Skills
The open registry for AI agent skills — structured prompts and workflows with recommended models, example prompts, and compatible tools.
Skills
122
Categories
9
Compatible tools
6
Contributors
2
Showing 22–42 of 100 skills
Builds cross-browser extensions on Manifest V3 with background service workers, content scripts, popup and options UIs, and message passing. Covers permissions scoping, storage sync, context menus, and store submission requirements for Chrome, Edge, and Firefox. Emphasizes least-privilege permissions and secure content-script isolation.
Builds robust webhook producers and consumers. Covers signature verification, idempotency keys, retry with exponential backoff, dead-letter handling, event ordering, and replay endpoints, and generates handler code plus tests so integrations survive duplicates and outages.
Modernizes legacy codebases incrementally and safely. Establishes characterization tests to lock in current behavior, then applies the strangler-fig pattern, dependency updates, and idiomatic refactors in small verifiable steps, producing a migration plan that avoids big-bang rewrites.
Scans code, configuration, and git history for leaked credentials such as API keys, tokens, private keys, and connection strings. Classifies findings by severity and false-positive likelihood, and provides safe remediation steps including rotation, history scrubbing, and pre-commit prevention.
Generates property-based tests that assert invariants across randomly generated inputs using frameworks like Hypothesis, fast-check, or jqwik. Identifies properties (round-trip, idempotence, invariants, oracle comparison), defines generators and shrinking, and sets up stateful testing for complex APIs. Surfaces edge cases that example-based tests miss.
Writes end-to-end UI tests with Playwright or Cypress that mirror real user journeys. Covers resilient selectors (roles/test-ids), network stubbing, auth setup, fixtures, waiting strategies that avoid flakiness, visual and accessibility assertions, and CI integration. Produces maintainable specs and a page-object structure.
Diagnoses and fixes flaky tests by analyzing test code and CI failure history for common sources of nondeterminism such as time and timezone dependence, order dependence, shared mutable state, race conditions, and unmocked network calls. Proposes targeted fixes and quarantine strategies to keep the suite trustworthy.
Helps design and implement features for machine learning models from raw tabular, time-series, or text data. Suggests transformations, encodings, aggregations, and leakage-safe splits, explains the rationale, and generates reproducible feature pipeline code with validation.
Adds production-grade observability to a codebase by instrumenting it with structured logs, metrics, and distributed traces. Recommends span boundaries, cardinality-safe labels, and OpenTelemetry conventions, then generates the wiring code and dashboards needed to make a service debuggable in production.
Analyzes LLM usage and reduces inference cost without sacrificing quality. Covers prompt compression, context trimming, caching (prompt and semantic), model routing by task difficulty, batching, structured output to cut retries, and token accounting. Produces a concrete plan with estimated savings and quality guardrails.
Configures HTTP security headers to harden web applications. Covers Content-Security-Policy (including nonces and strict-dynamic), HSTS, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP, and cookie flags. Produces server/CDN configuration, explains tradeoffs, and provides a rollout plan using report-only mode to avoid breakage.
Sets up and interprets mutation testing to measure real test-suite effectiveness beyond line coverage. Configures tools like Stryker, PIT, or mutmut, explains surviving mutants, recommends targeted tests to kill them, and tunes performance for CI. Helps teams find tests that assert nothing and coverage that lies.
Reviews cloud IAM policies for least-privilege violations, overly broad wildcards, privilege escalation paths, and risky trust relationships across AWS, GCP, and Azure. Explains the risk of each finding and rewrites policies to grant only the permissions actually needed.
Designs evaluation harnesses for LLM applications, covering dataset construction, task-specific metrics, LLM-as-judge rubrics with bias controls, and regression gates. Helps teams measure quality, catch regressions across model or prompt changes, and report results with confidence intervals rather than vibes.
Designs data quality checks for tables, pipelines, and warehouses. Generates expectation suites covering schema conformance, null and uniqueness constraints, referential integrity, freshness, and statistical drift, then wires them into pipelines so bad data is caught before it reaches dashboards or models.
Designs routing layers that dispatch requests across multiple LLMs based on task type, difficulty, latency, cost, and reliability. Covers classifier-based and heuristic routing, fallbacks and retries across providers, quality scoring, and A/B evaluation of routing policies. Helps teams get frontier quality where it matters and cheap models everywhere else.
Designs and implements real-time services using WebSockets and Server-Sent Events. Covers connection lifecycle, heartbeats, reconnection with backoff, room/channel fan-out, backpressure, authentication on upgrade, and horizontal scaling with a pub/sub backplane. Produces production patterns for chat, live dashboards, collaborative editing, and streaming updates.
Implements secure OAuth 2.0 and OpenID Connect flows including authorization code with PKCE, client credentials, and device code grants. Generates token exchange logic, refresh handling, state/nonce validation, and secure token storage. Flags common pitfalls like implicit flow usage, missing PKCE, and insecure redirect URI handling.
Generates and refactors Helm charts to package Kubernetes applications. Produces templated manifests, values.yaml with sensible defaults, helpers, chart dependencies, and hooks, and parameterizes images, resources, probes, and ingress so a workload can be deployed consistently across environments.
Reviews and rewrites Dockerfiles for smaller images, faster builds, and better security. Applies multi-stage builds, optimal layer ordering and caching, minimal base images, non-root users, and .dockerignore tuning, and flags vulnerabilities and bloat while keeping the build reproducible.
Plans and executes safe dependency upgrades across a project. Analyzes current versions, reads changelogs and release notes for breaking changes, sequences upgrades to minimize risk, applies required code migrations, and verifies with builds and tests. Works across npm, pip, Maven, Cargo, and Go modules.
Skills vs MCP servers
what's the difference?Skillsthe “what to do”
A skillA reusable, structured prompt/workflow with recommended models, an example prompt, and compatible tools. packages know-how — instructions, an example promptA ready-to-use prompt template that demonstrates how to invoke the skill., and recommended models — so an agent performs a task consistently. Skills add knowledge, not new connections.
MCP serversthe “how to connect”
An MCP serverModel Context Protocol server — a standard way to expose tools, resources, and prompts to AI agents and IDEs. gives an agent new capabilities by connecting it to real systems (databases, APIs, files) over a transportHow the client talks to the server: stdio (local process), SSE, or HTTP streaming.. MCP adds connections and actions, not task instructions.
Rule of thumb: reach for a skill when you need the model to do a task well, and an MCP server when you need it to reach a tool or system. They compose — a skill can rely on tools an MCP server provides.
Built a useful skill?
Submit a SKILL.md — it's open source and community-maintained.