jswortz
36 verified skills36 total stars
a2a
Build multi-agent systems using Google ADK with A2A protocol, deployed on Agent Engine. Use when creating agents that communicate via A2A, building multi-tier agent hierarchies, connecting ADK agents with RemoteA2aAgent, exposing agents with to_a2a(), or deploying agent stacks to Vertex AI Agent Engine. Covers leaf agents with tools, functional agents that delegate, orchestrators that route, local testing with uvicorn, and phased cloud deployment.
tools1
adk
Build AI agents using Google's Agent Development Kit (ADK). Use when creating LLM agents with tools, building workflow agents (Sequential, Parallel, Loop), composing multi-agent systems, or developing custom agents. Covers agent creation patterns, function tools, agent configuration, session management, and running agents locally with CLI or web interface.
tools1
agent-engine
Deploy and manage AI agents on Vertex AI Agent Engine. Use when deploying ADK agents to production, configuring Agent Engine runtime, managing deployed agents, setting up sessions and memory, or integrating with A2A protocol. Covers deployment from agent objects and source files, environment configuration, scaling, sessions, memory bank, and agent management operations.
devops1
agents
Contains documentation, role definitions, and workflow guidelines for various specialized sub-agents. Use this skill when you need information on how specific agents (e.g., adk-agent-engine, frontend-dev, qa-engineer) should operate or be utilized.
development1
agile
Sprint-based agile development with parallel agent execution. Use when the user wants to run an agile sprint, plan sprint work, conduct standups, run retrospectives, manage a backlog, estimate story points, track velocity, or coordinate parallel development across multiple agents acting as Scrum team roles (Scrum Master, Product Owner, Tech Lead, Frontend Dev, Backend Dev, QA Engineer). Also use when the user mentions sprints, user stories, acceptance criteria, definition of done, kanban, or SAFe. Triggers on: 'run a sprint', 'sprint planning', 'standup', 'retrospective', 'backlog grooming', 'agile workflow', 'scrum team'.
development1
ask-questions-if-underspecified
Clarify requirements before implementing. Use when serious doubts araise.
testing1
audit-context-building
Use to build deep architectural context through granular code analysis before vulnerability hunting or security auditing.
development1
audit-prep-assistant
Prepare your codebase for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates comprehensive documentation (flowcharts, user stories, inline comments). (project, gitignored)
tools1
autoresearch
Autonomous research loop inspired by karpathy/autoresearch. Iteratively modify a target file (config, prompt, code), run an experiment with a fixed evaluation metric, keep improvements, discard regressions, and log everything to a TSV. Use when optimizing prompts, tuning hyperparameters, evolving agent configurations, or running overnight autonomous improvement loops.
development1
burpsuite-project-parser
Burp Suite Project Parser
tools1
cairo-vulnerability-scanner
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects. (project, gitignored)
testing1
canvas-design
--- name: canvas-design description: -- name: canvas-design description: Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the... --- -- name: canvas-design description: Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the user asks to create a poster, piece of art, design, or other static piece. Create original visual designs, never copying existing artists' work to avoid
documentation1
code-maturity-assessor
Systematic code maturity assessment using Trail of Bits' 9-category framework. Analyzes codebase for arithmetic safety, auditing practices, access controls, complexity, decentralization, documentation, MEV risks, low-level code, and testing. Produces professional scorecard with evidence-based ratings and actionable recommendations. (project, gitignored)
development1
collision-zone-thinking
--- name: collision-zone-thinking description: -- name: Collision-Zone Thinking description: Force unrelated concepts together to discover emergent properties - "What if we treated X like Y?" when_... --- -- name: Collision-Zone Thinking description: Force unrelated concepts together to discover emergent properties - "What if we treated X like Y?" when_to_use: when conventional approaches feel inadequate and you need breakthrough innovation by forcing unrelated concepts together version: 1.1.0
testing1
condition-based-waiting
--- name: condition-based-waiting description: -- name: Condition-Based Waiting description: Replace arbitrary timeouts with condition polling for reliable async tests when_to_use: when tests have ... --- -- name: Condition-Based Waiting description: Replace arbitrary timeouts with condition polling for reliable async tests when_to_use: when tests have race conditions, timing dependencies, or inconsistent pass/fail behavior version: 1.1.0 languages: all --- # Condition-Based Waiting ## Overvi
testing1
cosmos-vulnerability-scanner
Scans Cosmos SDK blockchains for 9 consensus-critical vulnerabilities including non-determinism, incorrect signers, ABCI panics, and rounding errors. Use when auditing Cosmos chains or CosmWasm contracts. (project, gitignored)
development1
solana-vulnerability-scanner
Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing. Use when auditing Solana/Anchor programs. (project, gitignored)
testing1
substrate-vulnerability-scanner
Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets. (project, gitignored)
testing1
agile
Sprint-based agile development with parallel agent execution. Use when the user wants to run an agile sprint, plan sprint work, conduct standups, run retrospectives, manage a backlog, estimate story points, track velocity, or coordinate parallel development across multiple agents acting as Scrum team roles (Scrum Master, Product Owner, Tech Lead, Frontend Dev, Backend Dev, QA Engineer). Also use when the user mentions sprints, user stories, acceptance criteria, definition of done, kanban, or SAFe. Triggers on: 'run a sprint', 'sprint planning', 'standup', 'retrospective', 'backlog grooming', 'agile workflow', 'scrum team'.
development1
algorithmic-art
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.
development1
audit-context-building
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
development1
browser-use
AI-powered browser automation using the browser-use Python library. Use when the user requests web automation tasks including web scraping and data extraction, form filling and submission, automated testing and validation, web navigation and interaction, or any task requiring programmatic browser control. Supports natural language task descriptions that are executed by AI agents.
tools1
guidelines-advisor
Comprehensive smart contract development advisor based on Trail of Bits' best practices. Analyzes codebase to generate documentation/specifications, review architecture, check upgradeability patterns, assess implementation quality, identify pitfalls, review dependencies, and evaluate testing. Provides actionable recommendations. (project, gitignored)
development1
secure-workflow-guide
Guide you through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas. (project, gitignored)
development1
ton-vulnerability-scanner
Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks. Use when auditing FunC contracts. (project, gitignored)
testing1
brand-guidelines
Applies Anthropic's official brand colors and typography to any sort of artifact that may benefit from having Anthropic's look-and-feel. Use it when brand colors or style guidelines, visual formatting, or company design standards apply.
development1
algorand-vulnerability-scanner
Scans Algorand smart contracts for 11 common vulnerabilities including rekeying attacks, unchecked transaction fees, missing field validations, and access control issues. Use when auditing Algorand projects (TEAL/PyTeal). (project, gitignored)
development1
Agent Development
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
tools1
agent-definition-fix
Use when the Gemini CLI reports errors loading agent definitions in ~/.gemini/agents/, such as unsupported 'color' keys or incorrect 'tools' formats. Provides a script to automatically fix these frontmatter issues.
tools1
altair
Guide and best practices for creating data visualizations using Altair in Python. Always use this over matplotlib or seaborn.
development1
bigquery-analyst
Expert BigQuery data analysis using MCP tools. Perform schema discovery, data profiling, distribution analysis, anomaly detection, time series exploration, data quality assessment, and ad-hoc analytical queries against any BigQuery dataset. Use when the user asks to analyze, explore, profile, investigate, or query data in BigQuery, or asks questions that can be answered by querying a BigQuery dataset (e.g., 'how many users signed up last week?', 'show me the distribution of order values', 'find anomalies in the revenue data', 'what does the customers table look like?').
tools1
building-secure-contracts
Building Secure Contracts
development1
token-integration-analyzer
Comprehensive token integration and implementation analyzer based on Trail of Bits' token integration checklist. Analyzes token implementations for ERC20/ERC721 conformity, checks for 20+ weird token patterns, assesses contract composition and owner privileges, performs on-chain scarcity analysis, and evaluates how protocols handle non-standard tokens. Context-aware for both token implementations and token integrations. (project, gitignored)
testing1
burpsuite-project-parser
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.
testing1
constant-time-analysis
Constant-Time Analyzer (ct-analyzer)
research1
brainstorming
You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior. Explores user intent, requirements and design before implementation.
development1