Auth
Authentication and authorization
pr-creation
by troykelly
Use after completing implementation - create pull request with complete documentation, proper labels, linked issues, and verification summary
inline-documentation
by troykelly
Use when writing code - ensure complete JSDoc, docstrings, and inline comments assuming documentation will be generated from code
memory-integration
by troykelly
Use to maintain context across sessions - integrates episodic-memory for conversation recall and mcp__memory knowledge graph for persistent facts
autonomous-operation
by troykelly
Use when starting any work session - establishes autonomous operation mode, overriding token limits and time pressure to work until goal is achieved
initiative-architecture
by troykelly
Use for MASSIVE work requests requiring multi-epic planning. Creates research spikes, documents all unknowns and decisions, builds resumable architecture documents, and structures work into epics and milestones.
clean-commits
by troykelly
Use when committing code - ensures atomic, descriptive commits that leave the codebase in a merge-ready state at every point
issue-decomposition
by troykelly
Use when an issue is too large for a single task - breaks into linked sub-issues with full documentation, ensuring manageable work units
review-scope
by troykelly
Use before code review - determine if change is minor (review new code only) or major (review impacted code too)
security-review
by troykelly
MANDATORY for security-sensitive code changes - OWASP-based security review with dedicated checklist, required before PR for auth, input handling, API, database, or credential code
hostel-os-pms
by founderjourney
Expert knowledge for HostelOS/Almanik PMS - a hostel property management system built with Node.js, Express, SQLite, and vanilla JavaScript. Use when working on: (1) Backend API development with Express.js and SQLite, (2) Database schema design and migrations, (3) RBAC authentication with session-based auth and CASL, (4) Booking state machine and business logic, (5) Financial metrics calculations (ADR, RevPAB, Occupancy, LOS), (6) Frontend SPA with vanilla JS, (7) QA testing and debugging PMS features, (8) iCal sync with OTAs (Booking.com, Airbnb), (9) Checkout/check-in workflows, (10) Tour commissions and guest management. Triggers: "HostelOS", "Almanik", "PMS", "hostel management", "reservaciones", "checkout", "check-in", "camas", "huespedes", "ADR", "ocupacion", "metricas hoteleras", "tour commissions", "cashbox", "front desk".
middleware-protection
by vanman2024
Route protection and authorization patterns for Clerk middleware. Use when implementing route guards, protecting API routes, configuring middleware matchers, setting up role-based access control, creating auth boundaries, or when user mentions middleware, route protection, auth guards, protected routes, public routes, matcher patterns, or authorization middleware.
oauth-providers
by vanman2024
Configure OAuth authentication providers for Clerk (Google, GitHub, Discord, Apple, Microsoft, Facebook, LinkedIn, Twitter, and 11+ more). Use when setting up social login, configuring OAuth providers, implementing authentication flows, generating redirect URLs, testing OAuth connections, or when user mentions Clerk OAuth, social authentication, provider setup, or multi-provider auth.
writing-plans
by aiaiohhh
Use when you have a spec or requirements for a multi-step task, before touching code
superpowers
by founderjourney
Structured software development framework for coding agents. Composable skills enforcing planning, testing, and systematic execution. Prevents code-first chaos.
a2a-sdk-patterns
by vanman2024
SDK installation and setup patterns for Agent-to-Agent Protocol across Python, TypeScript, Java, C#, and Go. Use when implementing A2A protocol, setting up SDKs, configuring authentication, or when user mentions SDK installation, language-specific setup, or A2A integration.
auth-components
by vanman2024
Pre-built and custom Clerk authentication component templates with theming and customization patterns. Use when building authentication UI, creating sign-in/sign-up pages, customizing Clerk components, implementing user buttons, theming auth flows, or when user mentions Clerk components, SignIn, SignUp, UserButton, auth UI, appearance customization, or authentication theming.
saas-session-recon
by inkeep
"Validate whether a SaaS platform's APIs can be accessed using browser session cookies — testing feasibility of a Chrome extension session proxy. Connects to user's authenticated Chrome, enumerates cookies, captures network traffic, tests official and internal APIs with cookie auth, checks Origin/CSRF requirements, and produces a structured findings document with a credential extraction recipe. One platform at a time. Triggers: session recon, cookie auth testing, extension proxy feasibility, SaaS API cookie test, session proxy validation."
doctl CLI Patterns Skill
by vanman2024
```
analytics-tracking
by aiaiohhh
When the user wants to set up, improve, or audit analytics tracking and measurement. Also use when the user mentions "set up tracking," "GA4," "Google Analytics," "conversion tracking," "event tracking," "UTM parameters," "tag manager," "GTM," "analytics implementation," or "tracking plan." For A/B test measurement, see ab-test-setup.
session-management
by vanman2024
Clerk session handling, JWT verification, token management, and multi-session workflows. Use when implementing session validation, JWT claims customization, token refresh patterns, session lifecycle management, or when user mentions session errors, authentication tokens, JWT verification, multi-device sessions, or session security.
page-cro
by aiaiohhh
When the user wants to optimize, improve, or increase conversions on any marketing page — including homepage, landing pages, pricing pages, feature pages, or blog posts. Also use when the user says "CRO," "conversion rate optimization," "this page isn't converting," "improve conversions," or "why isn't this page working." For signup/registration flows, see signup-flow-cro. For post-signup activation, see onboarding-cro. For forms outside of signup, see form-cro. For popups/modals, see popup-cro.
flowi
by aiaiohhh
Visual flowchart and diagram planning tool. Claude writes structured JSON to a .flowi/ directory, which renders as interactive, editable diagrams in the browser. Use for architecture planning, user flows, system design, state machines, and UI mockups.
api-authentication
by vanman2024
Backend API authentication patterns with Clerk JWT middleware and route protection. Use when building REST APIs, GraphQL APIs, protecting backend routes, implementing JWT validation, setting up Express middleware, or when user mentions API authentication, backend security, JWT tokens, or protected endpoints.
onboarding-cro
by aiaiohhh
When the user wants to optimize post-signup onboarding, user activation, first-run experience, or time-to-value. Also use when the user mentions "onboarding flow," "activation rate," "user activation," "first-run experience," "empty states," "onboarding checklist," "aha moment," or "new user experience." For signup/registration optimization, see signup-flow-cro. For ongoing email sequences, see email-sequence.