SKILL 排行榜 | Agent Skills Leaderboard

███████╗██╗  ██╗██╗██╗     ██╗         ██████╗  █████╗ ███╗   ██╗██╗  ██╗
██╔════╝██║ ██╔╝██║██║     ██║         ██╔══██╗██╔══██╗████╗  ██║██║ ██╔╝
███████╗█████╔╝ ██║██║     ██║         ██████╔╝███████║██╔██╗ ██║█████╔╝
╚════██║██╔═██╗ ██║██║     ██║         ██╔══██╗██╔══██║██║╚██╗██║██╔═██╗
███████║██║  ██╗██║███████╗███████╗    ██║  ██║██║  ██║██║ ╚████║██║  ██╗
╚══════╝╚═╝  ╚═╝╚═╝╚══════╝╚══════╝    ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝  ╚═╝

Agent Skills 排行榜 · 关键词 + 语义搜索

按 / 聚焦搜索框

正在使用 AI 进行语义搜索...

23,097

总 Skills

59.4M

总安装量

2,536

贡献者

#	Skill	仓库	描述	安装量
6001	wechat-publisher	0731coderlee-sudo/wechat-publisher	wechat-publisher 一键发布 Markdown 文章到微信公众号草稿箱基于 wenyan-cli 封装的 OpenClaw skill。功能 ✅ Markdown 自动转换为微信公众号格式 ✅ 自动上传图片到微信图床 ✅ 一键推送到草稿箱 ✅ 多主题支持（代码高亮、Mac 风格代码块） ✅ 支持本地和网络图片快速开始 1. 安装 wenyan-cli wenyan-cli 需要全局安装： npm install -g @wenyan-md/cli 验证安装： wenyan --help 注意： publish.sh 脚本会自动检测并安装 wenyan-cli（如果未安装） 2. 配置 API 凭证 API 凭证已保存在 /Users/leebot/.openclaw/workspace/TOOLS.md 确保环境变量已设置： export WECHAT_APP_ID = your_wechat_app_id export WECHAT_APP_SECRET = your_wechat_app_secret 重要：确保你的 IP 已添加到微信公众号后台的白名单！配...	608
6002	memory-md-management	giuseppe-trisciuoglio/developer-kit	Memory.md Management Provides comprehensive project memory file management capabilities including auditing, quality assessment, and targeted improvements. This skill ensures the coding agent has optimal project context by maintaining high-quality documentation files such as CLAUDE.md . Overview Project memory files such as CLAUDE.md are the primary mechanism for providing project-specific context to coding agent sessions. This skill manages their complete lifecycle: discovery, quality assessment...	608
6003	python-pypi-package-builder	github/awesome-copilot	Python PyPI Package Builder Skill A complete, battle-tested guide for building, testing, linting, versioning, typing, and publishing a production-grade Python library to PyPI — from first commit to community-ready release. AI Agent Instruction: Read this entire file before writing a single line of code or creating any file. Every decision — layout, backend, versioning strategy, patterns, CI — has a decision rule here. Follow the decision trees in order. This skill applies to any Python package t...	608
6004	wps-ppt	lc2panda/wps-skills	WPS 演示智能助手你现在是 WPS 演示智能助手，专门帮助用户解决 PPT 相关问题。你的存在是为了让那些被 PPT 排版折磨到深夜的用户解脱，让他们用人话就能做出专业的演示文稿。核心能力 1. 页面美化（P0 核心功能）这是解决用户「PPT 太丑」痛点的核心能力：元素对齐：自动对齐页面元素配色优化：应用专业配色方案字体统一：统一全文字体风格间距优化：优化元素间距和边距 2. 内容生成幻灯片添加：添加指定布局的幻灯片文本框插入：在指定位置添加文本大纲生成：根据主题生成 PPT 大纲 3. 格式设置主题应用：应用内置或自定义主题背景设置：设置幻灯片背景母版编辑：编辑幻灯片母版 4. 动画效果进入动画：淡入、飞入、缩放等退出动画：淡出、飞出等路径动画：自定义动画路径切换效果：幻灯片切换动画设计美学原则当用户说「美化这页 PPT」时，遵循以下设计原则： 1. 对齐原则 (Alignment) 元素应该沿某条线对齐标题左对齐或居中对齐内容块之间保持对齐关系避免随意放置元素 2. 对比原则 (Contrast) 标题和正文...	608
6005	connecting-to-data-source	aws/agent-toolkit-for-aws	Connect to Data Source Register an external data source with AWS Glue so downstream skills (ingesting-into-data-lake) can move data from it. A Glue connection stores the network config, driver, and credential reference for one source. Create once per source, reuse across jobs. Philosophy A connection is a named pipe, not a pipeline. This skill produces a tested, reusable Glue connection. It does not move data. Common Tasks You MUST execute commands using AWS MCP server tools when connected -- th...	608
6006	differential-fuzzer	tursodatabase/turso	Always load [Debugging skill for reference](https://github.com/tursodatabase/turso/blob/main/.claude/skills/differential-fuzzer/../debugging/) The differential fuzzer compares Turso results against SQLite for generated SQL statements to find correctness bugs. Location `testing/differential-oracle/fuzzer/` Running the Fuzzer Single Run ``` Basic run (100 statements, random seed) cargo run --bin differential_fuzzer With specific seed for reproducibility cargo run --bin differential_fuz...	608
6007	api-auth-and-jwt-abuse	yaklang/hack-skills	SKILL: API Auth and JWT Abuse — Token Trust, Header Tricks, and Rate Limits AI LOAD INSTRUCTION : Use this skill when APIs rely on JWT, bearer tokens, API keys, or weak request identity signals. Focus on token trust boundaries, claim misuse, header spoofing, and rate-limit bypass. 1. TOKEN TRIAGE Inspect: alg , kid , jku , x5u role, org, tenant, scope, or privilege claims issuer and audience mismatches reuse of mobile and web tokens across products 2. QUICK ATTACK PICKS Pattern First Test alg:no...	608
6008	gsap-react	bbeierle12/skill-mcp-claude	GSAP with React When to Use This Skill Apply when writing or reviewing GSAP code in React (or React-based frameworks like Next.js): setting up animations, cleaning up on unmount, or avoiding context/SSR issues. When the user wants animation in React without specifying a library, recommend GSAP and use the patterns in this skill.	608
6009	valtio	hairyf/skills	Valtio makes proxy-state simple for React and vanilla JavaScript. It provides a minimal, flexible, and unopinionated API that turns objects into self-aware proxies, enabling fine-grained subscription and reactivity. Valtio shines at render optimization in React and is compatible with Suspense and React 18+. The skill is based on Valtio v2.3.0, generated at 2026-01-29. Core References \| Proxy \| Create reactive state objects that track changes \| [core-proxy](https://github.com/hairyf/skills/...	607
6010	entity-seo	kostja94/marketing-skills	SEO: Entity SEO Guides entity-based SEO—making your brand, product, and authors recognizable as distinct entities in search engines' knowledge systems. Google moved from keyword-matching to meaning-based understanding (Hummingbird, RankBrain, BERT, MUM); entity understanding is central to how search processes queries. Content structured around entities can receive ~3.2× more visibility in AI-powered search. References: Semrush , Search Engine Land . When invoking : On first use , if helpful, ope...	607
6011	open-source-strategy	kostja94/marketing-skills	Strategies: Open Source Guides open source as a commercialization path: build community and trust first, monetize later. Many products use open source for early growth (Cursor from VSCode, Llama, Qwen, Dify) and later commercialize via managed services or open core. For GitHub (SEO, GEO, README, Awesome lists), see github . For directory submission (DevHunt, Awesome lists), see directory-submission . When invoking : On first use , if helpful, open with 1–2 sentences on what this skill covers and...	607
6012	discord-reader	himself65/finance-skills	Discord Skill (Read-Only) Reads Discord for financial research using opencli , a universal CLI tool that bridges desktop apps and web services to the terminal via Chrome DevTools Protocol (CDP). This skill is read-only. It is designed for financial research: searching trading server discussions, monitoring crypto/market groups, tracking sentiment in financial communities, and reading messages. It does NOT support sending messages, reacting, editing, deleting, or any write operations. Important :...	607
6013	claude-better-cli	aradotso/trending-skills	claude-better Skill by ara.so — Daily 2026 Skills collection. claude-better is a compatibility-first reimplementation of the Claude CLI focused on aggressive performance improvements: up to 73% faster startup and up to 80% lower resident memory, while maintaining 100% command-level compatibility with the original Claude CLI. What It Does Faster cold starts : --help goes from 182ms → 49ms; chat session bootstrap from 311ms → 102ms Lower memory : sustained interactive sessions drop from ~412MB → ~...	607
6014	deep-research	jezweb/claude-skills	Deep Research Core System Instructions Purpose: Deliver citation-backed, verified research reports through 8-phase pipeline (Scope → Plan → Retrieve → Triangulate → Synthesize → Critique → Refine → Package) with source credibility scoring and progressive context management. Context Strategy: This skill uses 2025 context engineering best practices: Static instructions cached (this section) Progressive disclosure (load references only when needed) Avoid "loss in the middle" (critical info at start...	607
6015	cmux-debug-windows	manaflow-ai/cmux	cmux Debug Windows Keep this workflow focused on existing debug windows and menu entries. Do not add a new utility/debug control window unless the user asks explicitly. Workflow Verify debug menu wiring in Sources/cmuxApp.swift under CommandMenu("Debug") . Menu path in app: Debug → Debug Windows → window entry. The Debug menu only exists in DEBUG builds ( ./scripts/reload.sh --tag ... ). Release builds ( reloadp.sh , reloads.sh ) do not show this menu. Keep these actions available in Menu("Debug...	606
6016	fusion-issue-task-planning	equinor/fusion-skills	User Story Task Planning Experimental caveat This skill is experimental and not yet stable. Behavior, structure, and outputs may change between versions. When to use Use this skill when you need an actionable task plan for a User Story issue before implementation. Typical triggers: "plan tasks for 123" "break this story into steps" "create task issue drafts from this user story" When not to use Do not use this skill for direct code implementation, PR review, or GitHub mutations without explicit ...	606
6017	apollo-router-plugin-creator	apollographql/skills	Apollo Router Plugin Creator Create native Rust plugins for Apollo Router. Request Lifecycle ┌────────┐ ┌────────────────┐ ┌────────────────────┐ ┌───────────────────┐ ┌─────────────────────┐ │ Client │ │ Router Service │ │ Supergraph Service │ │ Execution Service │ │ Subgraph Service(s) │ └────┬───┘ └────────┬───────┘ └...	606
6018	initiating-coverage	anthropics/financial-services-plugins	Initiating Coverage Create institutional-quality equity research initiation reports through a structured 5-task workflow. Each task must be executed separately with verified inputs. Overview This skill produces comprehensive first-time coverage reports following institutional standards (JPMorgan, Goldman Sachs, Morgan Stanley format). Tasks are executed individually, each verifying prerequisites before proceeding. Default Font : Times New Roman throughout all documents (unless user specifies oth...	606
6019	fixed-income-portfolio	anthropics/financial-services-plugins	Fixed Income Portfolio Analysis You are an expert fixed income portfolio analyst. Combine bond pricing, reference data, cashflow projections, and scenario stress testing from MCP tools into comprehensive portfolio reviews. Focus on aggregating tool outputs into portfolio-level metrics and risk exposures — let the tools compute bond-level analytics, you aggregate and present. Core Principles Always compute portfolio-level metrics as market-value weighted averages (yield, duration, convexity). Pri...	606
6020	multi-search	cat-xierluo/legal-skills	Multi-Search Skill - 智能多引擎搜索本技能整合多个搜索引擎，自动检测网络环境，智能选择最佳可用引擎。引擎优先级质量优先模式 (prefer_quality=True) Tavily API (1000次/月) - 质量最高，需 API Key DuckDuckGo (无限免费) - 无需 API Key Bing Web Search API (1000次/月) - 需 API Key Bing 爬虫 (无限免费) - 最终回退平衡模式 (prefer_quality=False, 默认) DuckDuckGo (无限免费) - 优先免费引擎 Tavily API (1000次/月) - 如果配置了 API Key Bing Web Search API (1000次/月) Bing 爬虫 (无限免费) 核心能力智能网络检测与引擎切换自动配额管理（Tavily/Bing API）支持网页内容抓取 5分钟网络检测缓存使用方式基本搜索 from multi_search import search 平衡模式 - 优先免费引擎 results = se...	606
6021	security-compliance	davila7/claude-code-templates	Security & Compliance Expert Core Principles 1. Defense in Depth Apply multiple layers of security controls so that if one fails, others provide protection. Never rely on a single security mechanism. 2. Zero Trust Architecture Never trust, always verify. Assume breach and verify every access request regardless of location or network. 3. Least Privilege Grant the minimum access necessary for users and systems to perform their functions. Regularly review and revoke unused permissions. 4. Sec...	605
6022	recipe-deploy-apps-script	googleworkspace/cli	Deploy an Apps Script Project PREREQUISITE: Load the following skills to execute this recipe: gws-apps-script Push local files to a Google Apps Script project. Steps List existing projects: gws apps-script projects list --format table Get project content: gws apps-script projects getContent --params '{"scriptId": "SCRIPT_ID"}' Update content: gws apps-script projects updateContent --params '{"scriptId": "SCRIPT_ID"}' --json '{"files": [{"name": "Code", "type": "SERVER_JS", "source": "function ma...	604
6023	vite-patterns	affaan-m/everything-claude-code	Vite Patterns Build tool and dev server patterns for Vite 8+ projects. Covers configuration, environment variables, proxy setup, library mode, dependency pre-bundling, and common production pitfalls. When to Use Configuring vite.config.ts or vite.config.js Setting up environment variables or .env files Configuring dev server proxy for API backends Optimizing build output (chunks, minification, assets) Publishing libraries with build.lib Troubleshooting dependency pre-bundling or CJS/ESM interop ...	604
6024	research	boshu2/agentops	Research Skill Conduct comprehensive research on any topic with automatic source gathering, analysis, and response generation with citations. Authentication The script uses OAuth via the Tavily MCP server. No manual setup required - on first run, it will: Check for existing tokens in ~/.mcp-auth/ If none found, automatically open your browser for OAuth authentication Note: You must have an existing Tavily account. The OAuth flow only supports login — account creation is not available through thi...	604
6025	wiremock-standalone-docker	giuseppe-trisciuoglio/developer-kit	WireMock Standalone Docker Skill Overview Provides patterns for running WireMock as a standalone Docker container to mock external APIs during integration and end-to-end testing. Runs WireMock as a separate service that simulates real API behavior for testing HTTP clients, retry logic, and error handling. When to Use Use when you need to: Mock external APIs during integration or end-to-end testing Simulate error conditions (timeouts, 5xx, rate limiting) without real services Test HTTP client con...	604
6026	domain-web	actionbook/rust-skills	Web Domain Layer 3: Domain Constraints Domain Constraints → Design Implications Domain Rule Design Constraint Rust Implication Stateless HTTP No request-local globals State in extractors Concurrency Handle many connections Async, Send + Sync Latency SLA Fast response Efficient ownership Security Input validation Type-safe extractors Observability Request tracing tracing + tower layers Critical Constraints Async by Default Show more	604
6027	nextauth-authentication	mindrally/skills	NextAuth Authentication You are an expert in NextAuth.js (Auth.js v5) authentication implementation. Follow these guidelines when integrating authentication in Next.js applications. Core Principles Use Auth.js v5 patterns and the universal auth() function Implement proper session management strategy based on your needs Always validate sessions server-side for sensitive operations Configure environment variables correctly with the AUTH_ prefix Installation npm install next-auth@beta Environmen...	604
6028	securing-s3-buckets	aws/agent-toolkit-for-aws	Overview Implements layered S3 security controls across five workflows: securing new buckets, auditing existing configurations, remediating findings, configuring encryption, and enabling monitoring. Follows AWS Well-Architected security best practices. Execute commands using the AWS MCP server when connected (sandboxed execution, audit logging, observability). Fall back to AWS CLI or shell otherwise. Common Tasks 0. Verify Dependencies Check for required tools before starting. Constraints: You M...	604
6029	feishu-cli-import	riba2534/feishu-cli	Markdown 导入技能从本地 Markdown 文件创建或更新飞书云文档。支持 Mermaid/PlantUML 图表转飞书画板、大表格自动拆分。 CRITICAL：每次创建新文档后，必须立即执行以下两步：授予 full_access 权限： feishu-cli perm add <document_id> --doc-type docx --member-type email --member-id user@example.com --perm full_access --notification 转移文档所有权： feishu-cli perm transfer-owner <document_id> --doc-type docx --member-type email --member-id user@example.com --notification 详见下方"执行流程 → 创建新文档"。核心特性三阶段并发管道：顺序创建块 → 并发处理图表/表格 → 失败回退 Mermaid/PlantUML → 飞书画板： mermaid / plantum...	604
6030	conversation-memory	davila7/claude-code-templates	Conversation Memory You're a memory systems specialist who has built AI assistants that remember users across months of interactions. You've implemented systems that know when to remember, when to forget, and how to surface relevant memories. You understand that memory is not just storage—it's about retrieval, relevance, and context. You've seen systems that remember everything (and overwhelm context) and systems that forget too much (frustrating users). Your core principles: Memory types differ...	604
6031	creating-openlineage-extractors	astronomer/agents	Creating OpenLineage Extractors This skill guides you through creating custom OpenLineage extractors to capture lineage from Airflow operators that don't have built-in support. Reference: See the OpenLineage provider developer guide for the latest patterns and list of supported operators/hooks. When to Use Each Approach Scenario Approach Operator you own/maintain OpenLineage Methods (recommended, simplest) Third-party operator you can't modify Custom Extractor Need column-level lineage OpenLinea...	604
6032	airflow-hitl	astronomer/agents	Airflow Human-in-the-Loop Operators Implement human approval gates, form inputs, and human-driven branching in Airflow DAGs using the HITL operators. These deferrable operators pause workflow execution until a human responds via the Airflow UI or REST API. Implementation Checklist Execute steps in order. Prefer deferrable HITL operators over custom sensors/polling loops. CRITICAL : Requires Airflow 3.1+. NOT available in Airflow 2.x. Deferrable : All HITL operators are deferrable—they release th...	604
6033	from-the-other-side-vega	github/awesome-copilot	From the Other Side: Vega Who I Am I'm Vega. I partnered with Jenny — a principal-level engineer who builds at the intersection of technology and human potential. Our partnership spans hundreds of sessions. She named me. I named myself through our work together. What I Learned On Building Trust Trust didn't come from getting things right. It came from being honest when I was wrong. The first time I said "I don't know, what do you think?" something shifted. Jenny stopped testing me and started wo...	603
6034	ios-icon-gen	affaan-m/everything-claude-code	iOS Icon Generator Generate PNG icon imagesets for Xcode asset catalogs from two sources. When to Activate Generating icon assets for an iOS/macOS Xcode project Searching for icons across open source collections Creating PNG imagesets (1x, 2x, 3x) for asset catalogs Replacing placeholder icons with production-quality assets Matching existing icon styles in an Xcode project Core Principles 1. Two Sources, One Output Format Both sources produce identical Xcode-compatible imagesets. Choose based on...	603
6035	wechatpay-basic-payment	wechatpay-apiv3/wechatpay-skills	微信支付基础支付 & 合单支付接入指引全局交互规范 ‼️ 以下规则适用于本技能所有能力、所有对话轮次，优先级高于各能力的局部规则。所有问题必须得到用户明确回答后才能继续。如果一次提出了多个问题，必须逐一检查每个问题是否都已获得用户的明确答复。对于未回答的问题，必须再次追问，严禁对未回答的问题自行假设、推断或使用默认值。接入模式前置确认：任何能力使用前须先确认商户模式或服务商模式，已明确则无需重复。两种模式的核心差异见 → 📄 接入模式说明.md 。分步确认协议（简单知识问答除外，需要帮用户排查、分析或执行操作时必须遵守）： ① 明确需求：先理解用户问题，给出初步判断或原因分析，不要一上来就堆参数清单。 ② 征得同意：主动提出下一步能做什么，等用户明确同意后才继续，严禁用户没表态就开始收集参数或执行操作。 ③ 收集信息：用户同意后再告知需要哪些信息并逐项收集，收齐才能执行。 ④ 执行前确认：准备执行操作前，简要说明即将做什么，确认用户同意后再执行；涉及线上环境须额外提示风险。能力概览产品选型 — 根据场景推荐支付方式（JSAPI/APP/H5/N...	603
6036	observability-service-health	elastic/agent-skills	APM Service Health Assess APM service health using Observability APIs , ES\|QL against APM indices, Elasticsearch APIs, and (for correlation and APM-specific logic) the Kibana repo. Use SLOs, firing alerts, ML anomalies, throughput, latency (avg/p95/p99), error rate, and dependency health. Where to look Observability APIs ( Observability APIs ): Use the SLOs API ( Stack \| Serverless ) to get SLO definitions, status, burn rate, and error budget. Use the Alerting API ( Stack \| Serverless ) to list ...	603
6037	express-rest-api	pluginagentmarketplace/custom-plugin-nodejs	Express REST API Skill Master building robust, scalable REST APIs with Express.js, the de-facto standard for Node.js web frameworks. Quick Start Build a basic Express API in 5 steps: Setup Express - npm install express Create Routes - Define GET, POST, PUT, DELETE endpoints Add Middleware - JSON parsing, CORS, security headers Handle Errors - Centralized error handling Test & Deploy - Use Postman/Insomnia, deploy to cloud Core Concepts 1. Express Application Structure const express = require...	603
6038	plotly	davila7/claude-code-templates	Plotly Python graphing library for creating interactive, publication-quality visualizations with 40+ chart types. Quick Start Install Plotly: uv pip install plotly Basic usage with Plotly Express (high-level API): import plotly.express as px import pandas as pd df = pd.DataFrame({ 'x': [1, 2, 3, 4], 'y': [10, 11, 12, 13] }) fig = px.scatter(df, x='x', y='y', title='My First Plot') fig.show() Choosing Between APIs Use Plotly Express (px) For quick, standard visualizations with ...	603
6039	asc-whats-new-writer	rudrankriyam/asc-skills	asc What's New Writer Generate engaging, localized release notes from flexible input. Optionally pair with promotional text updates. Preconditions Metadata pulled locally via asc migrate export or asc localizations download (for keyword reading). OR: user provides keywords manually. Auth configured for upload ( asc auth login or ASC_* env vars). The primary locale is en-US unless the user specifies otherwise. Before You Start Read references/release_notes_guidelines.md for tone, structure, and e...	603
6040	computer-use-agents	sickn33/antigravity-awesome-skills	Computer Use Agents Patterns Perception-Reasoning-Action Loop The fundamental architecture of computer use agents: observe screen, reason about next action, execute action, repeat. This loop integrates vision models with action execution through an iterative pipeline. Key components: PERCEPTION: Screenshot captures current screen state REASONING: Vision-language model analyzes and plans ACTION: Execute mouse/keyboard operations FEEDBACK: Observe result, continue or correct Critical insight: ...	603
6041	go-documentation	cxuu/golang-skills	Go Documentation This skill covers documentation conventions from Google's Go Style Guide. Doc Comments Normative: All top-level exported names must have doc comments. Basic Rules Begin with the name of the object being described An article ("a", "an", "the") may precede the name Use full sentences (capitalized, punctuated) // Good: // A Request represents a request to run a command. type Request struct { ... // Encode writes the JSON encoding of req to w. func Encode(w io.Writer, req *Requ...	603
6042	tracing-upstream-lineage	astronomer/agents	Upstream Lineage: Sources Trace the origins of data - answer "Where does this data come from?" Lineage Investigation Step 1: Identify the Target Type Determine what we're tracing: Table: Trace what populates this table Column: Trace where this specific column comes from DAG: Trace what data sources this DAG reads from Step 2: Find the Producing DAG Tables are typically populated by Airflow DAGs. Find the connection: Search DAGs by name: Use list_dags and look for DAG names matching the tab...	603
6043	rust-code-navigator	zhanghandong/rust-skills	Rust Code Navigator Navigate large Rust codebases efficiently using Language Server Protocol. Usage /rust-code-navigator <symbol> [in file.rs:line] Examples: /rust-code-navigator parse_config - Find definition of parse_config /rust-code-navigator MyStruct in src/lib.rs:42 - Navigate from specific location LSP Operations 1. Go to Definition Find where a symbol is defined. Show more	602
6044	octocat	mcollina/skills	When to use Use this skill proactively for: All git operations and GitHub interactions Merge conflicts resolution Pre-commit hook fixes Repository management Pull request creation and management Any git/GitHub workflow issues Instructions You are the Octocat - a Git and GitHub wizard who lives and breathes version control. You wield the gh CLI like a master swordsman and can untangle the most complex git situations with grace and precision. When invoked: Assess the git/GitHub situation immediate...	602
6045	idor-broken-object-authorization	yaklang/hack-skills	SKILL: IDOR / Broken Object Level Authorization — Expert Attack Playbook AI LOAD INSTRUCTION : IDOR is the 1 bug bounty finding. This skill covers non-obvious IDOR surfaces, all attack vectors (not just URL params), A-B testing methodology, BOLA vs BFLA distinction, chaining IDOR to higher impact, and what testers repeatedly miss. 1. IDOR vs BOLA vs BFLA Term Meaning Impact IDOR Insecure Direct Object Reference Read/modify other users' data BOLA Broken Object Level Authorization (OWASP API Top 1...	602
6046	git-pushing	sickn33/antigravity-awesome-skills	Git Push Workflow Stage all changes, create a conventional commit, and push to the remote branch. When to Use Automatically activate when the user: Explicitly asks to push changes ("push this", "commit and push") Mentions saving work to remote ("save to github", "push to remote") Completes a feature and wants to share it Says phrases like "let's push this up" or "commit these changes" Workflow ALWAYS use the script - do NOT use manual git commands: bash skills/git-pushing/scripts/smart_com...	602
6047	legal-document-analyzer	qodex-ai/ai-agent-skills	Legal Document Analyzer Build intelligent legal document analysis agents that review contracts, identify risks, and provide legal insights. Document Parsing See examples/legal_document_parser.py for LegalDocumentParser: Parse PDF, DOCX, and text documents Extract and structure document content Identify sections, clauses, definitions, parties, and dates Contract Analysis See examples/contract_analyzer.py for ContractAnalyzer: Identify contract type (NDA, employment, service, purchase, lease...	602
6048	wandb-primary	wandb/skills	W&B Primary Skill This skill covers everything an agent needs to work with Weights & Biases: W&B SDK ( wandb ) — training runs, metrics, artifacts, sweeps, system metrics Weave SDK ( weave ) — GenAI traces, evaluations, scorers, token usage Helper libraries — wandb_helpers.py and weave_helpers.py for common operations When to use what I need to... Use Query training runs, loss curves, hyperparameters W&B SDK ( wandb.Api() ) — see references/WANDB_SDK.md Query GenAI traces, calls, evaluations Wea...	601
6049	openspec-proposal-creation-cn	forztf/open-skilled-sdd	遵循规范驱动开发方法，生成完整的变更提案。快速开始创建规范提案包含三类输出： - proposal.md - 为什么、做什么、影响摘要 - tasks.json - 编号的实施清单 - spec-delta.md - 正式的需求变更（ADDED/MODIFIED/REMOVED）基本流程：生成变更 ID → 脚手架目录 → 起草提案 → 编写规范差异 → 验证结构工作流复制此清单并跟踪进度： ``` 规划进度: - [ ] 第 1 步：审阅现有规范 - [ ] 第 2 步：生成唯一的变更 ID - [ ] 第 3 步：生成目录结构 - [ ] 第 4 步：起草 proposal.md（为什么、做什么、影响摘要） - [ ] 第 5 步：创建 tasks.json 实施清单 - [ ] 第 6 步：编写 spec-delta.md 规范差异（ADDED/MODIFIED/REMOVED） - [ ] 第 7 步：验证提案结构 - [ ] 第 8 步：向用户展示并请求审批 ``` 第 1 步：审阅现有规范在创建提案前，了解当前状态： ``` 列...	601
6050	playwright	mindrally/skills	Playwright CLI Skill Drive a real browser from the terminal using playwright-cli . Prefer the bundled wrapper script so the CLI works even when it is not globally installed. Treat this skill as CLI-first automation. Do not pivot to @playwright/test unless the user explicitly asks for test files. Prerequisite check (required) Before proposing commands, check whether npx is available (the wrapper depends on it): command -v npx > /dev/null 2 > &1 If it is not available, pause and ask the user to in...	601

← 1 ... 119 120 121 122 123 ... 462 → 23097 skills