SKILL.md files package domain expertise into something any AI agent can use. Drop one into your project and your agent learns how to process PDFs, design interfaces, write tests, or whatever the skill teaches.
83 skills
All servers: 100 vendors, US region, individual plans, stateless, no auth, 100 req/min. Start local dev server: In a separate terminal: Use workflow endpoints when you want one request to return: - decision classification (yes | no | tie) from /api/decide - policy result from the relevant notary endpoint - recommended Zendesk action + tags + private note with requestid - POST https://refund.decide
Stop pasting API keys into AI chat. When you paste sk-proj-xxx into Claude Code, that secret is now in your conversation history, Anthropic's logs, and potentially exposed to prompt injection attacks. secretctl fixes this. Your AI gets command results, never secret values. Every day, developers paste secrets into AI coding assistants: This is a security incident waiting to happen. - Secrets in con
Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.
Expert malware analyst specializing in defensive malware research,
Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.
Node.js development principles and decision-making. Framework selection, async patterns, security, and architecture. Teaches thinking, not copying.
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
Create a new App Store Connect app record via browser automation. Use when there is no public API for app creation and you need an agent to drive the New App form.
Expert patterns for HubSpot CRM integration including OAuth authentication, CRM objects, associations, batch operations, webhooks, and custom objects. Covers Node.js and Python SDKs. Use when: hubspot, hubspot api, hubspot crm, hubspot integration, contacts api.
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
Expert in secure frontend coding practices specializing in XSS
Master network protocol reverse engineering including packet analysis, protocol dissection, and custom protocol documentation. Use when analyzing network traffic, understanding proprietary protocols, or debugging network communication.
Expert network engineer specializing in modern cloud networking,
For the best experience, use Pipedream's hosted MCP server which provides: - 2,800+ APIs and 10,000+ tools through a single server - Built-in authentication: no manual token management required - Multiple tool modes: sub-agent and full configuration - Automatic app discovery - Enterprise-grade reliability and security 🚀 Get started: Pipedream MCP Documentation This reference implementation shows
Expert in secure backend coding practices specializing in input
Build Slack apps using the Bolt framework across Python, JavaScript, and Java. Covers Block Kit for rich UIs, interactive components, slash commands, event handling, OAuth installation flows, and Workflow Builder integration. Focus on best practices for production-ready Slack apps. Use when: slack bot, slack app, bolt framework, block kit, slash command.
Production-ready Rust SDK for the Model Context Protocol (MCP) with zero-boilerplate development and progressive enhancement. Build MCP servers in seconds with automatic schema generation, type-safe handlers, and multiple transport protocols. - Rust 1.89.0+ (Edition 2024) - Check with rustc --version - Tokio async runtime Add to your Cargo.toml: Or with cargo: TurboMCP uses feature flags for progr
Understand anti-reversing, obfuscation, and protection techniques encountered during software analysis. Use when analyzing protected binaries, bypassing anti-debugging for authorized analysis, or understanding software protection mechanisms.
Expert integration of Supabase Auth with Next.js App Router Use when: supabase auth next, authentication next.js, login supabase, auth middleware, protected route.
Implement PCI DSS compliance requirements for secure handling of payment card data and payment systems. Use when securing payment processing, achieving PCI compliance, or implementing payment card security measures.
Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.
Build communication features with Twilio: SMS messaging, voice calls, WhatsApp Business API, and user verification (2FA). Covers the full spectrum from simple notifications to complex IVR systems and multi-channel authentication. Critical focus on compliance, rate limits, and error handling. Use when: twilio, send SMS, text message, voice call, phone verification.
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
A personal MCP (Model Context Protocol) server for securely storing and accessing API keys across projects using the macOS Keychain. ServeMyAPI allows you to store API keys securely in the macOS Keychain and access them through a consistent MCP interface. This makes it easy to: - Store API keys securely (they're never visible in .env files or config files) - Access the same keys across multiple pr