Processing
Data transformation and parsing
continuous-learning
by affaan-m
Automatically extract reusable patterns from Claude Code sessions and save them as learned skills for future use.
analyzing-cobaltstrike-malleable-c2-profiles
by mukul975
Parse and analyze Cobalt Strike Malleable C2 profiles using dissect.cobaltstrike and pyMalleableC2 to extract
swift-protocol-di-testing
by affaan-m
Protocol-based dependency injection for testable Swift code — mock file system, network, and external APIs using focused protocols and Swift Testing.
continuous-learning
by affaan-m
Automatically extract reusable patterns from Claude Code sessions and save them as learned skills for future use.
cmux
by manaflow-ai
End-user control of cmux topology and routing (windows, workspaces, panes/surfaces, focus, moves, reorder, identify, trigger flash). Use when automation needs deterministic placement and navigation in a multi-pane cmux layout.
analyzing-windows-registry-for-artifacts
by mukul975
Extract and analyze Windows Registry hives to uncover user activity, installed software, autostart entries, and evidence of system compromise.
e2e-testing
by affaan-m
Playwright E2E testing patterns, Page Object Model, configuration, CI/CD integration, artifact management, and flaky test strategies.
swift-actor-persistence
by affaan-m
Thread-safe data persistence in Swift using actors — in-memory cache with file-backed storage, eliminating data races by design.
springboot-tdd
by affaan-m
Test-driven development for Spring Boot using JUnit 5, Mockito, MockMvc, Testcontainers, and JaCoCo. Use when adding features, fixing bugs, or refactoring.
coding-standards
by affaan-m
Universal coding standards, best practices, and patterns for TypeScript, JavaScript, React, and Node.js development.
api-design
by affaan-m
REST API design patterns including resource naming, status codes, pagination, filtering, error responses, versioning, and rate limiting for production APIs.
project-guidelines-example
by affaan-m
"Example project-specific skill template based on a real production application."
clickhouse-io
by affaan-m
ClickHouse database patterns, query optimization, analytics, and data engineering best practices for high-performance analytical workloads.
delight
by pbakaus
Add moments of joy, personality, and unexpected touches that make interfaces memorable and enjoyable to use. Elevates functional to delightful.
django-tdd
by affaan-m
Django testing strategies with pytest-django, TDD methodology, factory_boy, mocking, coverage, and testing Django REST Framework APIs.
golang-patterns
by affaan-m
Idiomatic Go patterns, best practices, and conventions for building robust, efficient, and maintainable Go applications.
auditing-aws-s3-bucket-permissions
by mukul975
Systematically audit AWS S3 bucket permissions to identify publicly accessible buckets, overly permissive ACLs, misconfigured bucket policies, and missing encryption settings using AWS CLI, S3audit, and Prowler to enforce least-privilege data access controls.
analyzing-golang-malware-with-ghidra
by mukul975
Reverse engineer Go-compiled malware using Ghidra with specialized scripts for function recovery, string extraction, and type reconstruction in stripped Go binaries.
analyzing-command-and-control-communication
by mukul975
Analyzes malware command-and-control (C2) communication protocols to understand beacon patterns, command structures, data encoding, and infrastructure. Covers HTTP, HTTPS, DNS, and custom protocol C2 analysis for detection development and threat intelligence. Activates for requests involving C2 analysis, beacon detection, C2 protocol reverse engineering, or command-and-control infrastructure mapping.
analyzing-network-traffic-for-incidents
by mukul975
Analyzes network traffic captures and flow data to identify adversary activity during security incidents, including command-and-control communications, lateral movement, data exfiltration, and exploitation attempts. Uses Wireshark, Zeek, and NetFlow analysis techniques. Activates for requests involving network traffic analysis, packet capture investigation, PCAP analysis, network forensics, C2 traffic detection, or exfiltration detection.
analyzing-indicators-of-compromise
by mukul975
Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.
database-migrations
by affaan-m
Database migration best practices for schema changes, data migrations, rollbacks, and zero-downtime deployments across PostgreSQL, MySQL, and common ORMs (Prisma, Drizzle, Django, TypeORM, golang-migrate).
analyzing-linux-elf-malware
by mukul975
Analyzes malicious Linux ELF (Executable and Linkable Format) binaries including botnets, cryptominers, ransomware, and rootkits targeting Linux servers, containers, and cloud infrastructure. Covers static analysis, dynamic tracing, and reverse engineering of x86_64 and ARM ELF samples. Activates for requests involving Linux malware analysis, ELF binary investigation, Linux server compromise assessment, or container malware analysis.
floor-plan
by markdown-viewer
Create architectural floor plans and interior layouts using drawio XML format with building-standard symbols. Best for office layouts, home floor plans, evacuation plans, and seating arrangements. Built on drawio with floorplan-specific stencils. NOT for simple diagrams (use mermaid) or UI wireframes (use wireframe skill).