API Dev
API design, REST, GraphQL
api-spectral
by AgentSecOps
API specification linting and security validation using Stoplight's Spectral with support for OpenAPI, AsyncAPI, and Arazzo specifications. Validates API definitions against security best practices, OWASP API Security Top 10, and custom organizational standards. Use when: (1) Validating OpenAPI/AsyncAPI specifications for security issues and design flaws, (2) Enforcing API design standards and governance policies across API portfolios, (3) Creating custom security rules for API specifications in CI/CD pipelines, (4) Detecting authentication, authorization, and data exposure issues in API definitions, (5) Ensuring API specifications comply with organizational security standards and regulatory requirements.
api-mitmproxy
by AgentSecOps
Interactive HTTPS proxy for API security testing with traffic interception, modification, and replay capabilities. Supports HTTP/1, HTTP/2, HTTP/3, WebSockets, and TLS-protected protocols. Includes Python scripting API for automation and multiple interfaces (console, web, CLI). Use when: (1) Intercepting and analyzing API traffic for security testing, (2) Modifying HTTP/HTTPS requests and responses to test API behavior, (3) Recording and replaying API traffic for testing, (4) Debugging mobile app or thick client API communications, (5) Automating API security tests with Python scripts, (6) Exporting traffic in HAR format for analysis.
performance-optimization
by sanky369
Master perceived performance through optimistic UI, skeleton screens, and latency strategies. Learn the difference between actual and perceived latency. Use when optimizing load times, designing loading states, or improving user confidence during operations.
git-workflow
by cosmix
Manages Git operations including branching strategies, commit conventions, merge workflows, conflict resolution, and worktree management. Trigger keywords: git, branch, commit, merge, rebase, pull request, PR, cherry-pick, stash, reset, revert, checkout, switch, worktree, conflict, GitFlow, trunk-based, feature branch, release branch, version control, squash, amend, history, tag, remote, push, pull, fetch, clone.
rate-limiting
by cosmix
API rate limiting and quota management implementation. Use when implementing request throttling, API quotas, backpressure handling, or protection against abuse. Keywords: rate limiting, rate limit, throttle, throttling, token bucket, leaky bucket, sliding window, fixed window, quota, 429, too many requests, DDoS, abuse prevention, API quota, burst, Redis rate limiting, distributed rate limiting, API gateway, per-user limits, per-IP limits, concurrent requests, request limiting.
istio
by cosmix
Service mesh implementation with Istio for microservices traffic management, security, and observability. Use when implementing service mesh, mTLS, traffic routing, load balancing, circuit breakers, retries, timeouts, canary deployments, A/B testing, or service-to-service communication. Triggers: istio, service mesh, envoy, sidecar, virtualservice, destinationrule, gateway, mtls, peerauthentication, authorizationpolicy, serviceentry, traffic management, traffic splitting, canary, blue-green, circuit breaker, retry, timeout, load balancing, ingress, egress, observability, tracing, telemetry.
prometheus
by cosmix
Prometheus monitoring and alerting for cloud-native observability. USE WHEN: Writing PromQL queries, configuring Prometheus scrape targets, creating alerting rules, setting up recording rules, instrumenting applications with Prometheus metrics, configuring service discovery. DO NOT USE: For building dashboards (use /grafana), for log analysis (use /logging-observability), for general observability architecture (use senior-software-engineer with infrastructure focus). TRIGGERS: metrics, prometheus, promql, counter, gauge, histogram, summary, alert, alertmanager, alerting rule, recording rule, scrape, target, label, service discovery, relabeling, exporter, instrumentation, slo, error budget.
before-after
by cosmix
Generates before/after verification pairs for loom plans. Proves a stage actually changed system behavior by capturing state before and after implementation. Use for delta-proof verification — proving new commands, endpoints, modules, or bug fixes work by comparing system state.
SSQuant (松鼠Quant) 框架使用指南
by songshuquant
examples/A_穿透式测试脚本.py CTP 穿透式测试
argocd-cli
by julianobarbosa
Complete ArgoCD CLI and REST API skill for GitOps automation. Use when working with ArgoCD for: (1) Managing Applications - create, sync, delete, rollback, get status, wait for health, view logs, (2) ApplicationSets - templated multi-cluster deployments with generators, (3) Projects - RBAC, source/destination restrictions, sync windows, roles, (4) Repositories - add/remove Git repos, Helm charts, OCI registries, credential templates, (5) Clusters - register, rotate credentials, manage multi-cluster, (6) Accounts - generate tokens, manage users, check permissions, (7) Admin operations - export/import, settings validation, RBAC testing, notifications, (8) Troubleshooting - sync issues, health problems, connection errors. Supports both REST API (curl/HTTP) and CLI approaches with bearer token authentication.
api-data-fetcher
by meleantonio
Fetch economic data from FRED, World Bank, and other APIs
payuni-query
by paid-tw
Implements PAYUNi transaction query functionality using Query API. Use when building order status checking, transaction verification, or payment confirmation features for 統一金流.
newebpay
by paid-tw
Provides NewebPay integration overview and guides users to the appropriate skill. Use when starting NewebPay integration, setting up environment, or needing general guidance about 藍新金流.
payuni
by paid-tw
Provides PAYUNi integration overview and guides users to the appropriate skill. Use when starting PAYUNi integration, setting up environment, or needing general guidance about 統一金流.
newebpay-query
by paid-tw
Implements NewebPay transaction query functionality using QueryTradeInfo API. Use when building order status checking, transaction verification, or payment confirmation features for 藍新金流.
unreal
by Randroids-Dojo
Develop, test, and automate Unreal Engine 5.x projects (WIP). Covers PlayUnreal automation, Remote Control API, Automation Driver, and CI-friendly E2E flows.
slipbox
by Randroids-Dojo
"Interact with the SlipBox semantic knowledge engine and read notes from PrivateBox. Use when capturing ideas, searching notes, browsing your knowledge graph, or running semantic analysis passes (link, cluster, tension)."
fetch-skill
by aresbit
FxTwitter API (api.fxtwitter.com) — 零依赖公开推文数据源
opentui
by msmps
Comprehensive OpenTUI skill for building terminal user interfaces. Covers the core imperative API, React reconciler, and Solid reconciler. Use for any TUI development task including components, layout, keyboard handling, animations, and testing.
swap-integration
by Uniswap
Integrate Uniswap swaps into applications. Use when user says "integrate swaps", "uniswap", "trading api", "add swap functionality", "build a swap frontend", "create a swap script", "smart contract swap integration", "use Universal Router", "Trading API", or mentions swapping tokens via Uniswap.
viem-integration
by Uniswap
Integrate EVM blockchains using viem. Use when user says "read blockchain data", "send transaction", "interact with smart contract", "connect to Ethereum", "use viem", "use wagmi", "wallet integration", "viem setup", or mentions blockchain/EVM development with TypeScript.
api-filtering-sorting
by secondsky
Builds flexible API filtering and sorting systems with query parameter parsing, validation, and security. Use when implementing search endpoints, building data grids, or creating dynamic query APIs.
api-authentication
by secondsky
Secure API authentication with JWT, OAuth 2.0, API keys. Use for authentication systems, third-party integrations, service-to-service communication, or encountering token management, security headers, auth flow errors.
api-testing
by secondsky
HTTP API testing for TypeScript (Supertest) and Python (httpx, pytest). Test REST APIs, GraphQL, request/response validation, authentication, and error handling.