Implement client-side data storage with localStorage, IndexedDB, or SQLite WASM. Use when storing user preferences, caching data, or building offline-first applications.
Implement SQLite database patterns using the database.py interface with complete SQL isolation. MANDATORY for all database projects.
Implement SQLite database patterns using the database.py interface with complete SQL isolation. MANDATORY for all database projects.
Use when creating database migrations. Prevents data loss, downtime, and performance issues. Supports PostgreSQL, MySQL, SQLite. Python 3.8+
SQLite database migration patterns for SpecFlux. Use when creating new tables, modifying schema, adding indexes, or running migrations.
Review database schema design, query patterns, and data access layer for correctness and performance.
Kailash DataFlow - zero-config database framework with automatic model-to-node generation. Use when asking about 'database operations', 'DataFlow', 'database models', 'CRUD…
Datasette is an open-source Python tool for exploring and publishing data. It turns any SQLite database into an interactive web interface with a JSON API, enabling data…
Open and operate the local DB Craft visual schema studio at D:\DBdesigner. Use it to design or edit MySQL 8, PostgreSQL 14, SQLite, and MSSQL models, generate tables with AI,…
dbmate is a standalone, framework-agnostic database migration tool that uses plain SQL files. It supports PostgreSQL, MySQL, SQLite, ClickHouse, BigQuery, and Spanner, and works…
Enforce dependency security scanning and SBOM generation. Use when adding dependencies, reviewing package.json, or during security audits.
Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive
Detects race condition vulnerabilities including TOCTOU, double-checked locking issues, and shared state problems.
Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity
Detect and analyze SQL injection vulnerabilities in application code and database queries. Use when you need to scan code for SQL injection risks, review query construction,…
Vérifie un projet contre le OWASP Top 10 et propose des remédiations. À utiliser pour vérifier la conformité OWASP.
Guide pour écrire des requêtes SQL et concevoir des schémas SQLite avec les bonnes pratiques. À utiliser quand l'utilisateur travaille avec SQLite, écrit des requêtes SQL ou…
i-Willink 共通開発標準。スタック非依存の汎用層(TypeScript strict / Conventional Commits / OWASP / テスト方針 / コミット粒度)。各 agent が起動時に preload する。プロジェクト固有の規約は `project-standards` skill 側に書く。
Middleware CORS para Horse. Cobre HorseCORS/CORS, HorseCORSConfig (AllowedOrigin, AllowedMethods, AllowedHeaders, AllowedCredentials, ExposedHeaders), preflight OPTIONS (204) e…
Middleware CORS para Horse. Cobre HorseCORS/CORS, HorseCORSConfig (AllowedOrigin, AllowedMethods, AllowedHeaders, AllowedCredentials, ExposedHeaders), preflight OPTIONS (204) e…
Compare checked-in SQL against live MySQL, PostgreSQL, SQLite, or SQL Server schemas and generate a reviewable apply plan before agents touch production databases.
Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management.
Django security - CSRF protection, authentication, sessions, login/logout, password handling, middleware, protected views
Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deployment configurations.
OWASP Docker Top 6 vulnerability knowledge base for identifying, assessing, and remediating security risks in containerized Docker environments.
Perform OWASP Top 10 static security audit identifying vulnerabilities in access control, cryptography, injection, configuration, and logging.
Manage database schema with Drizzle ORM and SQLite migrations. Use when adding tables, modifying columns, creating indexes, or running migrations.
Provides comprehensive Drizzle ORM patterns for schema definition, CRUD operations, relations, queries, transactions, and migrations.
Drizzle ORM best practices including schema design with relationships, database migrations, prepared statements for performance, transactions, indexes, Turso SQLite database…
Create and review Cloudflare Durable Objects. Use when building stateful coordination (chat rooms, multiplayer games, booking systems), implementing RPC methods, SQLite storage,…
Build secure desktop applications with Electron 33, Vite, React, and TypeScript. Covers type-safe IPC via contextBridge, OAuth with custom protocol handlers, native module…
Diagnose and fix Laravel environment configuration issues, cache problems, and database connection errors.
Deserialization vulnerability audit skill with gadget chain knowledge for all major languages. Trigger when the user asks to: "audit deserialization", "check for insecure…
Serialization and deserialization security review skill for object mappers, parser pipelines, message formats, and state transfer mechanisms.
Dodaje fakturę zakupu (koszt) do rejestru SQLite — zapisuje sprzedawcę, NIP, kwoty, kategorię, datę wpływu.
Tests APIs for Broken Function Level Authorization (BFLA) vulnerabilities where regular users can invoke administrative
Detecting and exploiting HTTP request smuggling vulnerabilities caused by Content-Length and Transfer-Encoding
Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources
Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications
Discover and exploit mass assignment vulnerabilities in REST APIs to escalate privileges, modify restricted fields,
Detect and exploit NoSQL injection vulnerabilities in MongoDB, CouchDB, and other NoSQL databases to demonstrate
Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications
Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack
Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests
Detecting and exploiting SQL injection vulnerabilities using sqlmap to extract database contents during authorized
Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker,
Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent
Apply consistent React Native + Expo conventions for project structure, Expo Router navigation, theming primitives, icons, sqlite data patterns, safe area handling, and bun/bunx…
Audit sicurezza OWASP avanzato per pre-lancio. Checklist completa. Trigger: "audit sicurezza", "OWASP", "penetration test", "security review"
Use when adding auth/authz, HTTP-surface hardening, or an OWASP review to a scaffolded FastAPI service after the auth provider decision is approved or deferred.
Guides development of Fastify Node.js backend servers and REST APIs using TypeScript or JavaScript. Use when building, configuring, or debugging a Fastify application — including…
前端质量与安全技能包,涵盖前端安全加固、错误监控集成、前端 CI/CD 流水线、无障碍(a11y)合规。 当需要加固前端安全防护(XSS/CSP/依赖审计)、集成错误监控(Sentry/自研SDK)、搭建前端 CI/CD 流水线(GitHub Actions/GitLab CI/Lighthouse…
Focuses on routing, CSRF protection, context handling, and template usage within the internal handlers directory.
Identify and exploit file path traversal (directory traversal) vulnerabilities that allow attackers to read arbitrary files on the server, potentially including sensitive…
Use whenever the user wants to find, shortlist, vet, or enrich US cybersecurity firms — pen-testing/red team, security audits, vCISO, SOC 2 readiness, incident response, managed…
Analyze Firefox bookmarks and tags directly from the places.sqlite database. Extract recent bookmarks, analyze tag popularity, find bookmark statistics, and explore bookmark…
Use when building Flutter/Dart apps, debugging Flutter issues, reviewing Flutter PRs, choosing state management, testing widgets/providers, optimizing Flutter performance, or…
Security hardening superbrain — CWE Top 25, STRIDE threat modeling, Electron hardening, encryption, dependency audits, OWASP compliance
Observability pipeline and CI audit pack. JSONL-to-SQLite trace ingestion and CI workflow validation. 2 observability tools.
Complete guide for using drift database library in Flutter applications. Use when building Flutter apps that need local SQLite database storage with type-safe queries, reactive…