit artifact skills for complianceskillOpsL2
skill-usage-audit · Verifying governance compliance across codebases without manual file inspection.
Detect SAML and SSO attacksskillLegalOpsL1
hunt-saml · Discovering saml vulnerabilities when generic scanners miss domain-specific chains.
Audit documentation freshness and accuracyskillOpsProductL1
compound-agent-doc-gardener · Orchestrating multi-step task flows with guaranteed validation and tracking.
Find session management vulnerabilitiesskillLegalOpsL1
hunt-session · Discovering session vulnerabilities when generic scanners miss domain-specific chains.
Audit Microsoft SharePoint farmsskillLegalOpsL1
hunt-sharepoint · Discovering sharepoint vulnerabilities when generic scanners miss domain-specific chains.
Hunt source code and build leaksskillLegalOpsL1
hunt-source-leak · Discovering source leak vulnerabilities when generic scanners miss domain-specific chains.
Detect SQL injection vulnerabilitiesskillLegalOpsL1
hunt-sqli · Discovering sqli vulnerabilities when generic scanners miss domain-specific chains.
Identify SSRF attack vectorsskillLegalOpsL1
hunt-ssrf · Discovering ssrf vulnerabilities when generic scanners miss domain-specific chains.
Upgrade dependencies safelyskillEngineeringOpsL1
upgrade-deps · Implementing upgrade deps workflows that require automation.
Hunt server-side template injectionskillLegalOpsL1
hunt-ssti · Discovering ssti vulnerabilities when generic scanners miss domain-specific chains.
Build industrial control protocolsskillEngineeringOpsL2
industrial · Implementing industrial workflows that require automation.
Detect subdomain takeover risksskillLegalOpsL1
hunt-subdomain · Discovering subdomain vulnerabilities when generic scanners miss domain-specific chains.
Audit TLS and DNS misconfigurationsskillLegalOpsL1
hunt-tls-network · Discovering tls network vulnerabilities when generic scanners miss domain-specific chains.