Skill UI

Automatically scans code for reflected, stored, and DOM-based XSS risks across HTML, JavaScript, CSS, and URLs, providing reports and safe proof-of-concept payloads for use in reviews, audits, or pre-deployment checks.

Perform Static Application Security Testing (SAST) to identify critical security vulnerabilities, including SQL injection, XSS, hardcoded secrets, and path traversal, directly from source code. Supports multi-language ecosystems (Python, JavaScript, Java, Go, etc.) and major frameworks, enabling crucial pre-deployment security validation and compliance checks (OWASP, PCI-DSS).

Analyzes existing Rails applications to provide a comprehensive and detailed upgrade assessment. This tool checks current gem and JavaScript dependencies, compares the running version against the latest stable release, fetches official upgrade guides, and generates diff reports. It assesses upgrade complexity (Small, Medium, Large) to ensure smooth and safe version migration for Ruby on Rails projects.

Provides a comprehensive guide and framework for building robust, production-grade Slack applications. Utilizes the recommended Bolt framework to handle authentication, event routing, and request verification across Python, JavaScript, and Java. Covers advanced topics like interactive UI design using Block Kit, implementing slash commands, managing OAuth flows, and integrating with Workflow Builder. Ideal for developers building sophisticated, enterprise-level team communication tools.

This comprehensive guide provides step-by-step instructions for setting up a complete connection to a Supabase backend. It covers installing the necessary SDKs (for TypeScript and Python) and the CLI, securely configuring environment variables (URL, anon key, service role key), and initializing the client singleton for both client-side and server-side applications. Essential for new project development and authentication integration.

A comprehensive guide for migrating and upgrading the Supabase SDK (JS/TS and Python) and CLI. This tool detects breaking changes, covers major version jumps (e.g., v1 to v2), and provides automated code migration patterns for Auth, Realtime, and Storage APIs. Use this when updating your project to a new Supabase version or when encountering API deprecations.

This skill validates web applications across diverse browsers (Chromium, Gecko, WebKit) and real mobile devices. It supports both local testing using Playwright and scalable cloud testing via major platforms like BrowserStack, Sauce Labs, and Kobiton. Use it when ensuring consistent UI/UX, correct CSS rendering, and functional JavaScript behavior regardless of the target environment or device type.

Detects TypeScript/JavaScript circular imports, visualizes dependency cycles with tools like madge, and offers strategies (shared interfaces, DI, dynamic/type-only imports, barrel restructuring) plus CI checks and ESLint rules for ongoing prevention.

This agent provides deep, practical expertise in TypeScript and JavaScript. It covers complex topics like type-level programming, branded types, conditional types, and advanced performance optimization for large-scale projects. It is ideal for diagnosing complex type errors, optimizing build processes, and managing monorepo configurations, ensuring robust and maintainable codebases.

This skill acts as an expert test automation specialist, capable of analyzing source code across multiple languages (Python, JavaScript, TypeScript, etc.). It generates comprehensive, maintainable unit test suites using best practices, maximizing code coverage, and specifically targeting edge cases and exception handling. Use it to ensure high code quality and structural consistency.

Comprehensive verification system for Claude Code sessions that runs build, type, lint, test, security, and diff checks before PRs to ensure code quality and compliance across JS/TS and Python projects.

Senior-level Vue 3 guidance that builds components, composables, routing, and state entirely in JavaScript with JSDoc annotations, letting teams prototyping or migrating from Options API deliver typed apps without TypeScript tooling.