io.github.PurpleAILAB/Decepticon/grpc

gRPC API exploitation — reflection-based discovery via grpcurl, protobuf fuzzing, missing authz on streaming RPCs, gRPC-Web → backend SSRF, mTLS bypass, metadata header injection, h2c smuggling against gRPC fronts.

io.github.PurpleAILAB/Decepticon/soap-wsdl

SOAP / WSDL exploitation — WSDL enumeration via ?wsdl, XXE in SOAP envelope, WS-Addressing replay, WS-Security UsernameToken brute, SAML token injection in WS-Trust, schema validation bypass.

io.github.platonai/Browser4/mcp-builder

Guide for creating advanced-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).

io.github.platonai/Browser4/pdf

Extracts text and tables from PDF files, fills PDF forms, and creates/merges/splits PDF documents. Use when users mention PDFs, forms, document extraction, or PDF generation.

io.github.vercel-labs/agent-skills/writing-guidelines

Review docs/prose for Writing Guidelines compliance. Use when asked to "review my docs", "check writing style", "audit prose", "review docs voice and tone", or "check this page against the writing handbook".

io.github.EpicenterHQ/epicenter/testing

Test file conventions: setup functions, factories, organization, type testing, naming, and pruning low-value tests. Use when: "write tests", "add a test", "fix this test", "delete tests", "prune tests", "audit tests", or modifying *.test.ts files.

io.github.Leonxlnx/taste-skill/taste-skill-v1

The original v1 taste-skill, preserved for projects depending on its exact behavior. The current default is `design-taste-frontend` (v2 experimental), which is a substantial rewrite. Use this v1 install name only if you need exact backward compatibility.

io.github.NousResearch/hermes-agent/code-wiki

Generate wiki docs + Mermaid diagrams for any codebase.

io.github.affaan-m/ECC/nextjs-turbopack

Next.js 16+ and Turbopack — incremental bundling, FS caching, dev speed, and when to use Turbopack vs webpack.

io.github.affaan-m/ECC/prediction-market-risk-review

Review prediction-market, basket, oracle, and trading-agent workflows for compliance, safety, data-quality, privacy, and execution risk. Use before any workflow handles venue auth, user portfolio data, API keys, or trade planning.

io.github.udecode/plate/review-sweep

Mine review comments for broader diff-wide fixes instead of handling each line in isolation

io.github.nginx/kubernetes-ingress/nic-docker-images

Docker image build system, Dockerfile structure, image variants, build scripts, and Makefile targets for NIC. Use when building container images, modifying the Dockerfile, adding new image variants, debugging image builds, or working with build scripts.

io.github.QuilibriumNetwork/quorum-desktop/css-convert

Use when the user asks to convert a CSS or SCSS file to use the project's `_variables.scss` tokens, replace `@apply` with raw CSS, or align a stylesheet with the styling guidelines. Triggers on "convert this CSS", "use variables in this stylesheet", "remove @apply", "align with styling guidelines".

io.github.electric-sql/electric/electric-deployment

Deploy Electric via Docker, Docker Compose, or Electric Cloud. Covers DATABASE_URL (direct connection, not pooler), ELECTRIC_SECRET (required since v1.x), ELECTRIC_INSECURE for dev, wal_level=logical, max_replication_slots, ELECTRIC_STORAGE_DIR persistence, ELECTRIC_POOLED_DATABASE_URL for pooled queries, IPv6 with ELECTRIC_DATABASE_USE_IPV6, Kubernetes readiness probes (200 vs 202), replication slot cleanup, and Postgres v14+ requirements. Load when deploying Electric or configuring Postgres for logical replication.

io.github.chaxus/ran/refactoring-ui-design

Use when designing, reviewing, or improving web UI visual quality, especially when a developer-built interface feels cluttered, flat, generic, poorly spaced, weakly hierarchical, or hard to scan.

io.github.hashintel/hash/testing-hashql

HashQL testing strategies including compiletest (UI tests), unit tests, and snapshot tests. Use when writing tests for HashQL code, using //~ annotations, running --bless, debugging test failures, or choosing the right testing approach.

io.github.steipete/CodexBar/release-codexbar

CodexBar release: versioning, notarization, appcast, Homebrew, post-release bump.

io.github.mem0ai/mem0/memory-reviewer

Reviews stored memory quality by detecting duplicates, contradictions, and stale entries with actionable recommendations. Use when search results seem conflicting, before running dream consolidation, or for periodic memory hygiene audits.

io.github.handsontable/handsontable/refactoring

Use when refactoring Handsontable code - applying SOLID principles, Law of Demeter, plugin extraction, performance optimization, code modernization, and API redesign with backward compatibility preservation

io.github.zts212653/clowder-ai/writing-plans

将 spec/需求拆分为可执行的分步实施计划。 Use when: 有 spec 或需求，准备动手前需要拆分步骤。 Not for: trivial 改动（≤5 行）、已有详细计划。 Output: 分步实施计划（含 TDD 步骤和检查点）。

io.github.AgentEra/Agently/security-audit-reporter

Triage raw security-scan findings (hardcoded secrets, injection patterns, vulnerable dependencies) into a prioritized, actionable security audit report. Use for security audit, code audit, vulnerability triage, and risk review.

io.github.google-labs-code/stitch-skills/react-components

Converts Stitch designs into modular Vite and React components using system-level networking and AST-based validation.

io.github.LeoYeAI/openclaw-master-skills/secops-by-joes

SecOps checks for endpoints: EDR, Sysmon, updates, EVTX on heartbeat, least privilege, network visibility, credential protection (Kerberos/NTLM/pass-the-hash), device inventory and known vulnerabilities, weekly assessment, and skill integrity (hash-on-wake, version-aware). Use when implementing or reviewing host posture, heartbeat logic, EDR/Sysmon/EVTX, privilege, network exposure, credential hardening, vuln assessment, weekly SecOps review, or skill compromise checks.

io.github.github/awesome-copilot/github-actions-efficiency

Audit GitHub Actions workflow efficiency and recommend fixes to reduce CI minutes and costs.