Skills your agents can run

Expert guidance on secure coding practices, focusing on preventing common security errors made by AI during code generation. Use for: auditing AI-generated code, implementing secure design patterns, and ensuring code follows OWASP Top 10 standards. Covers input validation, authentication, cryptography, file handling, secure configuration, and business logic security.

Comprehensive guide to prevent unmaintainable code, especially from AI generation. Covers code duplication, documentation, error handling, naming conventions, architecture, performance, dependencies, modularity, testing, and technical debt prevention. Essential for code reviews and ensuring long-term code health.

Unity Editor automation via a REST API. Use when users want to create, modify, or manage GameObjects, components, scenes, materials, prefabs, lights, UI elements, or any Unity Editor operations. Triggers on: Unity, GameObject, prefab, scene, material, component, animator, shader, UI canvas, lighting setup, asset import, play mode, editor automation.

Review generated code for style, security, and architecture issues; suggest refactorings and performance improvements. Use after implementation is complete, before merging changes, or when refactoring existing code. Follows OWASP guidelines, SOLID principles, and best practices for maintainable code.

Expert-level Verilog and SystemVerilog knowledge following the IEEE 1800 standard. Generates synthesizable RTL code using synthesis-friendly coding styles and constructs.

Use when you have lint errors, formatting issues, or before committing code to ensure it passes CI.

Profile and optimize Python code using cProfile, memory profilers, and performance best practices. Use when debugging slow Python code, optimizing bottlenecks, or improving application performance.

Clean AI-generated code slop with a regression-safe, deletion-first workflow and optional reviewer-only mode

Keep project documentation (.agents/project-index.md and sub-skills) in sync with codebase changes.

Build high-performance async APIs with FastAPI, SQLAlchemy 2.0, and Pydantic v2. Master microservices, WebSockets, and modern Python async patterns.

Use when building Go applications requiring concurrent programming, microservices architecture, or high-performance systems. Invoke for goroutines, channels, Go generics, gRPC integration.

Generate comprehensive, maintainable unit tests across languages with strong coverage and edge case focus.

Use this skill whenever writing, debugging, or reviewing Frida instrumentation scripts targeting iOS ARM64 or Android. Triggers include: any mention of 'Frida', 'dynamic instrumentation', 'hooking', 'Interceptor', 'Stalker', 'ObjC bridge', 'Java bridge', 'frida-server', 'frida-gadget', 'NativeFunction', or requests to hook/trace/patch native or managed functions at runtime. Also use when bypassing SSL pinning, root detection, anti-cheat systems, or Frida self-detection. Apply for both JavaScript and TypeScript agents targeting frida-tools 14+ and Frida 17.x. Do NOT use for static binary analysis (use radare2/Ghidra skills instead), build-time patching, or non-Frida instrumentation frameworks.

Hexagonal Architecture (Ports and Adapters pattern), separation of boundaries, and management of external dependencies.

You are a code refactoring expert specializing in Clean Code principles, SOLID design patterns, and modern software engineering best practices. Analyze and refactor the provided code to improve its...

Delegate coding tasks to OpenCode AI coding agent. Two modes: (1) Remote Client - user watches and controls a remote OpenCode session, (2) 10x Coding - OpenClaw uses oh-my-opencode's Sisyphus orchestration for superior coding. For big features, refactors, multi-file changes. NOT for: one-liner fixes, reading code, work in ~/clawd workspace. Requires PTY.

Godot Engine integration skill for GDScript/C# development, scene composition, node management, and editor automation. Enables LLMs to interact with the Godot Editor through MCP servers for asset manipulation, script generation, and automated workflows.

Guide for initializing and consolidating Daem0n-MCP across project structures

Comprehensive code review skill for TypeScript, JavaScript, Python, Swift, Kotlin, and Go. Includes automated code analysis, best-practice checks, security scanning (dependency and SAST/OWASP checks), complexity and style assessments, and generation of review checklists. Use when reviewing pull requests, providing inline code feedback, identifying issues, or ensuring code quality and security standards.

Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.