latestaiagents
163 verified skills326 total stars
git-undo-wizard
Use this skill when the user needs to undo, revert, or recover from Git mistakes. Activate when they mention: undo commit, revert changes, accidentally committed, wrong branch, recover deleted, reset HEAD, undo push, undo merge, restore file, git reflog, "I messed up", lost commits, or any Git recovery scenario.
testing2
agent-error-recovery
Use this skill when implementing error handling for AI agents. Activate when the user needs agents to handle failures gracefully, implement retry strategies, design fault-tolerant agent systems, or build agents that can recover from errors without human intervention.
development2
agentic-rag
Build autonomous RAG agents that reason, plan, and use tools for complex retrieval tasks. Use this skill when simple retrieve-and-generate isn't enough. Activate when: agentic RAG, RAG agent, multi-step retrieval, tool-using RAG, autonomous retrieval, query decomposition.
tools2
agent-memory-systems
Use this skill when implementing memory for AI agents. Activate when the user needs agents to remember past interactions, implement context persistence, build knowledge bases for agents, design agent state management, or create shared memory between multiple agents.
development2
agent-memory-systems
Use this skill when implementing memory for AI agents. Activate when the user needs agents to remember past interactions, implement context persistence, build knowledge bases for agents, design agent state management, or create shared memory between multiple agents.
development2
agent-mesh-architecture
Use this skill when designing peer-to-peer multi-agent systems. Activate when the user needs agents that collaborate without central control, wants resilient agent networks, needs swarm-like agent behavior, or is building decentralized agent architectures.
development2
csrf-protection
Cross-Site Request Forgery prevention techniques. Use this skill when implementing forms, state-changing operations, or reviewing CSRF protections. Activate when: CSRF, cross-site request forgery, form security, token validation, same-site cookie, state changing request, POST request security.
testing2
debug-with-ai
Use this skill when debugging code with AI assistance. Activate when the user has a bug, error, unexpected behavior, needs to understand why code isn't working, wants to analyze stack traces, or is troubleshooting issues in their application.
development2
dependency-conflict-resolver
Use this skill when resolving dependency conflicts. Activate when the user has package version conflicts, npm/yarn/pnpm install failures, peer dependency warnings, duplicate packages, or module resolution errors.
data-ai2
a2a-protocols
Implement Agent-to-Agent (A2A) communication for cross-framework interoperability. Use this skill when building multi-agent communication, implementing agent protocols, connecting agents across frameworks, or standardizing agent interfaces. Activate when: agent to agent, A2A, agent communication, agent protocol, cross-framework agents, agent interoperability, MCP, agent discovery.
tools2
access-control-audit
OWASP A05 - Broken Access Control Detection. Use this skill when implementing authorization, checking permissions, or auditing who can access what resources. Activate when: authorization, permissions, access control, RBAC, ABAC, admin access, privilege escalation, IDOR, direct object reference, role check, can user access.
testing2
agent-checkpointing
Implement checkpointing for agent recovery, debugging, and replay. Use this skill when building recoverable agents, implementing replay, debugging agent failures, or creating resumable workflows. Activate when: agent checkpoint, agent recovery, resume agent, agent restart, workflow replay, agent debugging, failure recovery, state snapshot.
development2
jwt-security
JSON Web Token security best practices. Use this skill when implementing JWT authentication, validating tokens, or reviewing JWT usage. Activate when: JWT, JSON Web Token, token authentication, bearer token, refresh token, token validation, JWT secret, token expiry.
development2
agent-sdk-quickstart
Build your first Claude Agent SDK agent — TypeScript or Python. Covers installation, minimal agent loop, tool definitions, and the difference between "roll-your-own" and Managed Agents. Use this skill when starting a new AI agent project, migrating from raw messages.create loops to the Agent SDK, or evaluating SDK vs direct API. Activate when: Claude Agent SDK, @anthropic-ai/claude-agent-sdk, build agent, agent SDK quickstart, agent tutorial.
tools2
agent-sdk-streaming
Stream agent output correctly — text deltas, tool-use events, thinking deltas, progress indicators — without dropping events or blocking on long tool calls. Covers backpressure, error handling, and UX patterns. Use this skill when building agent UIs (chat, CLI), ensuring agents feel responsive, or debugging dropped/truncated streams. Activate when: agent streaming, stream events, text deltas, streaming UI, SSE agent, stream tool use.
tools2
agent-supervisor-pattern
Use this skill when designing supervisor-based multi-agent systems. Activate when the user needs to orchestrate multiple AI agents, coordinate agent workflows, implement a central controller for agents, design hub-and-spoke agent architecture, or build hierarchical agent systems.
development2
agent-testing-harness
Use this skill when testing AI agent systems. Activate when the user needs to test agent behavior, write tests for multi-agent systems, implement agent evaluation frameworks, create test harnesses for autonomous agents, or validate agent outputs systematically.
development2
agent-tool-routing
Use this skill when implementing tool selection for AI agents. Activate when the user needs agents to choose the right tools, implement dynamic tool routing, integrate MCP servers, design tool selection logic, or build agents that can use external services effectively.
tools2
ai-audit-logging
Use this skill when implementing audit logging for AI systems. Activate when the user needs to track AI decisions for compliance, implement audit trails for LLM usage, meet regulatory requirements (EU AI Act, SOC2), or create accountability records for AI-generated content.
testing2
ai-code-reviewer
Use this skill when reviewing AI-generated code. Activate when the user has code generated by an AI assistant and wants to review it, validate AI output, check for common AI mistakes, ensure code quality of generated code, or verify that AI-generated code follows best practices before merging.
development2
alerting-strategies
Design effective alerting strategies that catch real issues without causing alert fatigue. Use this skill when setting up alerts, reducing noise, or improving on-call experience. Activate when: alerting, alerts, pagerduty, on-call, alert fatigue, too many alerts, missed alerts, monitoring thresholds, alert tuning.
testing2
api-security
Comprehensive API security for REST and GraphQL APIs. Use this skill when building or reviewing API endpoints, implementing authentication, or securing data transfer. Activate when: API security, REST security, GraphQL security, API authentication, API rate limiting, API versioning, secure endpoint, API design.
development2
api-security
Comprehensive API security for REST and GraphQL APIs. Use this skill when building or reviewing API endpoints, implementing authentication, or securing data transfer. Activate when: API security, REST security, GraphQL security, API authentication, API rate limiting, API versioning, secure endpoint, API design.
development2
branch-strategy-advisor
Use this skill when discussing Git branching strategies. Activate when the user asks about branch naming, GitFlow, trunk-based development, feature branches, release branches, how to organize branches, branch protection, or setting up a branching workflow for their team.
development2
broken-auth-detector
OWASP A02 - Broken Authentication Detection. Use this skill when reviewing login systems, session management, password handling, or authentication flows. Activate when: login, authentication, password, session, token, JWT, OAuth, credentials, sign in, logout, remember me, forgot password, password reset, MFA, 2FA.
development2
broken-auth-detector
OWASP A02 - Broken Authentication Detection. Use this skill when reviewing login systems, session management, password handling, or authentication flows. Activate when: login, authentication, password, session, token, JWT, OAuth, credentials, sign in, logout, remember me, forgot password, password reset, MFA, 2FA.
development2
chunking-strategies
Expert guidance on document chunking strategies for RAG systems. Use this skill when designing how to split documents for vector embeddings. Activate when: chunking, chunk size, text splitting, document segmentation, overlap, semantic chunking, recursive splitting.
documentation2
chunking-strategies
Optimize document chunking for RAG performance and retrieval quality. Use this skill when splitting documents, choosing chunk sizes, implementing semantic chunking, or improving RAG retrieval accuracy. Activate when: chunking, split documents, chunk size, text splitting, document processing, RAG performance, semantic chunking, overlap.
testing2
codebase-context-builder
Use this skill when preparing context for AI coding assistants. Activate when the user wants to help AI understand their codebase, provide better context for code generation, improve AI responses, create context files, set up CLAUDE.md or similar context documents, or optimize prompts for code tasks.
development2
codebase-context-builder
Use this skill when preparing context for AI coding assistants. Activate when the user wants to help AI understand their codebase, provide better context for code generation, improve AI responses, create context files, set up CLAUDE.md or similar context documents, or optimize prompts for code tasks.
development2
commit-message-crafter
Use this skill when writing Git commit messages. Activate when the user asks about commit message format, conventional commits, how to write good commit messages, commit message best practices, or when they're about to commit changes and need help crafting the message.
development2
computer-use
Build browser/desktop automation agents using Claude's Computer Use capability — screen-taking, clicking, typing. Covers the reference container, virtualization safety, task decomposition, and when to use computer-use vs API integration. Use this skill when building agents that operate GUIs (browsers, legacy apps), automating workflows without APIs, or QA/testing agents. Activate when: Claude computer use, browser automation, desktop agent, screen control, computer_20250124, click and type agent.
tools2
corrective-rag
Implement Corrective RAG (CRAG) and Self-RAG for reliable, self-healing retrieval systems. Use this skill when building reliable RAG, preventing hallucinations, implementing retrieval evaluation, or adding self-correction to RAG pipelines. Activate when: corrective RAG, CRAG, self-RAG, hallucination prevention, retrieval evaluation, RAG reliability, self-healing RAG, document grading.
development2
dependency-vulnerability
OWASP A09 - Using Components with Known Vulnerabilities. Use this skill when auditing dependencies, updating packages, or reviewing security advisories. Activate when: npm audit, dependency check, vulnerable package, CVE, security advisory, outdated packages, supply chain, package vulnerability, Dependabot, Snyk.
testing2
destructive-operation-guard
CRITICAL SAFETY SKILL - Always active. Use this skill to prevent destructive operations without explicit user confirmation. Activate BEFORE any operation that deletes data, resets state, overwrites files, force pushes, drops tables, truncates data, runs migrations, or performs any irreversible action. This skill MUST be consulted before executing potentially harmful commands.
testing2
durable-state-patterns
Implement persistent agent state that survives failures and restarts. Use this skill when building stateful agents, implementing checkpointing, persisting agent memory across sessions, or recovering from failures. Activate when: durable state, agent persistence, checkpointing, agent recovery, stateful agents, state persistence, cross-session memory, agent restart.
development2
error-pattern-analyzer
Use this skill when analyzing error patterns in applications. Activate when the user has recurring errors, wants to find root causes of issues, needs to identify systemic problems, is analyzing error logs, or wants to categorize and prioritize bugs.
development2
error-pattern-analyzer
Use this skill when analyzing error patterns in applications. Activate when the user has recurring errors, wants to find root causes of issues, needs to identify systemic problems, is analyzing error logs, or wants to categorize and prioritize bugs.
development2
file-operation-safety
CRITICAL SAFETY SKILL - Use this skill before any file system operation that deletes, moves, or overwrites files. Activate when the user wants to rm, mv, cp (with overwrite), clear directories, or perform bulk file operations. This skill prevents accidental file loss through verification and confirmation protocols.
testing2
git-history-detective
Use this skill when investigating Git history. Activate when the user wants to find when a bug was introduced, who changed a line of code, track down a regression, use git bisect, search commit history, understand why code was changed, or investigate when and how something broke.
development2
git-safety
CRITICAL SAFETY SKILL - Use this skill before any Git operation that could lose commits, rewrite history, or affect shared branches. Activate when the user wants to force push, reset hard, rebase, clean, or perform any destructive Git operation. This skill prevents loss of work through verification and confirmation.
documentation2
git-undo-wizard
Use this skill when the user needs to undo, revert, or recover from Git mistakes. Activate when they mention: undo commit, revert changes, accidentally committed, wrong branch, recover deleted, reset HEAD, undo push, undo merge, restore file, git reflog, "I messed up", lost commits, or any Git recovery scenario.
testing2
human-in-loop-agents
Build agents that pause for human approval, review, and intervention. Use this skill when implementing approval workflows, human oversight, agent interrupts, or review-before-execute patterns. Activate when: human in the loop, HITL, agent approval, human oversight, interrupt agent, pause agent, review workflow, agent supervision.
development2
hybrid-retrieval
Implement hybrid search combining dense vectors and sparse retrieval for optimal RAG results. Use this skill when vector search alone isn't providing accurate results. Activate when: hybrid search, BM25, keyword search, sparse retrieval, dense retrieval, reranking, ensemble retrieval.
data-ai2
hybrid-retrieval
Implement hybrid search combining vector and keyword retrieval for RAG systems. Use this skill when building RAG retrieval, combining semantic search with BM25, implementing reciprocal rank fusion (RRF), or optimizing retrieval accuracy. Activate when: vector search, keyword search, BM25, semantic search, hybrid RAG, retrieval optimization, search relevance, reranking.
development2
incident-commander
Guide incident response as an Incident Commander with structured communication and coordination. Use this skill when there's an active incident, outage, service degradation, or production issue. Activate when: incident, outage, service down, production issue, SEV1, SEV2, pages, alerts firing, something broke, users complaining, error spike, latency spike.
testing2
injection-prevention
OWASP A01 - Injection Prevention. Use this skill when reviewing code for SQL injection, NoSQL injection, command injection, LDAP injection, or any user input that reaches databases, shells, or interpreters. Activate when: SQL query, database query, user input, command execution, shell command, exec, eval, system call, parameterized query.
development2
kubernetes-troubleshooting
Diagnose and fix common Kubernetes issues with systematic debugging approaches. Use this skill when troubleshooting K8s clusters, pods not starting, deployments failing, or networking issues. Activate when: kubernetes, k8s, pod, deployment, kubectl, container, crashloopbackoff, imagepullbackoff, pending pods, kubernetes networking, service not working, ingress issues.
development2
langgraph-workflows
Build agent workflows with LangGraph 1.0 state machines and graph patterns. Use this skill when creating agent graphs, implementing state machines, building multi-step agent workflows, or using LangGraph. Activate when: LangGraph, agent graph, state graph, agent workflow, graph nodes, conditional edges, agent state machine, ReAct agent.
development2
llm-fallback-chains
Use this skill when implementing fallback strategies for LLM applications. Activate when the user needs graceful degradation for AI services, multi-provider failover, handling LLM outages, or building resilient AI systems.
development2
llm-rate-limiting
Use this skill when implementing rate limiting for LLM APIs. Activate when the user needs to prevent API quota exhaustion, implement backoff strategies, handle rate limit errors, or manage concurrent LLM requests.
development2
mcp-resource-patterns
Use MCP Resources correctly — the read-only, URI-addressable data primitive — and know when to pick resources, tools, or prompts. Covers templated URIs, subscriptions, and common mistakes. Use this skill when designing MCP servers that expose data, deciding between tool vs resource, or implementing resource subscriptions for live data. Activate when: MCP resource, resource template, resource vs tool, subscribe resource, MCP URI schema.
tools2
mcp-server-authoring
Build production-quality MCP (Model Context Protocol) servers that expose tools, resources, and prompts to AI clients like Claude Desktop, Claude Code, Cursor, and the Claude Agent SDK. Use this skill when the user wants to build an MCP server, expose internal tooling to an AI agent, wrap an API for agents, or publish a reusable MCP server to a registry. Activate when: MCP server, Model Context Protocol, expose tools to Claude, @modelcontextprotocol/sdk, mcp.json, stdio server, HTTP MCP server.
tools2
mcp-transport-stdio-http
Choose between MCP transports — stdio for local processes, Streamable HTTP for remote servers, SSE for legacy — and implement each correctly with reconnection, backpressure, and session handling. Use this skill when deciding transport for a new MCP server, migrating SSE to Streamable HTTP, or debugging transport-level issues (connection drops, buffering, session loss). Activate when: MCP transport, stdio vs HTTP, Streamable HTTP, MCP SSE, MCP reconnection, MCP session.
tools2
merge-conflict-surgeon
Use this skill when resolving Git merge conflicts. Activate when the user mentions merge conflicts, conflicting changes, failed merges, "both modified", HEAD markers, conflict markers (<<<<<<<, =======, >>>>>>>), or asks how to resolve conflicts between branches. Also use when git merge or git rebase fails due to conflicts.
data-ai2
migration-safety
CRITICAL SAFETY SKILL - Use this skill before running ANY database migration. Activate when the user wants to run migrations, rollback migrations, re-run migrations, or modify database schema. This skill prevents data loss from migrations by enforcing backup requirements, checking existing data, and requiring explicit confirmation before destructive changes.
testing2
playwright-patterns
Write reliable, maintainable E2E tests with Playwright best practices. Use this skill when writing Playwright tests, debugging flaky tests, or setting up E2E automation. Activate when: playwright, e2e test, end-to-end, browser testing, UI automation, web testing.
tools2
production-rag-checklist
Comprehensive checklist for deploying RAG systems to production with reliability and scale. Use this skill when preparing RAG for production deployment. Activate when: production RAG, RAG deployment, RAG checklist, RAG scaling, RAG monitoring, production-ready RAG.
testing2
production-rag-checklist
Deploy RAG systems to production with proper architecture, monitoring, and operations. Use this skill when deploying RAG to production, scaling retrieval systems, implementing RAG monitoring, or building enterprise RAG infrastructure. Activate when: production RAG, RAG deployment, enterprise RAG, RAG architecture, RAG monitoring, RAG scaling, RAG infrastructure, RAG ops.
development2
prompt-injection-guard
Use this skill when securing AI applications against prompt injection. Activate when the user needs to prevent prompt injection attacks, validate AI inputs, implement input sanitization, or protect against adversarial prompts.
testing2
refactor-with-ai
Use this skill when refactoring code with AI assistance. Activate when the user wants to improve code structure, extract functions, reduce complexity, modernize legacy code, apply design patterns, clean up technical debt, or restructure code while preserving behavior.
development2
refactor-with-ai
Use this skill when refactoring code with AI assistance. Activate when the user wants to improve code structure, extract functions, reduce complexity, modernize legacy code, apply design patterns, clean up technical debt, or restructure code while preserving behavior.
development2
regression-evals
Set up continuous regression evals so model/prompt/tool changes don't silently break existing behavior. Covers gating thresholds, CI integration, statistical significance, and response to regressions. Use this skill when deploying prompts to production, gating model upgrades, or noticing "it worked yesterday" in AI features. Activate when: regression eval, eval CI, prompt regression, model upgrade gate, eval threshold, eval alert.
tools2
reproduction-builder
Use this skill when creating bug reproductions. Activate when the user needs to create a minimal reproduction case, report a bug with steps to reproduce, isolate a bug to specific conditions, or help others understand how to trigger an issue.
development2
root-cause-analysis
Systematic root cause analysis using 5 Whys, fishbone diagrams, and fault tree analysis. Use this skill when investigating why an incident happened, performing RCA, or writing postmortems. Activate when: root cause, why did this happen, 5 whys, incident analysis, postmortem investigation, how did this happen, what caused, failure analysis.
testing2
secrets-detection
Find and prevent leaked secrets, API keys, and credentials in code. Use this skill when reviewing code for exposed secrets, setting up pre-commit hooks, or auditing repositories. Activate when: leaked secret, API key exposed, credentials in code, hardcoded password, secret scanning, git secrets, pre-commit hook.
development2
sensitive-data-protection
OWASP A03 - Sensitive Data Exposure Prevention. Use this skill when handling PII, passwords, credit cards, API keys, or any sensitive information. Activate when: encryption, PII, personal data, credit card, SSN, password storage, HTTPS, TLS, data at rest, data in transit, GDPR, compliance, data masking.
development2
session-lifecycle
Manage Claude Agent SDK / Managed Agents sessions — creation, resumption, compaction, forking, and termination. Covers when to start fresh, when to resume, and how to handle context window pressure in long sessions. Use this skill when building multi-turn agents, debugging "my agent forgot the earlier context", or designing session retention policies. Activate when: agent session, session resume, conversation compaction, session fork, context window overflow, session lifecycle.
development2
skill-frontmatter
Write the YAML frontmatter for a SKILL.md file so it activates reliably — name, description, and activation keywords that the model matches against. Covers length, tone, and the most common frontmatter mistakes. Use this skill when authoring a new skill, fixing a skill that isn't auto-activating, or reviewing skills for publication. Activate when: SKILL.md frontmatter, skill description, skill activation, skill YAML, write a skill, author a skill.
documentation2
slo-sli-error-budgets
Implement Service Level Objectives (SLOs), Service Level Indicators (SLIs), and error budgets. Use this skill when defining reliability targets, measuring service health, or balancing reliability vs velocity. Activate when: SLO, SLI, SLA, error budget, reliability targets, service level, uptime target, availability target, latency target, nine nines, 99.9%.
testing2
stack-trace-decoder
Use this skill when analyzing stack traces. Activate when the user has a stack trace to understand, needs to decode error traces, wants to find the root cause from a stack trace, is debugging crashes, or needs help interpreting exception traces.
development2
sub-agent-delegation
Delegate work to sub-agents via the Task/Agent tool — parallel research, isolated context windows, specialized expertise. Covers when sub-agents help vs hurt, prompt shape, and result handling. Use this skill when building agents that need to research in parallel, process independent work items, or isolate context-heavy sub-tasks. Activate when: sub-agents, Task tool, Agent tool, parallel agents, agent delegation, spawn agent, multi-agent.
tools2
test-generation-patterns
Use this skill when generating tests with AI assistance. Activate when the user wants to create unit tests, integration tests, generate test cases, improve test coverage, write tests for existing code, or set up testing patterns for their project.
development2
test-planning
Create comprehensive test strategies and test plans for software projects. Use this skill when planning testing for new features, releases, or projects. Activate when: test plan, test strategy, testing approach, QA planning, test coverage, release testing.
testing2
xss-prevention
OWASP A07 - Cross-Site Scripting (XSS) Prevention. Use this skill when rendering user input in HTML, handling DOM manipulation, or building frontend components. Activate when: XSS, cross-site scripting, user input display, innerHTML, dangerouslySetInnerHTML, template injection, script injection, sanitize HTML, escape output.
development2
graphrag-patterns
Implement GraphRAG combining knowledge graphs with RAG for multi-hop reasoning. Use this skill when building knowledge graph RAG, implementing multi-hop queries, using Neo4j with RAG, or connecting entities across documents. Activate when: GraphRAG, knowledge graph, multi-hop reasoning, Neo4j RAG, entity extraction, relationship queries, graph database, connected data.
development2
token-cost-analyzer
Use this skill when analyzing and optimizing LLM API costs. Activate when the user wants to reduce AI API spending, understand token usage, audit LLM costs, optimize prompts for cost efficiency, or track and report on AI expenditure.
development2
a2a-protocols
Implement Agent-to-Agent (A2A) communication for cross-framework interoperability. Use this skill when building multi-agent communication, implementing agent protocols, connecting agents across frameworks, or standardizing agent interfaces. Activate when: agent to agent, A2A, agent communication, agent protocol, cross-framework agents, agent interoperability, MCP, agent discovery.
tools2
agent-testing-harness
Use this skill when testing AI agent systems. Activate when the user needs to test agent behavior, write tests for multi-agent systems, implement agent evaluation frameworks, create test harnesses for autonomous agents, or validate agent outputs systematically.
development2
ai-code-reviewer
Use this skill when reviewing AI-generated code. Activate when the user has code generated by an AI assistant and wants to review it, validate AI output, check for common AI mistakes, ensure code quality of generated code, or verify that AI-generated code follows best practices before merging.
development2
doc-sync-automation
Use this skill when keeping documentation synchronized with code. Activate when the user needs to update docs after code changes, generate API documentation, create README updates, keep JSDoc/TSDoc in sync, or automate documentation workflows.
tools2
log-forensics
Use this skill when investigating issues through logs. Activate when the user needs to analyze log files, search for specific events in logs, correlate logs across services, investigate incidents through logs, or extract insights from application logs.
testing2
stack-trace-decoder
Use this skill when analyzing stack traces. Activate when the user has a stack trace to understand, needs to decode error traces, wants to find the root cause from a stack trace, is debugging crashes, or needs help interpreting exception traces.
development2
on-call-best-practices
Manage on-call rotations with sustainable practices, fair scheduling, and effective handoffs. Use this skill when setting up on-call, improving on-call experience, or managing rotations. Activate when: on-call, pagerduty, rotation, schedule, handoff, on-call burden, being paged, night pages, weekend on-call, on-call fatigue.
data-ai2
onboarding-checklist
Create comprehensive onboarding plans that set new hires up for success. Use this skill when preparing for new employee arrivals, improving onboarding processes, or building role-specific onboarding. Activate when: onboarding, new hire, first day, new employee, orientation, employee onboarding, 30-60-90.
development2
deployment-strategies
Implement safe deployment strategies including rolling, blue-green, canary, and feature flags. Use this skill when planning deployments, reducing deployment risk, or implementing progressive delivery. Activate when: deployment strategy, rolling update, blue-green, canary deployment, feature flags, progressive delivery, zero downtime deployment, rollback, deployment risk.
testing2
performance-testing
Design and execute performance tests using k6, Artillery, and other tools. Use this skill when load testing APIs, stress testing systems, or establishing performance baselines. Activate when: performance test, load test, stress test, k6, artillery, benchmark, scalability testing.
tools2
api-test-patterns
Write comprehensive API tests for REST and GraphQL endpoints. Use this skill when testing APIs, writing contract tests, or validating integrations. Activate when: api testing, REST test, GraphQL test, endpoint testing, integration test, postman, contract testing.
development2
bug-reporting
Write clear, actionable bug reports that help developers fix issues quickly. Use this skill when reporting bugs, documenting defects, or improving bug tracking processes. Activate when: bug report, defect, issue report, bug tracking, reproduction steps, bug template.
development2
graphrag-patterns
Implement GraphRAG patterns combining knowledge graphs with retrieval for complex reasoning. Use this skill when building RAG over interconnected data or needing relationship-aware retrieval. Activate when: GraphRAG, knowledge graph, graph retrieval, entity relationships, Neo4j RAG, graph database, connected data.
development2
secure-code-review
Systematic security code review methodology. Use this skill when reviewing pull requests for security issues, auditing critical code paths, or performing security assessments. Activate when: security review, code audit, secure code, review PR for security, find vulnerabilities, security assessment.
development2
security-misconfiguration
OWASP A06 - Security Misconfiguration Detection. Use this skill when configuring servers, frameworks, cloud services, or deploying applications. Activate when: server config, nginx config, apache config, CORS, headers, debug mode, default credentials, error messages, directory listing, cloud security, S3 bucket, environment variables.
development2
extended-thinking
Use Claude's extended thinking (reasoning) mode effectively — budget tokens, interleaved thinking with tool use, when it helps, when it wastes tokens, and how to inspect the thinking trace. Use this skill when building reasoning-heavy features (math, code generation, multi-step planning), debugging why a model is shallow on hard problems, or deciding whether to enable thinking. Activate when: extended thinking, thinking tokens, budget_tokens, reasoning mode, interleaved thinking, thinking blocks.
tools2
xss-prevention
OWASP A07 - Cross-Site Scripting (XSS) Prevention. Use this skill when rendering user input in HTML, handling DOM manipulation, or building frontend components. Activate when: XSS, cross-site scripting, user input display, innerHTML, dangerouslySetInnerHTML, template injection, script injection, sanitize HTML, escape output.
development2
performance-profiler
Use this skill when investigating performance issues. Activate when the user has slow code, needs to find performance bottlenecks, wants to profile application performance, is optimizing response times, or investigating memory usage.
development2
reproduction-builder
Use this skill when creating bug reproductions. Activate when the user needs to create a minimal reproduction case, report a bug with steps to reproduce, isolate a bug to specific conditions, or help others understand how to trigger an issue.
development2
debug-with-ai
Use this skill when debugging code with AI assistance. Activate when the user has a bug, error, unexpected behavior, needs to understand why code isn't working, wants to analyze stack traces, or is troubleshooting issues in their application.
development2
log-forensics
Use this skill when investigating issues through logs. Activate when the user needs to analyze log files, search for specific events in logs, correlate logs across services, investigate incidents through logs, or extract insights from application logs.
testing2
git-history-detective
Use this skill when investigating Git history. Activate when the user wants to find when a bug was introduced, who changed a line of code, track down a regression, use git bisect, search commit history, understand why code was changed, or investigate when and how something broke.
development2
eval-dataset-design
Design eval datasets that actually measure model quality — coverage, difficulty distribution, labeling consistency, and avoiding contamination. Covers sourcing, stratification, label quality, and when to generate vs curate. Use this skill when building a new eval set, realizing your current evals don't catch regressions, or labeling is inconsistent. Activate when: eval dataset, benchmark, test set, eval coverage, label quality, synthetic eval, dataset design.
development2
merge-conflict-surgeon
Use this skill when resolving Git merge conflicts. Activate when the user mentions merge conflicts, conflicting changes, failed merges, "both modified", HEAD markers, conflict markers (<<<<<<<, =======, >>>>>>>), or asks how to resolve conflicts between branches. Also use when git merge or git rebase fails due to conflicts.
data-ai2
agent-cost-budgeting
Use this skill when managing AI agent costs. Activate when the user needs to control token usage, implement cost limits for agents, optimize LLM spending, track agent costs, or prevent runaway API bills in agent systems.
development2
agentic-rag
Build agentic RAG systems with autonomous planning, reflection, and tool use. Use this skill when implementing agent-driven retrieval, query decomposition, iterative refinement, or multi-source RAG orchestration. Activate when: agentic RAG, A-RAG, autonomous retrieval, query planning, iterative RAG, multi-step retrieval, agent retrieval, RAG agent.
tools2
secure-code-review
Systematic security code review methodology. Use this skill when reviewing pull requests for security issues, auditing critical code paths, or performing security assessments. Activate when: security review, code audit, secure code, review PR for security, find vulnerabilities, security assessment.
development2
xxe-prevention
OWASP A04 - XML External Entity (XXE) Prevention. Use this skill when parsing XML, processing SOAP requests, handling SVG uploads, or working with XML-based formats. Activate when: XML parsing, SOAP, SVG upload, XML input, DOCTYPE, DTD, external entity, XML bomb, billion laughs, XSLT.
development2
compensation-analysis
Analyze compensation data, create salary bands, and ensure pay equity. Use this skill when benchmarking salaries, building compensation structures, or analyzing pay equity. Activate when: compensation, salary, pay equity, salary bands, compensation analysis, total rewards, salary benchmark.
development2
interview-question-bank
Generate structured, role-appropriate interview questions that assess skills fairly. Use this skill when preparing for interviews, building interview guides, or training interviewers. Activate when: interview questions, hiring interview, interview guide, candidate assessment, behavioral questions.
development2
injection-prevention
OWASP A01 - Injection Prevention. Use this skill when reviewing code for SQL injection, NoSQL injection, command injection, LDAP injection, or any user input that reaches databases, shells, or interpreters. Activate when: SQL query, database query, user input, command execution, shell command, exec, eval, system call, parameterized query.
development2
code-explanation-generator
Use this skill when generating explanations for code. Activate when the user needs to understand complex code, wants to document how something works, needs to explain code to others, is onboarding to a new codebase, or wants to create educational content about code.
development2
test-generation-patterns
Use this skill when generating tests with AI assistance. Activate when the user wants to create unit tests, integration tests, generate test cases, improve test coverage, write tests for existing code, or set up testing patterns for their project.
development2
branch-strategy-advisor
Use this skill when discussing Git branching strategies. Activate when the user asks about branch naming, GitFlow, trunk-based development, feature branches, release branches, how to organize branches, branch protection, or setting up a branching workflow for their team.
development2
agent-checkpointing
Implement checkpointing for agent recovery, debugging, and replay. Use this skill when building recoverable agents, implementing replay, debugging agent failures, or creating resumable workflows. Activate when: agent checkpoint, agent recovery, resume agent, agent restart, workflow replay, agent debugging, failure recovery, state snapshot.
development2
agent-mesh-architecture
Use this skill when designing peer-to-peer multi-agent systems. Activate when the user needs agents that collaborate without central control, wants resilient agent networks, needs swarm-like agent behavior, or is building decentralized agent architectures.
development2
mcp-tool-design
Design MCP tool schemas, names, and descriptions that AI agents actually pick correctly and use without hand-holding. Covers the anti-patterns that make agents loop, pick wrong tools, or hallucinate arguments. Use this skill when designing or reviewing MCP tools, debugging "the agent isn't using my tool", or pruning a bloated tool surface. Activate when: MCP tool design, tool description, agent picks wrong tool, too many tools, tool schema, tool naming.
tools2
database-safety
CRITICAL SAFETY SKILL - Use this skill before any database operation that modifies or deletes data. Activate when the user wants to DELETE, UPDATE, TRUNCATE, DROP, or reset database. This skill prevents accidental data loss by enforcing verification, scoping, and confirmation requirements.
testing2
security-misconfiguration
OWASP A06 - Security Misconfiguration Detection. Use this skill when configuring servers, frameworks, cloud services, or deploying applications. Activate when: server config, nginx config, apache config, CORS, headers, debug mode, default credentials, error messages, directory listing, cloud security, S3 bucket, environment variables.
development2
skill-activation-patterns
Design skills that fire at the right moment — neither over-eager (noise) nor under-eager (silent). Covers activation specificity, trigger phrases, disambiguation between overlapping skills, and debugging activation. Use this skill when multiple skills could fire on the same query, a skill never fires, or a skill fires too often. Activate when: skill won't activate, skill over-activates, overlapping skills, skill triggers, skill selection, skill disambiguation.
development2
insecure-deserialization
OWASP A08 - Insecure Deserialization Prevention. Use this skill when parsing serialized data, handling JSON with type information, or processing pickled/marshalled objects. Activate when: deserialization, JSON parse, pickle, marshal, serialize, unserialize, ObjectInputStream, yaml.load, eval JSON, prototype pollution.
development2
secrets-detection
Find and prevent leaked secrets, API keys, and credentials in code. Use this skill when reviewing code for exposed secrets, setting up pre-commit hooks, or auditing repositories. Activate when: leaked secret, API key exposed, credentials in code, hardcoded password, secret scanning, git secrets, pre-commit hook.
development2
jwt-security
JSON Web Token security best practices. Use this skill when implementing JWT authentication, validating tokens, or reviewing JWT usage. Activate when: JWT, JSON Web Token, token authentication, bearer token, refresh token, token validation, JWT secret, token expiry.
development2
rag-evaluation
Test and benchmark RAG systems with proper metrics and evaluation frameworks. Use this skill when evaluating RAG quality, measuring retrieval performance, using RAGAS metrics, or building RAG test suites. Activate when: RAG evaluation, RAG testing, RAGAS, retrieval metrics, faithfulness, relevance, context precision, RAG benchmarking.
development2
model-routing-strategy
Use this skill when implementing model selection for LLM applications. Activate when the user needs to choose between different AI models, implement cost-efficient model routing, balance quality vs cost, or build intelligent model selection systems.
development2
prompt-caching-patterns
Use this skill when implementing caching for LLM applications. Activate when the user wants to reduce API costs through caching, implement semantic caching, cache LLM responses, optimize repeated prompts, or set up efficient caching strategies for AI applications.
development2
mcp-security-sandboxing
Secure MCP servers against prompt injection, tool abuse, excessive permission, and data exfiltration. Covers per-tool scopes, rate limiting, audit logging, and sandbox patterns for shell-adjacent tools. Use this skill when deploying an MCP server to production, handling untrusted agents, or reviewing an MCP server for security issues. Activate when: MCP security, MCP prompt injection, tool sandbox, MCP audit log, MCP rate limit, tool abuse, MCP threat model.
tools2
langgraph-workflows
Build agent workflows with LangGraph 1.0 state machines and graph patterns. Use this skill when creating agent graphs, implementing state machines, building multi-step agent workflows, or using LangGraph. Activate when: LangGraph, agent graph, state graph, agent workflow, graph nodes, conditional edges, agent state machine, ReAct agent.
development2
human-in-loop-agents
Build agents that pause for human approval, review, and intervention. Use this skill when implementing approval workflows, human oversight, agent interrupts, or review-before-execute patterns. Activate when: human in the loop, HITL, agent approval, human oversight, interrupt agent, pause agent, review workflow, agent supervision.
development2
mcp-client-integration
Connect MCP servers to AI clients — Claude Desktop, Claude Code, Cursor, the Claude Agent SDK, and custom apps — including config file locations, auth, and debugging connection failures. Use this skill when the user wants to wire an MCP server into a client, troubleshoot "server not connecting" errors, or build a custom MCP client with the SDK. Activate when: MCP client, mcp.json, claude_desktop_config.json, connect MCP, MCP not working, list MCP tools, programmatic MCP client.
tools2
agent-handoff-protocols
Use this skill when designing task handoffs between agents. Activate when the user needs to pass work between agents, transfer context between agents, implement agent-to-agent communication, or design protocols for agents to collaborate on sequential tasks.
data-ai2
golden-set-maintenance
Curate and maintain "golden set" eval items — the small, high-signal cases that must never regress. Covers selection criteria, review cadence, retiring stale items, and keeping the set sharp. Use this skill when building a sanity-check eval that runs on every PR, defending against silent quality drops, or your full eval takes too long to run in CI. Activate when: golden set, smoke test eval, canary eval, must-not-regress, eval sentinels, core eval.
development2
mcp-auth-oauth
Implement OAuth 2.1 + PKCE authentication for remote MCP servers, including dynamic client registration, token refresh, and scope design. Covers the 2025 MCP auth spec that Claude Desktop, Claude Code, and ChatGPT use. Use this skill when building a remote MCP server that needs per-user auth, debugging OAuth flows for MCP, or migrating a bearer-token MCP server to OAuth. Activate when: MCP OAuth, remote MCP auth, MCP authorization, PKCE, dynamic client registration, MCP 401.
tools2
cost-quality-tradeoff
Measure and optimize the cost/quality curve — which model, prompt, and settings give the best quality per dollar. Covers Pareto analysis, break-even thresholds, and when to spend more vs less. Use this skill when optimizing LLM spend, picking a default model for a feature, or deciding whether a premium model is worth it. Activate when: cost vs quality, model selection, eval cost, Pareto frontier, cheaper model, premium model tradeoff.
testing2
llm-as-judge
Use an LLM as an evaluator for open-ended outputs — rubrics, pairwise comparison, calibration with human labels, bias mitigation. Covers when LLM-judge works, when it fails, and how to trust its scores. Use this skill when evaluating generative outputs at scale, building eval pipelines, or replacing expensive human review for non-critical judgments. Activate when: LLM as judge, LLM evaluator, automated evaluation, pairwise comparison, rubric evaluation, eval model.
development2
memory-tool
Use Claude's Memory tool to give agents persistent cross-session memory stored in a client-side file directory. Covers setup, directory layout, reading/writing patterns, and when memory beats context-stuffing. Use this skill when building agents that need to remember across sessions (user preferences, project state, past decisions), or when moving from "stuff everything into context" to persistent memory. Activate when: Claude memory tool, agent memory, persistent memory, memory directory, cross-session state, long-term memory agent.
tools2
rebase-safely
Use this skill when rebasing Git branches. Activate when the user mentions rebase, interactive rebase, squash commits, reorder commits, edit commit history, clean up commits before merge, rebase onto main, or fixing up commit history. Also use when rebase fails or causes conflicts.
data-ai2
prompt-caching-ttl
Use Claude's prompt caching with 5-minute and 1-hour TTLs to slash costs on repeated context — codebases, system prompts, long documents. Covers cache breakpoints, hit-rate optimization, and the common mistakes that silently disable caching. Use this skill when building apps with repeated large context, optimizing LLM spend, or debugging "why are my cache reads zero?" Activate when: prompt caching, cache_control, cache hit rate, 5 minute cache, 1 hour TTL cache, ephemeral cache, reduce Claude cost.
development2
managed-agents-api
Use Anthropic's Managed Agents API (/v1/agents, /v1/sessions) — server-side agent runtime that handles the tool loop, compaction, memory, and scaling for you. Covers when to pick Managed over SDK, request shape, and cost model. Use this skill when building production agents at scale, deciding between SDK vs Managed, or migrating from self-hosted agent loops. Activate when: Managed Agents API, /v1/agents, /v1/sessions, server-side agent, Anthropic agent runtime.
tools2
doc-sync-automation
Use this skill when keeping documentation synchronized with code. Activate when the user needs to update docs after code changes, generate API documentation, create README updates, keep JSDoc/TSDoc in sync, or automate documentation workflows.
tools2
long-context-1m
Use Claude's 1M-token context window effectively — when to use it, how to structure inputs for recall, how to price it, and how to combine with prompt caching to keep it affordable. Use this skill when building apps that feed large codebases, long documents, or entire conversation histories to Claude, or when weighing 1M context vs RAG. Activate when: 1M context, long context, big context window, context vs RAG, Claude 1 million tokens, context-beta header.
development2
code-execution
Use Claude's Code Execution tool to run Python in a sandboxed environment as part of a response — for calculation, data analysis, chart generation, and verification. Covers enabling, file upload, persistence across turns, and limitations. Use this skill when building features that need Claude to actually run code (not just write it), such as data analysis, math verification, or chart creation. Activate when: Claude code execution, Python sandbox, run code tool, data analysis agent, code interpreter, code_execution_20250522.
tools2
rag-evaluation
Comprehensive RAG evaluation with retrieval metrics, generation quality, and end-to-end testing. Use this skill when measuring and improving RAG system performance. Activate when: RAG evaluation, RAGAS, retrieval metrics, generation quality, RAG testing, MRR, recall, faithfulness.
testing2
dependency-conflict-resolver
Use this skill when resolving dependency conflicts. Activate when the user has package version conflicts, npm/yarn/pnpm install failures, peer dependency warnings, duplicate packages, or module resolution errors.
data-ai2
dependency-vulnerability
OWASP A09 - Using Components with Known Vulnerabilities. Use this skill when auditing dependencies, updating packages, or reviewing security advisories. Activate when: npm audit, dependency check, vulnerable package, CVE, security advisory, outdated packages, supply chain, package vulnerability, Dependabot, Snyk.
testing2
corrective-rag
Implement Corrective RAG (CRAG) with retrieval validation, fallback strategies, and self-correction. Use this skill when RAG outputs need quality guarantees and automatic error correction. Activate when: CRAG, corrective RAG, retrieval validation, fallback search, self-correcting RAG, grounded generation.
testing2
test-case-design
Design comprehensive test cases with proper coverage and clear documentation. Use this skill when writing test cases, creating test suites, or improving test coverage. Activate when: test case, test scenario, test coverage, test design, write tests, BDD, gherkin.
testing2
policy-document-writer
Create clear, compliant HR policies and employee handbook content. Use this skill when writing company policies, updating handbooks, or ensuring compliance. Activate when: HR policy, company policy, employee handbook, workplace policy, PTO policy, remote work policy.
testing2
job-description-writer
Create inclusive, clear, and compelling job descriptions that attract diverse talent. Use this skill when writing new job postings, updating existing JDs, or improving hiring content. Activate when: job description, JD, job posting, hiring, role description, position opening, write JD.
documentation2
performance-review-assistant
Write constructive, specific performance reviews that drive growth and development. Use this skill when writing performance reviews, giving feedback, or preparing for review conversations. Activate when: performance review, employee review, feedback, annual review, quarterly review, evaluation.
development2
rebase-safely
Use this skill when rebasing Git branches. Activate when the user mentions rebase, interactive rebase, squash commits, reorder commits, edit commit history, clean up commits before merge, rebase onto main, or fixing up commit history. Also use when rebase fails or causes conflicts.
data-ai2
metrics-logs-traces
Implement comprehensive observability with metrics, logs, and distributed traces. Use this skill when setting up monitoring, debugging production issues, or implementing observability. Activate when: metrics, logs, traces, observability, monitoring, Datadog, Prometheus, Grafana, OpenTelemetry, distributed tracing, logging, APM, what's happening in production.
development2
commit-message-crafter
Use this skill when writing Git commit messages. Activate when the user asks about commit message format, conventional commits, how to write good commit messages, commit message best practices, or when they're about to commit changes and need help crafting the message.
development2
performance-profiler
Use this skill when investigating performance issues. Activate when the user has slow code, needs to find performance bottlenecks, wants to profile application performance, is optimizing response times, or investigating memory usage.
development2
agent-supervisor-pattern
Use this skill when designing supervisor-based multi-agent systems. Activate when the user needs to orchestrate multiple AI agents, coordinate agent workflows, implement a central controller for agents, design hub-and-spoke agent architecture, or build hierarchical agent systems.
development2
agent-tool-routing
Use this skill when implementing tool selection for AI agents. Activate when the user needs agents to choose the right tools, implement dynamic tool routing, integrate MCP servers, design tool selection logic, or build agents that can use external services effectively.
tools2
agent-error-recovery
Use this skill when implementing error handling for AI agents. Activate when the user needs agents to handle failures gracefully, implement retry strategies, design fault-tolerant agent systems, or build agents that can recover from errors without human intervention.
development2
agent-handoff-protocols
Use this skill when designing task handoffs between agents. Activate when the user needs to pass work between agents, transfer context between agents, implement agent-to-agent communication, or design protocols for agents to collaborate on sequential tasks.
data-ai2
durable-state-patterns
Implement persistent agent state that survives failures and restarts. Use this skill when building stateful agents, implementing checkpointing, persisting agent memory across sessions, or recovering from failures. Activate when: durable state, agent persistence, checkpointing, agent recovery, stateful agents, state persistence, cross-session memory, agent restart.
development2
agent-cost-budgeting
Use this skill when managing AI agent costs. Activate when the user needs to control token usage, implement cost limits for agents, optimize LLM spending, track agent costs, or prevent runaway API bills in agent systems.
development2
secure-headers
HTTP security headers configuration guide. Use this skill when hardening web applications, configuring CSP, or setting up security headers. Activate when: security headers, CSP, Content-Security-Policy, HSTS, X-Frame-Options, CORS headers, clickjacking prevention, helmet.
tools2
logging-monitoring
OWASP A10 - Insufficient Logging and Monitoring. Use this skill when implementing audit logs, security monitoring, or incident detection. Activate when: logging, audit trail, security events, monitoring, alerting, SIEM, incident detection, log analysis, security logging, breach detection.
testing2
access-control-audit
OWASP A05 - Broken Access Control Detection. Use this skill when implementing authorization, checking permissions, or auditing who can access what resources. Activate when: authorization, permissions, access control, RBAC, ABAC, admin access, privilege escalation, IDOR, direct object reference, role check, can user access.
testing2
skill-testing
Test skills for correct activation, content quality, and regression — both automated checks (frontmatter validity, lint) and manual verification (query-suite activation testing). Covers CI integration and how to catch skill regressions before users do. Use this skill when adding skills to a repo, setting up CI for a skill library, or debugging "the skill exists but doesn't work". Activate when: test skills, validate skills, skill CI, skill linting, skill activation test, skill regression.
development2
code-explanation-generator
Use this skill when generating explanations for code. Activate when the user needs to understand complex code, wants to document how something works, needs to explain code to others, is onboarding to a new codebase, or wants to create educational content about code.
development2
progressive-disclosure
Structure SKILL.md content so the model reads just enough — concise summary up front, progressively deeper detail, examples on demand. Covers section ordering, length budgets, when to split into multiple skills. Use this skill when writing or refactoring a skill body, one skill has grown too long, or a skill is wordy but not useful. Activate when: SKILL.md structure, skill content, skill too long, split skill, progressive disclosure, skill body.
development2