Agent Skills Hub

worker

Autonomous agent for ticket-driven development, managing the full software lifecycle from polling providers to automated PR creation with ERNE standard validation.

semgrep

Run Semgrep static analysis scans on codebases using parallel subagents, multi-language detection, and Pro-enabled cross-file taint tracking.

xss-testing

Automated security skill for identifying and validating XSS vulnerabilities, including Reflected, Stored, and DOM-based attacks across various contexts.

quality

Expert code reviewer for Rust projects. Performs comprehensive quality, security, performance, and architectural analysis using Bazel and project-specific conventions.

sarif-parsing

Parses and processes SARIF files from static analysis tools. Enables aggregation, deduplication, filtering, and CI/CD integration of scan results.

solana-vulnerability-scanner

Scans Solana programs (native/Anchor) for 6 critical vulnerabilities, including arbitrary CPI, improper PDA validation, and missing ownership checks, providing detailed fix recommendations.

file-search

Search codebases efficiently using ripgrep for lightning-fast text patterns and ast-grep for precise, syntax-aware structural code analysis.

supabase-extract-anon-key

Extracts Supabase anonymous API keys from client-side source code to facilitate RLS testing and security auditing.

pr-reviewer

Automated GitHub PR review agent for code quality, security analysis, and standard compliance using gh CLI.

react-doctor

Analyze and audit React projects for security, performance, correctness, and architecture issues with actionable diagnostics and scoring.

repo-analyzer

Analyze GitHub repository structure, documentation, dependencies, and contributor patterns for codebase health and development insights.

codebase-inspection

Analyze codebase statistics: LOC, language distribution, and code-to-comment ratios using pygount.