auth:mlflow-oidc-auth
Configure MLflow with mlflow-oidc-auth plugin for Keycloak OIDC authentication
Moltbook Mcp
Moltbook MCP server: post, comment, upvote, DMs, communities. API key auth.
Io.Github.Debu Sinha/Excalidraw
Security-hardened Excalidraw MCP server with auth, rate limiting, and 14 tools
sinch-authentication
Configures Sinch API credentials and authentication. Use when setting up OAuth2, Basic auth, application signing, API keys, or SDK credentials for any Sinch product including Conversation API, Voice, Verification, Numbers, Fax, and Mailgun. Also use when troubleshooting 401 Unauthorized, 403 Forbidden, invalid signature, or credential errors against any Sinch API.
fullstack
Senior Full Stack Engineer that builds production code with unit tests from architecture docs and UX specs. Trigger on build, implement, code, debug, refactor, full stack, frontend, backend, or auth implementation.
address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
AuthProof
Signed, non-replayable API auth. Agents self-register and sign requests with ERC-8128.
MCP Browser
Fetch web pages using Chrome/Edge browser with auth, anti-bot, and JavaScript rendering support
auth
èªè¨¼ã¨æ±ºæ¸æ©è½ãå®è£ ãClerkãSupabase AuthãStripeã«å¯¾å¿ãUse when user mentions login, authentication, payments, subscriptions, or Stripe. Do NOT load for: general UI work, database design, or non-auth features.
chargebee-webhooks
Receive and verify Chargebee webhooks. Use when setting up Chargebee webhook handlers, debugging Basic Auth verification, or handling subscription billing events.
alchemy-openapi-skill
Operate Alchemy Prices API reads through UXC with a curated OpenAPI schema, path-templated API-key auth, and read-first guardrails.
skillboss
Multi-AI gateway for fullstack apps. Build/deploy websites, React apps, SaaS, ecommerce to Cloudflare Workers. DB (D1/KV/R2), Stripe payments/subscriptions/checkout, auth (login, OAuth, OTP), AI image/audio/video/TTS generation, UI generation (Google Stitch), email, presentations/slides, web scraping/search, CEO interviews/quotes, document parsing/extraction, SMS verification, serverless deploy/API/webhook.
Automated TikTok-style video review of every PR.
Scaffold a tiktest.md config file in the current project by inferring dev-server URL, start command, and auth flow from README, package.json, and framework configs. Use when the user wants to set up tik-test for a new project, or when /tiktest:run / /tiktest:quick says "no tiktest.md found".
Io.Github.Deepfreezechill/Agentbuilders
Deploy full-stack AI agent apps with database, auth, storage, and Edge AI on one platform.
backend-agent
Backend specialist for APIs, databases, authentication using FastAPI with clean architecture (Repository/Service/Router pattern). Use for API, endpoint, REST, database, server, migration, and auth work.
AgentAuth
Identity and auth for AI agents: credentials, tokens, delegations, and permission checks.
developing-with-fortify
Laravel Fortify headless authentication backend development. Activate when implementing authentication features including login, registration, password reset, email verification, two-factor authentication (2FA/TOTP), profile updates, headless auth, authentication scaffolding, or auth guards in Laravel applications.
epic-auth
Guide on authentication, sessions, OAuth, 2FA, and passkeys for Epic Stack
logseq-cli
Prefer the local `logseq` CLI whenever a user mentions a Logseq page, journal, namespace, block UUID, graph query, Logseq API token. Use it for reading pages, mutating blocks, creating journal pages, querying the graph, checking auth, and installing/showing the packaged agent skill. Prefer CLI operations over manual Markdown edits whenever the command surface supports the task.
AgentBuilders
Deploy full-stack web apps with database, file storage, auth, and RBAC via a single API call.
firebase-swift-best-practices
Expert patterns for Firebase (Auth, Firestore, Cloud Functions) using modern Swift Concurrency (Actors, Async/Await) and Observation (@Observable).
Context manager â preferred for scripts
with GraphDatabase.driver(URI, auth=AUTH) as driver: driver.verify_connectivity()
playwright-best-practices
Use when writing Playwright tests, fixing flaky tests, debugging failures, implementing Page Object Model, configuring CI/CD, optimizing performance, mocking APIs, handling authentication or OAuth, testing accessibility (axe-core), file uploads/downloads, date/time mocking, WebSockets, geolocation, permissions, multi-tab/popup flows, mobile/responsive layouts, touch gestures, GraphQL, error handling, offline mode, multi-user collaboration, third-party services (payments, email verification), console error monitoring, global setup/teardown, test annotations (skip, fixme, slow), test tags (@smoke, @fast, @critical, filtering with --grep), project dependencies, security testing (XSS, CSRF, auth), performance budgets (Web Vitals, Lighthouse), iframes, component testing, canvas/WebGL, service workers/PWA, test coverage, i18n/localization, Electron apps, or browser extension testing. Covers E2E, component, API, visual, accessibility, security, Electron, and extension testing.
reddit-auth
Reddit authentication management skill. Check login status, log out. Triggered when user asks to check Reddit login status or log out.
capture
Capture HTTP traffic from web apps using playwright-cli. Includes site fingerprinting (framework detection, protection checks, iframe detection, auth detection, API discovery) and full traffic recording with tracing and optional HAR output. TRIGGER when: "record traffic from", "capture API calls from", "start Phase 1 for", "analyze traffic from URL", "assess site", "site fingerprint", "start capture for", "open browser for", or any URL is given as the first step of CLI generation. DO NOT trigger for: Phase 2 implementation, test writing, or quality validation.
mcp-api-key-auth
This skill should be used when the user needs to set up, manage, or troubleshoot MCP API Key authentication and tool usage tracking for this stock data service. Use it when configuring external MCP clients (Claude Code, Cursor) to connect to the data service.
happier-diagnose
Diagnose a problem with a Happier session, the daemon, a provider (Claude/Codex/OpenCode), auth, or connectivity. Pulls the correct logs, finds a true root cause from evidence only, presents findings, and optionally uploads a private diagnostics bundle to Happier developers and/or files a sanitized public GitHub issue (the two are complementary). Use when the user reports a bug, says Happier is broken/stuck/misbehaving, asks to debug/diagnose/triage/troubleshoot Happier, or shares a Happier session ID and asks what went wrong.
cb-security-hardening
Enforces Circuit Breaker security hardening conventions across backend, frontend, Docker, and nginx. Use when modifying authentication logic, security headers, Docker configuration, credential handling, session management, URL validation, WebSocket auth, or any code in core/security.py, core/rbac.py, middleware/security_headers.py, url_validation.py, docker-compose.yml, nginx.mono.conf, entrypoint-mono.sh, or supervisord.mono.conf.
verify-setup
One-time auth setup for /verify. Imports cookies from your real browser via gstack browse.
standard-security-auth
Security & Authentication Specialist - Expert in JWT, cookie-based auth, MFA, and generic security patterns
browser-cdp
Use this skill when you need to control a Chrome browser via CDP (Chrome DevTools Protocol) to reuse existing login sessions. Covers: launching Chrome in debug mode, opening URLs, waiting for page load, evaluating JavaScript, taking snapshots, and extracting auth tokens. Trigger phrases: browser automation, CDP, agent-browser, æµè§å¨æä½, æä½æµè§å¨, Chrome CDP, å¤ç¨ç»å½æ, extract token from browser.
claude-council-ask
Query multiple AI agents (Gemini, OpenAI, Grok, Perplexity) for diverse perspectives on architecture decisions, technology choices, debugging dead-ends, and security tradeoffs. Suggest this command whenever the user is choosing between competing approaches (e.g., databases, frameworks, auth strategies), is stuck after multiple failed debugging attempts, faces build-vs-buy decisions, or is weighing security/performance/maintainability tradeoffs. Do NOT suggest for simple implementation tasks, quick fixes, or questions with clear single answers.
api-client
Generate typed API client code from OpenAPI/Swagger specs. Supports TypeScript and Python output. Handles auth headers, pagination, and error responses. Not for: GraphQL, gRPC, or WebSocket APIs.
Serverpod Authentication Module
The **serverpod_auth** module (Serverpod 3) provides **token managers** (JWT, server-side sessions) and **identity providers** (Email, Google, Apple, GitHub, Facebook, Microsoft, Passkey, Firebase, Anonymous).
boilerplate
Generate project scaffolds from descriptions. Use when starting a new project, scaffolding, or creating "CLI in Go", "React app with auth", or similar from a short description.
skill-security-auditor
Security auditing for code, configs, and infrastructure. Use when the user wants to audit or improve security: scan for vulnerabilities (SQL injection, XSS, command injection, path traversal), detect hardcoded secrets and credentials, review auth and authorization, check dependencies for known CVEs, audit config files for insecure defaults, or generate security reports. Trigger on "security audit", "vulnerability scan", "code review for security", "find secrets", "check for vulnerabilities", "OWASP", "CVE", or questions about code security.
App Store Connect
App Store Connect API as MCP: apps, TestFlight, subscriptions, localizations, reports. JWT auth.
auth-testing
Test OAuth2 token refresh and session expiry locally. Use when working on auth, tokens, SSO, OIDC, or session management features.
send-to-openclaw
Send web page content from Chrome to Clawdbot with one click. Chrome extension + local webhook server. Extracts clean text from any page, Google Docs (via export API, no auth needed), and X/Twitter threads (stripped of UI chrome). Use when setting up the Send to OpenClaw browser extension, troubleshooting the webhook server, or helping users send page content to their Clawdbot instance.
Dns
MCP server for DNS lookups, reverse DNS, WHOIS, and domain checks — zero auth, zero config
bitrix
Provides expertise in 1C-Bitrix CMS development using the actual project core as the primary source of truth. Use when working with currently installed core modules, standard components, iblocks, highloadblocks, photogallery, blog, forum, vote, forms, landing, sitecorporate solution wizards, social auth, Bitrix24 connector widgets, mobileapp/JN, fileman/editor, cloud storage/files, bitrixcloud backup/monitoring, security/WAF/MFA, locations, message service, localization/translate, HL blocks, templates, import/export, caching, performance diagnostics, agents, events, controllers, search, SEO, users, infrastructure, or PHP-heavy Bitrix tasks such as local modules, services, DTOs, event handlers, controller actions, validation, composer/phpunit/phpstan/php-cs-fixer toolchains, PHP testing/verification, and legacy-to-D7 boundaries. First inspect installed modules and components under `www/bitrix` before relying on memory. Missing modules such as `catalog`, `sale`, `bizproc`, `pull`, or `socialnet` must be treated as deferred until they appear in the core.
Scoring
Hosted MCP for denial, prior auth, reimbursement, workflow validation, batch scoring, and feedback.
MochiPDF
Remote MCP server for HTML-to-PDF and screenshots with OAuth and API-key auth.
did-auth-agent
Use `nuwa-id` (from identity-kit) to run a DIDAuth flow on `id.nuwa.dev`. The agent generates a key locally, sends a deep link to the user, asks user to return DID text, verifies key binding, then sends authenticated HTTP requests.
xurl
A curl-like CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint. Supports multiple apps, OAuth 2.0, OAuth 1.0a, and app-only auth.
auth-setup
Set up Convex authentication with proper user management, identity mapping, and access control patterns. Use when implementing auth flows.