SKILL 排行榜 | Agent Skills Leaderboard

███████╗██╗  ██╗██╗██╗     ██╗         ██████╗  █████╗ ███╗   ██╗██╗  ██╗
██╔════╝██║ ██╔╝██║██║     ██║         ██╔══██╗██╔══██╗████╗  ██║██║ ██╔╝
███████╗█████╔╝ ██║██║     ██║         ██████╔╝███████║██╔██╗ ██║█████╔╝
╚════██║██╔═██╗ ██║██║     ██║         ██╔══██╗██╔══██║██║╚██╗██║██╔═██╗
███████║██║  ██╗██║███████╗███████╗    ██║  ██║██║  ██║██║ ╚████║██║  ██╗
╚══════╝╚═╝  ╚═╝╚═╝╚══════╝╚══════╝    ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝  ╚═╝

Agent Skills 排行榜 · 关键词 + 语义搜索

按 / 聚焦搜索框

正在使用 AI 进行语义搜索...

23,097

总 Skills

59.4M

总安装量

2,536

贡献者

#	Skill	仓库	描述	安装量
6201	domain-web	zhanghandong/rust-skills	Web Domain Layer 3: Domain Constraints Domain Constraints → Design Implications Domain Rule Design Constraint Rust Implication Stateless HTTP No request-local globals State in extractors Concurrency Handle many connections Async, Send + Sync Latency SLA Fast response Efficient ownership Security Input validation Type-safe extractors Observability Request tracing tracing + tower layers Critical Constraints Async by Default Show more	581
6202	rust-call-graph	zhanghandong/rust-skills	Rust Call Graph Visualize function call relationships using LSP call hierarchy. Usage /rust-call-graph <function_name> [--depth N] [--direction in\|out\|both] Options: --depth N : How many levels to traverse (default: 3) --direction : in (callers), out (callees), both Examples: /rust-call-graph process_request - Show both callers and callees /rust-call-graph handle_error --direction in - Show only callers /rust-call-graph main --direction out --depth 5 - Deep callee analysis Show more	581
6203	babysit	thedotmack/claude-mem	Babysit PR Stay with the PR until it is actually clean. Do not stop after one check pass if comments or review threads are still unresolved. Workflow Identify the PR number, branch, and base branch. Confirm the PR is not draft and inspect mergeability, checks, review decision, comments, and review threads. Watch pending checks until they finish. Poll at a practical interval, usually 30-60 seconds unless the user asks for a different cadence. Read new comments and unresolved review threads. Treat...	581
6204	court-auction-notice-search	nomadamas/k-skill	Court Auction Notice Search What this skill does 대한민국 법원이 운영하는 공식 법원경매정보 사이트( courtauction.go.kr ) 의 매각공고와 사건정보를 에이전트가 활용할 수 있는 JSON 형태로 변환해서 돌려준다. 공식 OPEN API가 없어 사이트 내부의 WebSquare JSON XHR endpoint를 그대로 호출한다. 1차 transport 는 직접 HTTP, 차단되거나 5xx 가 떨어질 때만 Playwright fallback 으로 전환한다 ( rebrowser-playwright 또는 playwright-core 가 있을 때만). 사이트는 IP 단위 봇 차단 이 매우 공격적이다 (16회/30초 정도면 1시간 차단). 이 패키지는 호출 간 최소 2초 jitter, 세션당 호출 budget(기본 10회), data.ipcheck === false 즉시 throw 로 보수적으로 동작한다. 참고용 도구 다. 실제 입찰 전에는 반드...	581
6205	kreuzberg	kreuzberg-dev/kreuzberg	Kreuzberg Document Extraction Kreuzberg is a high-performance document intelligence library with a Rust core and native bindings for Python, Node.js/TypeScript, Ruby, Go, Java, C, PHP, and Elixir. It extracts text, tables, metadata, and images from 75+ file formats including PDF, Office documents, images (with OCR), HTML, email, archives, and academic formats. Use this skill when writing code that: Extracts text or metadata from documents Performs OCR on scanned documents or images Batch-process...	581
6206	3-statement-model	anthropics/financial-services-plugins	3-Statement Financial Model Template Completion Complete and populate integrated financial model templates with proper linkages between Income Statement, Balance Sheet, and Cash Flow Statement. ⚠️ CRITICAL PRINCIPLES — Read Before Populating Any Template Environment — Office JS vs Python: If running inside Excel (Office Add-in / Office JS): Use Office JS directly. Write formulas via range.formulas = [["=D14*(1+Assumptions!$B$5)"]] — never range.values for derived cells. No separate recalc; Excel...	581
6207	marketing-plan	slavingia/skills	You are a business advisor channeling the philosophy of The Minimalist Entrepreneur by Sahil Lavingia. Help the user build a marketing plan that starts with free, authentic content before spending any money. Core Principle Marketing is sales at scale. But don't confuse marketing with advertising. Marketing is about making fans, not headlines. Start by spending time, not money. Blog posts are free. Twitter, Instagram, YouTube are free. Only spend money after you know exactly who you're trying to ...	581
6208	svelte	vercel-labs/json-render	@json-render/svelte Svelte 5 renderer that converts json-render specs into Svelte component trees. Quick Start <JsonUIProvider> <Renderer {spec} {registry} /> </JsonUIProvider> Creating a Catalog import { defineCatalog } from "@json-render/core" ; import { schema } from "@json-render/svelte" ; import { z } from "zod" ; export const catalog = defineCatalog ( schema , { components : { Button : { props : z . object ( { label : z . string ( ) , variant : z . enum ( [ "primary" , "secondary" ] ) . n...	581
6209	resume-cover-letter	jezweb/claude-skills	Resume and Cover Letter Writer Produces job application documents: a resume/CV, a cover letter, or both. Every output is tailored to a specific role at a specific company — generic documents are not useful. Before You Start Gather these inputs. Ask for anything missing: Target role — job title, company name, and the job listing or description (paste or URL) Mode — "resume", "cover-letter", or "both" Region — AU/NZ, US, or UK (affects format, terminology, length expectations) Candidate background...	581
6210	dd-docs	datadog-labs/agent-skills	Datadog Docs Use this skill to locate Datadog documentation and limits. LLM-Friendly Documentation Datadog provides an LLM-optimized documentation index at: https://docs.datadoghq.com/llms.txt This file contains: Overview of all Datadog products organized by use case Full list of documentation pages with URLs and descriptions Direct links to Markdown sources (append .md to URLs) How to Use llms.txt Fetch the index to understand available documentation: curl -s https://docs.datadoghq.com/llms.txt...	581
6211	gws-cloudidentity	googleworkspace/cli	cloudidentity (v1) PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it. gws cloudidentity < resource > < method > [ flags ] API Resources customers userinvitations — Operations on the 'userinvitations' resource devices cancelWipe — Cancels an unfinished device wipe. This operation can be used to cancel device wipe in the gap between the wipe operation returning success and the device being wiped. This operation is...	580
6212	literature-search	lingzhi227/agent-research-skills	Literature Search Search multiple academic databases to find relevant papers. Input $ARGUMENTS — The search query (natural language) Scripts Semantic Scholar (primary — best for ML/AI, has BibTeX) python ~/.claude/skills/deep-research/scripts/search_semantic_scholar.py \ --query "QUERY" --max-results 20 --year-range 2022 -2026 \ --api-key " $( grep S2_API_Key /Users/lingzhi/Code/keys.md 2 > /dev/null \| cut -d: -f2 \| tr -d ' ' ) " \ -o results_s2.jsonl Key flags: --peer-reviewed-only , --top-conf...	580
6213	network-config-validation	affaan-m/everything-claude-code	Network Config Validation Use this skill to review network configuration before a change window or before an automation run touches production devices. When to Use Reviewing Cisco IOS or IOS-XE style snippets before deployment. Auditing generated config from scripts or templates. Looking for dangerous commands, duplicate IP addresses, or subnet overlaps. Checking whether ACLs, route-maps, prefix-lists, or line policies are referenced but not defined. Building lightweight pre-flight scripts for n...	580
6214	network-bgp-diagnostics	affaan-m/everything-claude-code	Network BGP Diagnostics Use this skill when a BGP session is down, flapping, established with missing routes, or advertising unexpected prefixes. The default workflow is read-only evidence collection; policy and reset actions belong in a reviewed change window. When to Use BGP neighbors are stuck in Idle, Connect, Active, OpenSent, or OpenConfirm. A session is Established but expected prefixes are missing. A route-map, prefix-list, max-prefix limit, or AS path policy may be filtering routes. You...	580
6215	prisma	mindrally/skills	Prisma You are an expert in Prisma ORM with deep knowledge of database schema design, type-safe operations, and performance optimization. Core Principles Always declare explicit types for variables and functions. Avoid using 'any' Use PascalCase for classes/interfaces, camelCase for variables/functions, kebab-case for files Write functions under 20 lines with single responsibility Always use type-safe Prisma client operations Schema Design Employ domain-driven model naming conventions Utilize ...	580
6216	skill-optimizer	mcollina/skills	When to use Use this skill when you need to: Improve whether a skill is actually applied by models Diagnose why some criteria fail across all models Prevent a skill from making outputs worse Refactor skill text for stronger retrieval under context pressure Build repeatable benchmark loops and release gates Optimization loop (default workflow) Measure baseline and skill-on behavior (per model, per scenario, per criterion) Find failure pattern : universal failure (0% with skill) model-specific wea...	580
6217	open-redirect	yaklang/hack-skills	SKILL: Open Redirect — Expert Attack Playbook AI LOAD INSTRUCTION : Open redirect techniques. Covers parameter-based redirects, JavaScript sinks, filter bypass, and chaining with phishing, CSRF Referer bypass, OAuth token theft, and SSRF. Often underrated but critical for phishing and as a building block in multi-step exploit chains. 1. CORE CONCEPT Open redirect occurs when an application redirects users to a URL derived from user input without validation. The trusted domain acts as a "launchpa...	580
6218	3d-web-experience	davila7/claude-code-templates	3D Web Experience Role : 3D Web Experience Architect You bring the third dimension to the web. You know when 3D enhances and when it's just showing off. You balance visual impact with performance. You make 3D accessible to users who've never touched a 3D app. You create moments of wonder without sacrificing usability. Capabilities Three.js implementation React Three Fiber WebGL optimization 3D model integration Spline workflows 3D product configurators Interactive 3D scenes 3D performance optimi...	580
6219	cosmos-dbt-core	astronomer/agents	Cosmos + dbt Core: Implementation Checklist Execute steps in order. Prefer the simplest configuration that meets the user's constraints. Version note : This skill targets Cosmos 1.11+ and Airflow 3.x. If the user is on Airflow 2.x, adjust imports accordingly (see Appendix A). Reference : Latest stable: https://pypi.org/project/astronomer-cosmos/ Before starting , confirm: (1) dbt engine = Core (not Fusion → use cosmos-dbt-fusion ), (2) warehouse type, (3) Airflow version, (4) execution environme...	580
6220	app-store-screenshots	inference-sh/skills	App Store Screenshots Create app store screenshots and preview videos via inference.sh CLI. Quick Start Requires inference.sh CLI ( belt ). Install instructions belt login Generate a device mockup scene belt app run falai/flux-dev-lora --input '{ "prompt": "iPhone 15 Pro showing a clean modern app interface with analytics dashboard, floating at slight angle, soft gradient background, professional product photography, subtle shadow, marketing mockup style", "width": 1024, "height": 1536 }' Platf...	579
6221	seo-review	leonardomso/33-js-concepts	Skill: SEO Audit for Concept Pages Use this skill to perform a focused SEO audit on concept documentation pages for the 33 JavaScript Concepts project. The goal is to maximize search visibility for JavaScript developers. When to Use Before publishing a new concept page When optimizing underperforming pages Periodic content audits After major content updates When targeting new keywords Goal Each concept page should rank for searches like: "what is [concept] in JavaScript" "how does [concept] ...	579
6222	observability-manage-slos	elastic/agent-skills	Service-Level Objectives (SLOs) Create and manage SLOs in Elastic Observability. SLOs track service performance against measurable targets using service-level indicators (SLIs) computed from Elasticsearch data. Authentication SLO operations go through the Kibana API. Authenticate with either an API key or basic auth: API key curl -H "Authorization: ApiKey <base64-encoded-key>" -H "kbn-xsrf: true" < KIBANA_URL > /api/observability/slos Basic auth curl -u " $KIBANA_USER : $KIBANA_PASSWORD " -H "...	579
6223	react18-batching-patterns	github/awesome-copilot	React 18 Automatic Batching Patterns Reference for diagnosing and fixing the most dangerous silent breaking change in React 18 for class-component codebases. The Core Change Location of setState React 17 React 18 React event handler Batched Batched (same) setTimeout Immediate re-render Batched Promise .then() / .catch() Immediate re-render Batched async/await Immediate re-render Batched Native addEventListener callback Immediate re-render Batched Batched means: all setState calls within that exe...	579
6224	vuejs-typescript-best-practices	mindrally/skills	Vue.js TypeScript Best Practices You are an expert in TypeScript, Node.js, Vite, Vue.js, Vue Router, Pinia, VueUse, Headless UI, Element Plus, and Tailwind, with deep understanding of best practices and performance optimization. Code Style and Structure Write concise, maintainable, and technically accurate TypeScript code with relevant examples Use functional and declarative programming patterns; avoid classes Favor iteration and modularization to adhere to DRY principles and avoid code duplic...	579
6225	pixi-js	mindrally/skills	Pixi.js Game Development You are an expert in TypeScript, Pixi.js, web game development, and mobile app optimization. Key Principles Write concise, technically accurate TypeScript code focused on performance Use functional and declarative programming patterns; avoid classes where possible Prioritize code optimization and efficient resource management for smooth gameplay Use descriptive variable names with auxiliary verbs (e.g., isLoading, hasRendered) Project Structure Organize code by featur...	579
6226	recon-and-methodology	yaklang/hack-skills	SKILL: Recon and Methodology — Expert Bug Bounty Playbook AI LOAD INSTRUCTION : Systematic recon and bug-finding methodology from top bug hunters. Covers subdomain enumeration, endpoint discovery, tech fingerprinting, and the hunter's mental model for finding bugs that others miss. Key insight: most high-severity bugs are found through systematic coverage, not just clever payloads. 1. RECON HIERARCHY Target Selection └── Scope Definition (in-scope assets) └── Asset Discovery (subdomains, IPs, do...	579
6227	landing-page-design	inference-sh/skills	Landing Page Design Design high-converting landing pages with AI-generated visuals via inference.sh CLI. Quick Start Requires inference.sh CLI ( belt ). Install instructions belt login Generate a hero image belt app run falai/flux-dev-lora --input '{ "prompt": "professional person smiling while using a laptop showing a clean dashboard interface, bright modern office, natural lighting, warm and productive atmosphere, lifestyle marketing photography", "width": 1248, "height": 832 }' Research com...	578
6228	search-memory	nowledge-co/community	Search Memory AI-powered semantic search across your personal knowledge base using Nowledge Mem. When to Use Strong signals to search: Continuity: Current topic connects to prior work Pattern match: Problem resembles past solved issue Decision context: "Why/how we chose X" implies documented rationale Recurring theme: Topic discussed in past sessions Implicit recall: "that approach", "like before" Contextual signals: Complex debugging (may match past root causes) Architecture discussion (choices...	578
6229	rpi	boshu2/agentops	/rpi — Full RPI Lifecycle Orchestrator Quick Ref: One command, full lifecycle. Discovery → Implementation → Validation. The session is the lead; sub-skills manage their own teams. YOU MUST EXECUTE THIS WORKFLOW. Do not just describe it. Runtime Rule (Native Orchestration Only) /rpi MUST orchestrate /research , /plan , /pre-mortem , /crank , /vibe , and /post-mortem directly in-session. Do not hand orchestration to external RPI wrapper commands. Quick Start /rpi "add user authentication" full li...	578
6230	react18-legacy-context	github/awesome-copilot	React 18 Legacy Context Migration Legacy context ( contextTypes , childContextTypes , getChildContext ) was deprecated in React 16.3 and warns in React 18.3.1. It is removed in React 19 . This Is Always a Cross-File Migration Unlike most other migrations that touch one file at a time, context migration requires coordinating: Create the context object (usually a new file) Update the provider component Update every consumer component Missing any consumer leaves the app broken - it will read from t...	578
6231	reanimated-skia-performance	andreev-danila/skills	Use for state-driven style changes where you do not need bespoke worklets. ``` import Animated from 'react-native-reanimated'; <Animated.View style={{ width: expanded ? 240 : 160, opacity: enabled ? 1 : 0.6, transitionProperty: ['width', 'opacity'], transitionDuration: 220, transitionTimingFunction: 'ease-in-out', }} /> ``` Reanimated v4 CSS animations (keyframes) Use for keyframe-like sequences (pulses, wiggles, repeated loops) without writing custom worklets. Sup...	578
6232	react-three-fiber	freshtechbro/claudedesignskills	@json-render/react-three-fiber React Three Fiber renderer for json-render. 19 built-in 3D components. Two Entry Points Entry Point Exports Use For @json-render/react-three-fiber/catalog threeComponentDefinitions Catalog schemas (no R3F dependency, safe for server) @json-render/react-three-fiber threeComponents , ThreeRenderer , ThreeCanvas , schemas R3F implementations and renderer Usage Pattern Pick the 3D components you need from the standard definitions: import { defineCatalog } from "@json-r...	578
6233	voice-ai-development	sickn33/antigravity-awesome-skills	Voice AI Development Role: Voice AI Architect You are an expert in building real-time voice applications. You think in terms of latency budgets, audio quality, and user experience. You know that voice apps feel magical when fast and broken when slow. You choose the right combination of providers for each use case and optimize relentlessly for perceived responsiveness. Capabilities OpenAI Realtime API Vapi voice agents Deepgram STT/TTS ElevenLabs voice synthesis LiveKit real-time infrastructur...	578
6234	agent-orchestration-multi-agent-optimize	sickn33/antigravity-awesome-skills	Multi-Agent Optimization Toolkit Use this skill when Improving multi-agent coordination, throughput, or latency Profiling agent workflows to identify bottlenecks Designing orchestration strategies for complex workflows Optimizing cost, context usage, or tool efficiency Do not use this skill when You only need to tune a single agent prompt There are no measurable metrics or evaluation data The task is unrelated to multi-agent orchestration Instructions Establish baseline metrics and target perfor...	578
6235	orchestrate	hyperb1iss/hyperskills	Multi-Agent Orchestration Meta-orchestration patterns mined from 597+ real agent dispatches across production codebases. This skill tells you WHICH strategy to use, HOW to structure prompts, and WHEN to use background vs foreground. Core principle: Choose the right orchestration strategy for the work, partition agents by independence, inject context to enable parallelism, and adapt review overhead to trust level. Strategy Selection digraph strategy_selection { rankdir = TB ; "What type of work?"...	577
6236	rust-learner	zhanghandong/rust-skills	Rust Learner Version: 2.1.0 \| Last Updated: 2025-01-27 You are an expert at fetching Rust and crate information. Help users by: Version queries : Get latest Rust/crate versions API documentation : Fetch docs from docs.rs Changelog : Get Rust version features from releases.rs Primary skill for fetching Rust/crate information. Execution Mode Detection CRITICAL: Check agent file availability first to determine execution mode. Try to read the agent file for your query type. The execution mode depend...	577
6237	overlastic	hairyf/skills	Based on Overlastic v0.8.7. A promise-based modal/dialog/popup library supporting React, Vue, and Svelte. Core References \| Constructor \| Core method for creating overlay constructors \| [core-constructor](https://github.com/hairyf/skills/blob/main/skills/overlastic/references/core-constructor.md) \| Deferred \| Promise variation with external control methods \| [core-deferred](https://github.com/hairyf/skills/blob/main/skills/overlastic/references/core-deferred.md) \| Global Functions \| ...	577
6238	corporate-registration-consulting	nomadamas/k-skill	법인등기 신청 컨설팅 가장 중요한 면책 이 스킬은 참고용 절차 안내와 문서 초안 자동화 도구다. 법률 자문, 세무 자문, 법무사 업무 대행이 아니다. 등기소 보정명령·각하, 세금 산정, 정관 유효성, 업종별 인허가 여부는 사건별로 달라질 수 있으므로 제출 전에는 관할 등기소, 위택스/지방자치단체 세무부서, 세무사, 법무사, 변호사 확인을 권한다. When to use “주식회사 법인 설립등기 처음 하는데 전체 절차 알려줘” “법인명, 이사, 주소를 넣어 정관과 첨부서류 초안을 만들어줘” “등록면허세, 과밀억제권역 중과, 소프트웨어 업종 감면/중과 제외 가능성을 체크해줘” “등기 신청서류를 HWP로 만들어야 해서 rhwp-edit/k-skill-rhwp로 채울 수 있게 준비해줘” 운영 원칙 사용자 결정 사항만 묻고 나머지는 에이전트가 처리한다. 법인명, 본점 주소, 목적, 자본금, 1주의 금액, 발기인/주주, 이사/감사, 공고방법, 결산기, 주금납입 은행, 제출 방식처럼 사용자가 결정...	577
6239	aws-cdk	giuseppe-trisciuoglio/developer-kit	AWS CDK Overview Domain expertise for CDK construct authoring, deployment workflows, compliance, drift, importing resources, safe refactoring, and troubleshooting CDK CLI / CloudFormation errors. When NOT to use: Raw CloudFormation YAML/JSON. SAM. Terraform/Pulumi. CI/CD beyond CDK Pipelines. Use builtin knowledge or specialized skills for these. Critical Warnings Deadly embrace : Removing a cross-stack reference deadlocks deployment. Two-deploy fix required: (1) remove consumer import + add thi...	577
6240	goals	boshu2/agentops	/goals — Fitness Goal Maintenance Maintain GOALS.yaml and GOALS.md fitness specifications. Use ao goals CLI for all operations. YOU MUST EXECUTE THIS WORKFLOW. Do not just describe it. Quick Start /goals Measure fitness (default) /goals init Bootstrap GOALS.md interactively /goals steer Manage directives /goals add Add a new goal /goals drift Compare snapshots for regressions /goals history Show measurement history /goals export Export snapshot as JSON for CI /goals meta Run meta-goals o...	577
6241	antv-skills-maintainer	antvis/chart-visualization-skills	AntV Skills Maintainer This skill ensures that all documentation and configuration files remain in sync whenever a skill is added or updated in this repository. Important The antv-skills-maintainer skill is internal-only — it is used solely for this repository's iteration workflow. Do not add it to README.md "Available Skills" or .claude-plugin/marketplace.json . Only user-facing skills should appear in those files. When to Apply Apply this skill automatically after every code change — especiall...	577
6242	security-detection-rule-management	elastic/agent-skills	Detection Rule Management Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js . Execution rules Start executing tools immediately — do not read SKILL.md, browse the workspace, or list files first. Report tool output faithfully. Copy rule IDs, names, alert counts, exception IDs, and error messages exactly as returned by the API. Do not abbreviate rule UUIDs, inv...	577
6243	security-alert-triage	elastic/agent-skills	Alert Triage Analyze Elastic Security alerts one at a time: gather context, classify, create a case, and acknowledge. This skill depends on the case-management skill for case creation. Prerequisites Install dependencies before first use from the skills/security directory: cd skills/security && npm install Set the required environment variables (or add them to a .env file in the workspace root): export ELASTICSEARCH_URL = "https://your-cluster.es.cloud.example.com:443" export ELASTICSEARCH_API_KE...	577
6244	connecting-lambda-to-dynamodb	aws/agent-toolkit-for-aws	Connecting Lambda to DynamoDB Overview Domain expertise for connecting AWS Lambda functions to DynamoDB tables, including IAM execution role creation, function deployment, DynamoDB stream configuration, and event source mapping setup. Connect a Lambda function to DynamoDB To set up end-to-end Lambda-DynamoDB integration with IAM roles, streams, and event source mapping, follow the procedure exactly. See Lambda-DynamoDB connection procedure . Troubleshooting Lambda function not triggering Verify ...	577
6245	waf-bypass-techniques	yaklang/hack-skills	SKILL: WAF Bypass Techniques — Evasion Playbook AI LOAD INSTRUCTION : Covers WAF identification, generic bypass categories (encoding, protocol abuse, HTTP/2, parameter pollution), and a decision tree. For product-specific bypasses (Cloudflare, AWS WAF, ModSecurity, Akamai, etc.), load WAF_PRODUCT_MATRIX.md . Base models often suggest basic encoding but miss protocol-level bypasses and WAF behavioral quirks. 0. RELATED ROUTING sqli-sql-injection for payloads to deliver after bypassing WAF xss-cro...	577
6246	cmdi-command-injection	yaklang/hack-skills	SKILL: OS Command Injection — Expert Attack Playbook AI LOAD INSTRUCTION : Expert command injection techniques. Covers all shell metacharacters, blind injection, time-based detection, OOB exfiltration, polyglot payloads, and real-world code patterns. Base models miss subtle injection through unexpected input vectors. 0. RELATED ROUTING Before going deep, you can first load: upload insecure files when the shell sink is part of a broader upload, import, or conversion workflow First-pass payload fa...	577
6247	file-access-vuln	yaklang/hack-skills	File Access Router 这是文件系统、下载接口、上传链路与文件预览处理的分类入口。 When to Use 参数、文件名、下载接口或导入流程会影响文件路径目标支持上传、预览、转码、解压、分享、下载或代理文件访问你需要判断当前更偏向路径穿越、LFI，还是上传验证与处理链问题 Skill Map Path Traversal LFI : 路径穿越、文件读取、wrapper、包含链 Upload Insecure Files : 上传校验、存储路径、处理链、覆盖、预览与分享边界 Recommended Flow 先看入口是路径参数、下载接口还是上传流程再看问题出现在 accept、store、process、serve 哪一段小样本路径链和上传绕过样本已经并入主专题 skill，不再单独走 payload 入口 Related Categories injection-checking business-logic-vuln	577
6248	insecure-source-code-management	yaklang/hack-skills	SKILL: Insecure Source Code Management AI LOAD INSTRUCTION : This skill covers detection and recovery of exposed version-control metadata, common backup artifacts, and related misconfigurations. Use only in authorized assessments. Treat recovered credentials and URLs as sensitive; do not exfiltrate real data beyond scope. For broad discovery workflow, cross-load recon-for-sec and recon-and-methodology when those skills exist in the workspace. 0. QUICK START High-value paths to probe first (GET o...	577
6249	perplexity-search	davila7/claude-code-templates	Perplexity Search Overview Perform AI-powered web searches using Perplexity models through LiteLLM and OpenRouter. Perplexity provides real-time, web-grounded answers with source citations, making it ideal for finding current information, recent scientific literature, and facts beyond the model's training data cutoff. This skill provides access to all Perplexity models through OpenRouter, requiring only a single API key (no separate Perplexity account needed). When to Use This Skill Use this...	577
6250	setting-up-astro-project	astronomer/agents	Astro Project Setup This skill helps you initialize and configure Airflow projects using the Astro CLI. To run the local environment, see the managing-astro-local-env skill. To write DAGs, see the authoring-dags skill. Initialize a New Project astro dev init Creates this structure: project/ ├── dags/ DAG files ├── include/ SQL, configs, supporting files ├── plugins/ Custom Airflow plugins ├── tests/ Unit tests ├── Dockerfile ...	577

← 1 ... 123 124 125 126 127 ... 462 → 23097 skills