所有 Skills

flowglad-checkout

2dev-api

Implement checkout sessions for purchasing subscriptions and products with Flowglad. Use this skill when creating upgrade buttons, purchase flows, or redirecting users to hosted checkout pages.

flowglad

获取

adk

2dev-codegen

a set of guidelines to build with Botpress's Agent Development Kit (ADK) - use these whenever you're tasked with building a feature using the ADK

botpress

获取

airweave-search

2research

Search and retrieve context from Airweave collections. Use when users ask about their data in connected apps (Slack, GitHub, Notion, Jira, Confluence, Google Drive, Salesforce, databases, etc.), need to find documents or information from their workspace, want answers based on their company data, or need you to check app data for context to complete a task.

airweave-ai

获取

listenhub

2design

Explain anything — turn ideas into podcasts, explainer videos, or voice narration. Use when the user wants to "make a podcast", "create an explainer video", "read this aloud", "generate an image", or share knowledge in audio/visual form. Supports: topic descriptions, YouTube links, article URLs, plain text, and image prompts.

marswaveai

获取

lit-best-practices

2dev-codegen

Lit web components best practices and performance optimization guidelines. Use when writing, reviewing, or refactoring Lit web components. Triggers on tasks involving Lit components, custom elements, shadow DOM, reactive properties, or web component performance.

artmsilva

获取

building-dashboards

2

Designs and builds Axiom dashboards via API. Covers chart types, APL patterns, SmartFilters, layout, and configuration options. Use when creating dashboards, migrating from Splunk, or configuring chart options.

axiomhq

获取

controlling-costs

2

Analyzes Axiom query patterns to find unused data, then builds dashboards and monitors for cost optimization. Use when asked to reduce Axiom costs, find unused columns or field values, identify data waste, or track ingest spend.

axiomhq

获取

intent-report

2dev-docs

Generate human-readable report from Intent files. Converts technical Intent specs into readable documents for stakeholders, team members, or documentation. Supports multiple output formats.

ArcBlock

获取

rust-skills

2dev-codegen

Comprehensive Rust coding guidelines with 179 rules across 14 categories. Use when writing, reviewing, or refactoring Rust code. Covers ownership, error handling, async patterns, API design, memory optimization, performance, testing, and common anti-patterns. Invoke with /rust-skills.

leonardomso

获取

cryptography-as-a-service

2dev-devops

Security pattern for delegating cryptographic operations and key management to an external service. Use when designing systems that should not possess cryptographic keys directly. Implementation of Cryptographic Key Management pattern. Examples include Android Keystore, iOS KeyChain, AWS KMS, Azure Key Vault, Google Cloud KMS. Reduces risk of key leakage and cipher misconfiguration.

igbuend

获取

verifiable-token-based-authentication

2dev-codegen

Security pattern for self-contained token authentication (e.g., JWT). Use when implementing stateless authentication, designing tokens with embedded claims, or building systems where tokens contain principal information and can be verified without server-side storage. Specialization of Authentication pattern.

igbuend

获取

sql-injection-anti-pattern

2dev-codegen

Security anti-pattern for SQL Injection vulnerabilities (CWE-89). Use when generating or reviewing code that constructs database queries, builds SQL statements, or handles user input in database operations. Detects string concatenation in queries and recommends parameterized queries.

igbuend

获取

log-entity-actions

2dev-codegen

Security pattern for implementing security logging and audit trails. Use when designing logging systems for security events, implementing non-repudiation, creating audit trails, or addressing security monitoring and incident response needs. Addresses "Entity repudiates action request" problem.

igbuend

获取

hallucinated-packages-anti-pattern

2dev-codegen

Security anti-pattern for hallucinated (non-existent) packages (CWE-1357). Use when generating or reviewing AI-assisted code that imports packages, dependencies, or libraries. CRITICAL AI-specific vulnerability with 5-21% hallucination rate. Detects dependency confusion and slopsquatting risks.

igbuend

获取

selective-encrypted-transmission

2dev-devops

Security pattern for encrypting specific data before transmission. Use when only certain data elements need encryption, implementing field-level encryption for transit, or when entities must actively manage encryption decisions. Addresses "Leak action request or data in transit" problem.

igbuend

获取

self-managed-cryptography

2dev-devops

Security pattern for systems that manage cryptographic keys themselves rather than delegating to an external service. Use when the application must store, retrieve, and manage cryptographic keys directly. Implementation of Cryptographic Key Management pattern. Covers key storage security, key derivation from passwords, limiting key exposure, and protecting key confidentiality and integrity throughout the lifecycle.

igbuend

获取

selective-encrypted-storage

2dev-devops

Security pattern for field-level encryption at rest. Use when encrypting specific sensitive data fields before storage, implementing application-level encryption for databases, or when only certain data elements need encryption at rest. Addresses "Leak data at rest" problem.

igbuend

获取

data-validation

2dev-devops

Security pattern for input validation and sanitization. Use when implementing input handling, preventing injection attacks (SQL, XSS, command), ensuring data integrity, or processing data from untrusted sources. Addresses "Entity provides unexpected data" problem.

igbuend

获取

missing-input-validation-anti-pattern

2dev-devops

Security anti-pattern for missing input validation (CWE-20). Use when generating or reviewing code that processes user input, form data, API parameters, or external data. Detects client-only validation, missing type checks, and absent length limits. Foundation vulnerability enabling most attack classes.

igbuend

获取

weak-encryption-anti-pattern

2dev-devops

Security anti-pattern for weak encryption (CWE-326, CWE-327). Use when generating or reviewing code that encrypts data, handles encryption keys, or uses cryptographic modes. Detects DES, ECB mode, static IVs, and custom crypto implementations.

igbuend

获取

open-cors-anti-pattern

2dev-devops

Security anti-pattern for open Cross-Origin Resource Sharing (CORS) policies (CWE-942). Use when generating or reviewing server configurations, API backends, or any code that sets CORS headers. Detects overly permissive Access-Control-Allow-Origin headers, including wildcard, null origin, and reflected origin.

igbuend

获取

xpath-injection-anti-pattern

2dev-devops

Security anti-pattern for XPath injection vulnerabilities (CWE-643). Use when generating or reviewing code that queries XML documents, constructs XPath expressions, or handles user input in XML operations. Detects unescaped quotes and special characters in XPath queries.

igbuend

获取

debug-mode-production-anti-pattern

2dev-devops

Security anti-pattern for debug mode in production (CWE-215). Use when generating or reviewing code that configures application settings, deployment configurations, or error handling. Detects hardcoded debug flags and development-only features in production.

igbuend

获取

opaque-token-based-authentication

2dev-devops

Security pattern for server-side token authentication (e.g., session IDs). Use when implementing session management, designing stateful authentication where server maintains token-to-principal mapping, or building systems requiring immediate token revocation. Specialization of Authentication pattern.

igbuend

获取