The right knowledge,
at the right moment.
Skills are small Markdown workflows the agent loads on demand — code review, debugging, refactoring, and more. Vendor-neutral, following the Agent Skills spec, and synced automatically from GitHub.
dependency-update
v1.0.0
Safely update project dependencies - assess risk, batch by risk level, verify with tests, and produce a clean changelog. Use when the user asks to update dependencies, bump packages, audit outdated deps, or handle a security advisory.
security-audit
v1.0.0
Perform an OWASP-flavored security review focused on input handling, authentication, authorization, secrets, and dependencies. Use when the user asks for a security audit, threat review, vulnerability check, or wants to harden code before release.
threat-modeling
v1.0.0
Model threats before building - map assets, trust boundaries, and attack surfaces, walk STRIDE categories, and rank risks with concrete mitigations. Use when the user designs a new feature or system that handles sensitive data or auth, asks "how could this be abused", or wants a threat model or security design review before implementation.