Auth
Authentication and authorization
epic-auth
by rubenpenap
Guide on authentication, sessions, OAuth, 2FA, and passkeys for Epic Stack
research
by thoreinstein
Research the codebase to find and explain specific topics, answering questions about architecture, configuration, data flows, and implementation details
change-impact-analyzer
by gaebalai
Analyzes impact of proposed changes on existing systems (brownfield projects) with delta spec validation. Trigger terms: change impact, impact analysis, brownfield, delta spec, change proposal, change management, existing system analysis, integration impact, breaking changes, dependency analysis, affected components, migration plan, risk assessment, brownfield change. Provides comprehensive change analysis for existing systems: - Affected component identification - Breaking change detection - Dependency graph updates - Integration point impact - Database migration analysis - API compatibility checks - Risk assessment and mitigation strategies - Migration plan recommendations Use when: proposing changes to existing systems, analyzing brownfield integration, or validating delta specifications.
bknd-production-config
by cameronapak
Use when preparing a Bknd application for production deployment. Covers security hardening, environment configuration, isProduction flag, JWT settings, Guard enablement, CORS, media storage, and production checklist.
architecture-patterns
by dagba
Choose and implement iOS architecture patterns (MVVM, TCA, Clean Architecture) based on feature complexity. Use when designing architecture for new features or refactoring existing code.
php-security
by peixotorms
Use when handling user input, database queries, file operations, authentication, sessions, or any security-sensitive PHP code. Covers SQL injection prevention with prepared statements, PDO parameterized queries, XSS with htmlspecialchars, CSRF tokens, input validation (filter_var, FILTER_VALIDATE_*, FILTER_SANITIZE_*), output escaping by context, password_hash, password_verify, bcrypt, Argon2, file upload security, session management, SameSite cookies, Content-Security-Policy headers, serialization security, process execution security, error exposure, php.ini hardening (open_basedir, disable_functions, allow_url_include), OWASP Top 10 for PHP, rate limiting, brute force protection, directory traversal, path traversal, and common vulnerability patterns.
code-reviewer
by gaebalai
Copilot agent that assists with comprehensive code review focusing on code quality, SOLID principles, security, performance, and best practices Trigger terms: code review, review code, code quality, best practices, SOLID principles, code smells, refactoring suggestions, code analysis, static analysis Use when: User requests involve code reviewer tasks.
wayback-submit
by Mearman
Submit a URL to the Wayback Machine for archiving. Use when the user wants to archive a webpage, save a page to the Internet Archive, preserve a URL, or create a snapshot.
api-designer
by icartsh
"OpenAPI/Swagger 사양, 인증 패턴, 버전 관리 전략 및 모범 사례를 사용하여 RESTful 및 GraphQL API를 설계하고 문서화합니다. 사용 사례: (1) API 사양 생성, (2) REST 엔드포인트 설계, (3) GraphQL 스키마 설계, (4) API 인증 및 권한 부여, (5) API 버전 관리 전략, (6) 문서 생성"
session-start
by webbertakken
Start team, run dev servers, and read PROMPT.md if present.
epic-testing
by rubenpenap
Guide on testing with Vitest and Playwright for Epic Stack
ticktick-cli
by flexoid
Operate TickTick through the ticktick command-line interface, including authentication, read/query flows, and safe mutations for tasks, projects, folders, columns, tags, habits, user info, focus analytics, and sync payloads. Use when users ask to run TickTick terminal commands, parse TickTick CLI JSON output, resolve IDs, or fix TickTick CLI configuration/auth failures.
google-trends-ath-detector
by fatfingererr
專注於 Google Trends 數據擷取與分析,使用 Selenium 模擬真人瀏覽器行為抓取數據,自動判定搜尋趨勢是否創下歷史新高(ATH)或出現異常飆升,並提供訊號分型(季節性/事件驅動/結構性轉變)。
bknd-protect-endpoint
by cameronapak
Use when securing specific API endpoints in Bknd. Covers protecting custom HTTP triggers, plugin routes, auth middleware for Flows, checking permissions in custom endpoints, and role-based endpoint access.
bknd-login-flow
by cameronapak
Use when implementing login and logout functionality in a Bknd application. Covers SDK authentication methods, REST API endpoints, React integration, session checking, and error handling.
superplan
by asteroid-belt
Use when starting significant features, epics, or complex tasks. Creates multi-phase implementation plans with parallelizable phases, poker estimates, TDD-first acceptance criteria, and quality gates. Detects tech stack from CLAUDE.md/AGENTS.md (bypassing internet research if complete) or via codebase scan.
investigating-codebases
by C0ntr0lledCha0s
Automatically activated when user asks how something works, wants to understand unfamiliar code, needs to explore a new codebase, or asks questions like "where is X implemented?", "how does Y work?", or "explain the Z component"
teach
by asteroid-belt
Transforms technical documents into rigorous learning journeys with collegiate-level mastery requirements. Uses Bloom's taxonomy progression, 80%+ mastery thresholds, and multi-level verification before advancing. Treats learning as a high school to college graduation progression. Use when user wants deep understanding, not surface familiarity.
route-tester
by mamba-mental
Test authenticated routes in the your project using cookie-based authentication. Use this skill when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for using test-auth-route.js and mock authentication.
url-to-markdown
by zlh-428
Fetch any URL and convert to markdown using Chrome CDP. Supports two modes - auto-capture on page load, or wait for user signal (for pages requiring login). Use when user wants to save a webpage as markdown.
done
by Genuifx
"Save a session summary to ~/.claude-done/ when wrapping up. Use when the user says /done, 'wrap up', 'save session notes', 'summarize this session', or wants to record what was accomplished."
playwright-testing
by C0ntr0lledCha0s
Automatically activated when user works with Playwright tests, mentions Playwright configuration, asks about selectors/locators/page objects, or has files matching *.spec.ts in e2e or tests directories. Provides Playwright-specific expertise for E2E and integration testing.
learning-about-you
by designnotdrum
"Proactively learn about the user through onboarding and ongoing observation. Use at session start and when you notice potential preferences."
setup-chess-timer-hooks
by designnotdrum
Install hookify rules for automatic chess timer session management