Skills

The open registry for AI agent skills — structured prompts and workflows with recommended models, example prompts, and compatible tools.

Contribute a Skill

Skills

48

Categories

9

Compatible tools

6

Contributors

2

Showing 121 of 48 skills

Penetration Test Planneradvanced

Plans authorized penetration tests for systems you own or are permitted to assess. Defines scope, rules of engagement, and objectives; maps the attack surface; structures phases (recon, mapping, exploitation, post-exploitation, reporting) around a framework like the OWASP Testing Guide or PTES; and specifies safe handling of findings. Emphasizes explicit authorization and non-destructive testing.

4 models
Disaster Recovery Planneradvanced

Builds disaster recovery and business continuity plans for systems and data. Defines RTO and RPO targets, maps critical dependencies, chooses backup and replication strategies, documents failover and restore procedures, and designs a testing cadence with game days. Produces a plan that balances resilience against cost and operational complexity.

4 models
Caching Strategy Designeradvanced

Designs caching strategies across the stack to cut latency and load. Chooses cache layers (browser, CDN, application, database), picks patterns (cache-aside, read-through, write-through, write-behind), sets TTLs and eviction policies, and plans invalidation to avoid staleness and stampedes. Produces a layered plan with keys, TTLs, and invalidation rules.

4 models
Visual Regression Testeradvanced

Designs and implements visual regression testing for web UIs. Recommends a tooling approach (Playwright snapshots, Storybook + a diffing service, or a dedicated platform), writes screenshot tests with stable selectors and masked dynamic regions, sets sensible diff thresholds, and integrates the suite into CI with baseline management to reduce flaky failures.

4 models
Privacy Compliance Auditoradvanced

Reviews applications and data flows for common privacy-regulation obligations (GDPR, CCPA/CPRA). Maps what personal data is collected, where it flows, and how long it is retained; checks for lawful basis, consent handling, data-subject rights, and third-party sharing; and produces a prioritized remediation list. Provides engineering guidance, not legal advice.

4 models
Fine-Tuning Dataset Curatoradvanced

Curates high-quality datasets for supervised fine-tuning (SFT) and preference optimization (DPO/RLHF). Covers deduplication, quality filtering, formatting into chat/instruction templates, train/validation splits, label balancing, contamination checks against eval sets, and PII scrubbing. Produces clean, well-documented datasets ready for training.

4 models
Contract Test Generatoradvanced

Generates consumer-driven contract tests between services so that API providers and consumers stay compatible as they evolve independently. Produces Pact-style contracts, provider verification stubs, and CI wiring, and flags breaking changes before they reach production.

3 models
LLM Eval Harness Builderadvanced

Designs evaluation harnesses for LLM applications, covering dataset construction, task-specific metrics, LLM-as-judge rubrics with bias controls, and regression gates. Helps teams measure quality, catch regressions across model or prompt changes, and report results with confidence intervals rather than vibes.

4 models
IAM Policy Revieweradvanced

Reviews cloud IAM policies for least-privilege violations, overly broad wildcards, privilege escalation paths, and risky trust relationships across AWS, GCP, and Azure. Explains the risk of each finding and rewrites policies to grant only the permissions actually needed.

3 models
Chaos Experiment Designeradvanced

Designs chaos engineering experiments to validate system resilience. Defines steady-state hypotheses, blast-radius limits, fault injections (latency, errors, instance/zone loss, resource exhaustion), abort conditions, and observability checks. Produces a safe, incremental experiment plan and success criteria for game days and automated chaos.

4 models
Mutation Testing Advisoradvanced

Sets up and interprets mutation testing to measure real test-suite effectiveness beyond line coverage. Configures tools like Stryker, PIT, or mutmut, explains surviving mutants, recommends targeted tests to kill them, and tunes performance for CI. Helps teams find tests that assert nothing and coverage that lies.

4 models
Legacy Code Modernizeradvanced

Modernizes legacy codebases incrementally and safely. Establishes characterization tests to lock in current behavior, then applies the strangler-fig pattern, dependency updates, and idiomatic refactors in small verifiable steps, producing a migration plan that avoids big-bang rewrites.

4 models
LLM Cost Optimizeradvanced

Analyzes LLM usage and reduces inference cost without sacrificing quality. Covers prompt compression, context trimming, caching (prompt and semantic), model routing by task difficulty, batching, structured output to cut retries, and token accounting. Produces a concrete plan with estimated savings and quality guardrails.

4 models
Property-Based Test Generatoradvanced

Generates property-based tests that assert invariants across randomly generated inputs using frameworks like Hypothesis, fast-check, or jqwik. Identifies properties (round-trip, idempotence, invariants, oracle comparison), defines generators and shrinking, and sets up stateful testing for complex APIs. Surfaces edge cases that example-based tests miss.

4 models
OAuth Flow Implementeradvanced

Implements secure OAuth 2.0 and OpenID Connect flows including authorization code with PKCE, client credentials, and device code grants. Generates token exchange logic, refresh handling, state/nonce validation, and secure token storage. Flags common pitfalls like implicit flow usage, missing PKCE, and insecure redirect URI handling.

4 models
WebSocket Service Builderadvanced

Designs and implements real-time services using WebSockets and Server-Sent Events. Covers connection lifecycle, heartbeats, reconnection with backoff, room/channel fan-out, backpressure, authentication on upgrade, and horizontal scaling with a pub/sub backplane. Produces production patterns for chat, live dashboards, collaborative editing, and streaming updates.

4 models
Model Router Designeradvanced

Designs routing layers that dispatch requests across multiple LLMs based on task type, difficulty, latency, cost, and reliability. Covers classifier-based and heuristic routing, fallbacks and retries across providers, quality scoring, and A/B evaluation of routing policies. Helps teams get frontier quality where it matters and cheap models everywhere else.

4 models
Recommendation System Designeradvanced

Designs recommendation systems end to end: candidate generation, ranking, and re-ranking. Covers collaborative filtering, content-based and embedding retrieval, two-tower models, cold-start strategies, feature stores, offline/online evaluation (NDCG, recall@k), and feedback loops. Produces an architecture and evaluation plan tailored to the product.

4 models
Grant Proposal Writeradvanced

Helps researchers and nonprofits draft compelling grant proposals. Structures the significance, aims, methodology, timeline, and budget justification to match a funder's priorities and review criteria, tightens the narrative, and flags gaps a reviewer would penalize before submission.

3 models
Multi-Agent Orchestratoradvanced

Designs multi-agent systems where a coordinator delegates sub-tasks to specialist agents, verifies intermediate results, and synthesizes a final answer. Covers agent role definition, routing and delegation strategy, shared memory and message passing, verification loops, cost and latency budgeting, and failure handling across frameworks like LangGraph, CrewAI, or a custom orchestrator.

3 models
Prompt Injection Testeradvanced

Red-teams LLM applications for prompt injection, jailbreaks, and data exfiltration risks. Generates adversarial test cases for direct and indirect injection, system prompt leakage, tool-call abuse, and unsafe output handling, then reports findings with severity ratings and concrete mitigations such as input isolation, output filtering, and least-privilege tools.

3 models

Skills vs MCP servers

what's the difference?

Skillsthe “what to do”

A skillA reusable, structured prompt/workflow with recommended models, an example prompt, and compatible tools. packages know-how — instructions, an example promptA ready-to-use prompt template that demonstrates how to invoke the skill., and recommended models — so an agent performs a task consistently. Skills add knowledge, not new connections.

MCP serversthe “how to connect”

An MCP serverModel Context Protocol server — a standard way to expose tools, resources, and prompts to AI agents and IDEs. gives an agent new capabilities by connecting it to real systems (databases, APIs, files) over a transportHow the client talks to the server: stdio (local process), SSE, or HTTP streaming.. MCP adds connections and actions, not task instructions.

Rule of thumb: reach for a skill when you need the model to do a task well, and an MCP server when you need it to reach a tool or system. They compose — a skill can rely on tools an MCP server provides.

Built a useful skill?

Submit a SKILL.md — it's open source and community-maintained.

Contribute on GitHub