Pull latest origin/main into the current local branch and resolve merge conflicts (aka update-branch). Use when Codex needs to sync a feature branch with origin, perform a merge-based update (not rebase), and guide conflict resolution.

Audit GDD-specified content counts against implemented content. Identifies what's planned vs built.

Engineer robust Python document-processing systems for this repository. Use when tasks involve Docling-first analysis, OCR/table fallback design, editable DOCX generation, RTL/LTR mixed text handling, project scaffolding, CI/tooling setup, or implementation planning and execution that must prioritize correctness, maintainability, and practical delivery.

>-

Break a single epic into implementable story files. Reads the epic, its GDD, governing ADRs, and control manifest. Each story embeds its GDD requirement TR-ID, ADR guidance, acceptance criteria, story type, and test evidence path. Run after /create-epics for each epic.

Use when the user asks how to build with OpenAI products or APIs and needs up-to-date official documentation with citations, help choosing the latest model for a use case, or explicit GPT-5.4 upgrade and prompt-upgrade guidance; prioritize OpenAI docs MCP tools, use bundled references only as helper context, and restrict any fallback browsing to official OpenAI domains.

Use when entering this repository and needing the shared workspace entrypoint before choosing a company or track.

Bootstrap a fresh Laravel app from this starter kit repo into ~/projects using the bundled deterministic shell script. Use when Codex should create a new project with fresh git history, keep the first commit identical to the starter kit snapshot, seed a project README from the user's app brief, start the app locally through the shared proxy flow, and avoid extra app-specific edits during bootstrap.

Expert database administrator specializing in modern cloud databases, automation, and reliability engineering.

Safe editing guidance for the hgame GameMaker Studio 2 JRPG project. Use when Codex or an agent needs to inspect, modify, refactor narrowly, debug, or extend this repository's GML code, GMS2 objects, rooms, scripts, save data, inventory, equipment, character, skill, menu, NPC, movement, audio, or room-state systems.

Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Codex's capabilities with specialized knowledge, workflows, or tool integrations.

Organize Swift source trees and oversized Swift files by feature, layer, and declaration group; split large files, normalize `// MARK:` sections, move TODO and FIXME text into ledger files, and add DocC comments. Use after `format-swift-sources` has established a clean formatting baseline.

>

qa-only

Use when Codex needs to discover, specify, document, implement, reconcile, verify, post-check, or choose the next Appaloft business behavior/business operation from ADRs, global contracts, local command/query/event/workflow/error specs, implementation plans, operation catalog entries, read models, Web/API/CLI entrypoints, public docs anchors, or spec-driven test matrices. Supports artifact-guided behavior dossiers, incremental or complete readiness workflows, Discover Round, Spec Round, Docs Round, Test-First Round, Code Round, Sync Round, Next Behavior Selection, and Post-Implementation Sync.

Scan a repo for mixed ADRs, PRDs, SPECs, and DOCs and bootstrap or merge the full .planning/ setup from them. Classifies each doc in parallel, synthesizes a consolidated context with a conflicts report, and routes to new-project or merge-milestone depending on whether .planning/ already exists.

Use when the user wants to register new work from a bug report, idea, or task description and an existing GitHub Issue number is not already known.

Use inside spark-workflow when the user wants discussion, requirement exploration, idea comparison, or codebase investigation without implementation.

Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability

Build premium React/Next.js interfaces calibrated to a specific brand identity, informed by competitive landscape research, and engineered to override default LLM design biases.

vvm

**Version**: 1.0.0

Use when implementing any feature or bugfix where correctness matters - before writing implementation code.

Load this skill for any work in `projectbluefin/bluefin-mcp` — Go backend, tools, tests, testdata, CI.

>

Use Safari directly on macOS when work must happen in the user's real Safari session instead of a separate automation browser. Best for reading the current tab, inspecting the live session layout, operating Safari menu bar or native toolbar controls, reading page text and structure, running page JavaScript, waiting for page conditions, exporting page artifacts, and performing lightweight DOM interactions in the active Safari tab. If Safari JavaScript from Apple Events is disabled, guide the user to enable it or fall back to desktop-control for visual interaction.

>

Query multiple threat intelligence services for IOC enrichment including IP reputation, domain analysis, URL scanning, hash lookups, and malware detection. Use when investigating observables (IP, domain, URL, hash) to gather context from external sources like VirusTotal, GreyNoise, Shodan, AbuseIPDB, AlienVault OTX, and more. Supports both API-key services and free services.

Generate, install, and manage Git hooks with pre-built templates. Includes hooks for linting staged files, enforcing conventional commits, blocking debug statements, preventing large file commits, auto-formatting code, requiring ticket references, protecting branches, running tests before push, and auto-installing dependencies after merge. Use when setting up git hooks, enforcing commit conventions, or automating pre-commit/pre-push checks.

Builds dapps on Monad blockchain. Use when deploying contracts, setting up frontends with viem/wagmi, or verifying contracts on Monad testnet or mainnet.

Use for any project where external users need a login to view or interact with Domo dashboards — regardless of what the user calls it. If someone wants clients, customers, or partners to have accounts and see Domo content (their data only, branded, filtered per user), this is the right skill. Covers the full build from scratch — auth, user management, data isolation, and Domo embed integration. Trigger on phrases like 'give clients a login to see dashboards,' 'sell access to our analytics,' 'white-label reporting for customers,' 'client portal with Domo,' 'productize our Domo data,' or 'external users should see their own dashboards.' Skip only if they already have a working portal and need just one specific sub-feature (edit embeds → use edit-embed, JS API filters → use jsapi-filters, programmatic filters → use programmatic-filters).

Assists with building CMake-based Nix packages, understanding cmake-specific Nix attributes, and troubleshooting CMake builds in Nix

>-

>-

Conducts thorough research on repository structure, documentation, conventions, and implementation patterns. Use when onboarding to a new codebase or understanding project conventions.

Debug AWS infrastructure for the claims processing pipeline. Use when the user asks to debug cases, segments, check DynamoDB state, inspect S3 buckets, trace Lambda execution, or investigate CloudFormation stacks.

Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes

Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.

Best practices for using the oracle CLI (prompt + file bundling, engines, sessions, and file attachment patterns).

This skill provides guidance for creating effective skills.

Guide for creating effective ouro skills. Use when users want to create a new skill (or update an existing skill) that extends ouro's capabilities with specialized knowledge, workflows, or tool integrations.

Write or upgrade an AI-facing specification or scoped execution artifact using a reusable spec writing standard. Use when a repo needs a precise, implementation-ready contract with explicit goals, current evidence, boundaries, commands, validation gates, and approval rules. Do not use for lightweight briefs, changelogs, or loose brainstorm notes.

Conduct comprehensive security assessments of WordPress installations including enumeration of users, themes, and plugins, vulnerability scanning, credential attacks, and exploitation techniques. Word

Authors system prompt additions for pi coding agent. Use when extending pi's default prompt with custom principles, guidelines, or project-specific rules via SYSTEM.md or APPEND_SYSTEM.md.

Web application testing principles. E2E, Playwright, deep audit strategies.

When the user wants help creating, scheduling, or optimizing social media content for LinkedIn, Twitter/X, Instagram, TikTok, Facebook, or other platforms. Also use when the user mentions 'LinkedIn post,' 'Twitter thread,' 'social media,' 'content calendar,' 'social scheduling,' 'engagement,' or 'viral content.' This skill covers content creation, repurposing, and platform-specific strategies.

Export a Vibe-Trading backtest strategy to a runnable vnpy CtaTemplate Python class — supports A-share equities, futures, and crypto via BarGenerator + ArrayManager.

Creates one or more git commits using scoped conventional commit messages. Use when changes are ready to commit and you want the agent to stage only the intended files, follow repository commit rules, and avoid unrelated modifications.

Use only when the user explicitly wants to build with the Agently framework (mentions Agently/agently/OpenAICompatible/TriggerFlow/ToolExtension/ChromaCollection, or says “用 Agently 做/用 agently 做”). Deliver runnable code plus regression tests validating schema/ensure_keys and streaming (delta/instant/streaming_parse), with optional tools (Search/Browse/MCP), TriggerFlow orchestration, KB (ChromaDB), and serviceization (SSE/WS/HTTP). Do not use for generic streaming/testing questions that are not about Agently, or for prompt-only writing without tests/structure.

Agent skill for agent - invoke with $agent-agent