Io.Github.JnMetaCode/Shellward
AI agent security: 7 MCP tools for injection detection, PII scanning, command safety, DLP.
working-with-nix
Use when working with Nix flakes, selecting devShells, debugging environment issues, or understanding Nix infrastructure - covers shell selection, environment detection, common commands, and project-specific constraints like pinned Rust versions
Io.Github.Tyox All/Mund
AI security scanner - secrets, PII, prompt injection, and exfiltration detection.
ScanMalware.com URL Scanner
MCP server for ScanMalware.com URL scanning, malware detection, and analysis.
lock-project-stack
Detect a project's manifest (pyproject.toml / package.json / go.mod / Cargo.toml), pin its library set into wet-mcp's Cabinets project_context, then route subsequent docs queries to the locked versions automatically.
HefestoAI
Pre-commit code quality guardian. Detects semantic drift in AI-generated code.
Io.Github.Lordbasilaiassistant Sudo/Base Flash Arb Mcp
MCP server for AI agents to detect flash loan arbitrage opportunities across DEXes on Base. Scan Uni
release-beta
Create a beta pre-release for community testing with intelligent version detection. Use when creating beta releases, publishing pre-releases, or preparing versions for community testing.
rune-diff
Compare a RUNE specification against its implementation to detect drift. Use when verifying that code still matches its spec after modifications, or when auditing existing implementations against their contracts.
vibe-ship
Generates a complete, production-ready deployment setup for any app in one pass -- Dockerfile, docker-compose.yml, .dockerignore, CI/CD (GitHub Actions), scalability config (health checks, resource limits, K8s on request), and security hardening (non-root user, secrets, dependency scanning). Auto-detects the stack from repo files (package.json, requirements.txt, go.mod, pom.xml, Gemfile, etc.) and writes real working files, not just advice. Also audits an EXISTING Dockerfile/compose/CI setup with a static scoring script and reports concrete findings. Use whenever the user asks to "dockerize", "containerize", "make this deployable", "production-ready", "vibe ship this", "add CI/CD", "set up deployment", "ship this app", requests a Dockerfile/docker-compose/GitHub Actions workflow, or wants a deployment setup reviewed -- even for just one piece (e.g. "add a Dockerfile"), since the full set is interdependent.
technical-seo-audit
Comprehensive technical SEO audit skill that analyses crawl data to identify issues, prioritise actions by business impact, and produce a detailed report plus actionable spreadsheet. Use this skill whenever the user wants to: run a technical SEO audit, analyse a website's technical health, review crawl data from Screaming Frog or Sitebulb, crawl a site via API (Firecrawl or similar), find indexability or crawlability issues, check Core Web Vitals, audit structured data or schema markup, detect cannibalisation or thin content, review redirect chains, find orphan pages, assess site architecture, or produce a prioritised list of SEO fixes. Also trigger when the user uploads a CSV from any crawl tool and asks for analysis, mentions "technical SEO", "site audit", "crawl audit", "SEO health check", or wants to understand why pages are not ranking from a technical perspective. This skill handles everything from data ingestion through to a business-impact-prioritised action plan.
Piranha
BJJ video analysis — YOLO pose detection + Claude AI technique analysis.
anti-slop-guide
Use when drafting, editing, or reviewing any prose to detect and remove AI writing patterns including overused vocabulary (delve, tapestry, landscape), formulaic structures (binary contrasts, rule of three), throat-clearing openers, business jargon, and other LLM tells
audit-paper-book
Use when you need to detect drift between an existing paper-book companion and a revised version of its source paper, then sync the mechanical pieces (new bib entries, new/changed figures) and report the substantive drift (renamed sections, changed numbers, new theorems, new contributions) for the user to triage. Counterpart to /init-paper-book. Read-only by default; --apply flag opts in to mechanical fixes.
SkillsSafe Security Scanner
AI skill security scanner. Detects prompt injection, credential theft, ClawHavoc. Free, no signup.
antipattern-detector
Detect common technical and organizational anti-patterns in proposals, architectures, and plans. Use when strategic-cto-mentor needs to identify red flags before they become problems.
Piranha Vision & DevTools
BJJ video analysis — YOLO pose detection, AI technique analysis, and highlight reels.
Icp Intelligence Mcp
Deep ICP Analysis with Pattern Detection - 9 B2B targeting tools
Shrike Security
AI agent security scanner — prompt injection detection, SQL injection, PII isolation, threat intel.
Blacksmith
MCP server for Blacksmith CI - query runs, analyze test failures, detect flaky tests.
AutoTS
Automated time series forecasting with model search, anomaly detection, and event risk analysis
Io.Github.Houtini Ai/Fanout
Multi-URL comparative content analysis with topical gap detection
Anomaly Alert
Detect anomalous sessions in Claude Code Agent Monitor data.
bb-methodology
Use at the START of any bug bounty hunting session, when switching targets, or when feeling lost about what to do next. Master orchestrator that combines the 5-phase non-linear hunting workflow with the critical thinking framework (developer psychology, anomaly detection, What-If experiments). Routes to all other skills based on current hunting phase. Also use when asking "what should I do next" or "where am I in the process."
Humsana Mcp
Detect developer stress, focus, fatigue from typing. Block dangerous commands when tired.
Promptrejectormcp
Security gateway for AI agents: detects prompt injections, jailbreaks, and common vulnerabilities.
ads-creative-development
How to produce ad creative that converts at performance scale. Hook patterns, format selection, video pacing, variation systems, sequential testing methodology, fatigue detection, brand-voice alignment without conversion dilution, and platform-specific creative norms. Triggers on ad creative, ad design, hook patterns, ad video pacing, creative testing, ad variations, creative refresh, creative fatigue, refresh ad creative, video ads for Meta, TikTok creative, LinkedIn ad creative, ad asset library. Also triggers when a team is producing creative at scale, planning a creative test cycle, or auditing why creative is not converting.
Rug Munch Mcp
Crypto risk intelligence: 19 tools for rug pull detection, AI forensics, and token analysis.
auto-heal
Detect GPU and container failures, automatically remediate by restarting, migrating, or escalating.
Ci1t Mcp
CI-1T prediction stability engine. Detect ghosts, evaluate drift, monitor fleets. 20 tools.
memory-bank
Token-efficient persistent memory system for Claude Code that extends your session limits by 3-5x. Layered architecture with progressive loading, compact encoding, branch-aware context, smart compression, session diffing, conflict detection, session continuation protocol, and recovery mode. Activates at session start (if MEMORY.md exists), on "remember this", "pick up where we left off", "what were we doing", "wrap up", "save progress", "don't forget", "switch context", "hand off", "memory health", "save state", "continue where I left off", "context budget", "how much context left", or any session start on a project with existing memory files. This skill solves two problems at once: Claude forgetting everything between sessions, AND sessions hitting context limits too fast. It replaces thousands of wasted re-explanation tokens with a compact, structured memory load that gives Claude full project context in under 2,000 tokens.
Io.Github.ChesterHsu/Flyto Indexer
Code intelligence MCP server: impact analysis, dependency graphs, dead code detection.
analysing-attack
Analyse Mitre ATT&CK tactics, techniques and sub-techniques. Use when performing analysis of threat detections, threat models, security risks or cyber threat intelligence
Arduino MCP Server
Arduino MCP server for CLI setup, board detection, compile/upload, serial monitoring, and pin refs.
Dep Oracle
Predictive dependency security engine. Trust scores, zombie detection, blast radius analysis.
fireact-builder
Helps customize and extend Fireact SaaS apps after installation. Auto-detects Fireact projects by checking for @fireact.dev/app in package.json. Invoke when the user wants to add features, pages, custom components, navigation, branding, Cloud Functions, or i18n.
pragmatic-clean-code-reviewer
Strict code review following Clean Code, Clean Architecture, and The Pragmatic Programmer principles. Use when: (1) reviewing code or pull requests, (2) detecting code smells or quality issues, (3) auditing architecture decisions, (4) preparing code for merge, (5) refactoring existing code, or (6) checking adherence to SOLID, DRY, YAGNI, KISS principles. Features a 3+4+2 questionnaire system to calibrate strictness from L1 (lab) to L5 (critical). Also triggers on: "is this code good?", "check code quality", "ready to merge?", "technical debt", "code smell", "best practices", "clean up code", "refactor review", "review this PR", "PR review", "code review", "pre-merge check", "code audit", "is this production-ready?", "find bugs", "look at my code", "check for issues".
AgentWatch
Multi-agent observability: cascade failure detection, heartbeats, and forensic replay
shadcn-svelte â Component-Aware Svelte UI Assistant
Use the right shadcn-svelte components when building UI in SvelteKit projects. This skill detects your project setup, shows what's available, and gives you access to full component documentation.
AIGC Detection, Rewriting & Thesis Writing Assistant
Bilingual academic paper assistant. Two modes: **Detection & Rewrite** (analyze existing papers for AI-generated content) and **Thesis Writing** (generate full thesis drafts from templates and code). Supports Chinese and English academic papers.
Tork Governance
AI agent governance for MCP: PII detection, policy enforcement, compliance, and kill switch.
Io.Github.RobelDev/Logclaw Mcp Server
Connect AI coding tools to LogClaw incidents, logs, and anomaly detections.
Mcp Watchdog
MCP security proxy - detects and blocks 40+ MCP attack classes. Zero config.
Io.Github.PyJudge/Pdf4vllm
PDF reader for vision LLMs. Auto-detects text corruption and switches to image mode.
ai-development-guide
Technical decision criteria, anti-pattern detection, debugging techniques, and quality check workflow. Use when making technical decisions, detecting code smells, or performing quality assurance.
dotnet-advisor
Routes .NET/C# requests to the correct domain skill and loads coding standards as baseline for all code paths. Determines whether the task needs API, UI, testing, devops, tooling, or debugging guidance based on prompt analysis and project signals, then invokes skills in the right order. Always invoked after [skill:using-dotnet] detects .NET intent. Do not use for deep API, UI, testing, devops, tooling, or debugging implementation guidance.
secret-scanner
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
IncomeBot Trading Intelligence
Options trading — regime detection, momentum scanning, income screening, and risk simulation.
Api Governance
API governance for AI agents. Detects breaking changes, scores blast radius, blocks unsafe calls.
Io.Github.Rog0x/I18n
Locale detect, translations, plurals for AI agents