CtrlK
BlogDocsLog inGet started
Tessl Logo

Discover

Discover and install skills, docs, and rules to enhance your AI agent's capabilities.

AllSkillsDocsRules
NameContainsScore

disk-forensics

briiirussell/cybersecurity-skills

Analyze disk images, file systems, and memory captures for digital evidence recovery in forensic investigations and CTF challenges. Use when the user mentions 'disk forensics,' 'forensic analysis,' 'disk image,' 'file carving,' 'deleted files,' 'evidence recovery,' 'timeline analysis,' 'memory forensics,' 'volatility,' 'autopsy,' 'sleuthkit,' 'plaso,' 'log2timeline,' 'artifact analysis,' 'chain of custody,' or needs to examine a forensic image.

Skills

72

meteor/meteor

Use when bumping Meteor package versions for beta, RC, or official releases. Covers the two version schemes (meteor-tool vs all other packages), the update-semver automation tool, manual files the tool does not handle, and the full lifecycle from beta through official release. Applies to packages/*/package.js, scripts/admin/, npm-packages/meteor-installer/, and .meteor/versions in test apps.

Skills

72

meteor/meteor

Use when creating, updating, or maintaining AI documentation files (AGENTS.md, CLAUDE.md, skills). Covers file structure, conventions, and guidelines for evolving AI context.

Skills

72

meteor/meteor

Use for writing, reviewing, editing, or generating Meteor release changelog entries. Defines canonical file locations, naming rules, required section structure, formatting conventions, PR-based generation workflow (with gh CLI and web fallback), incremental updates, and common entry patterns. Applies to files under v3-docs/docs/generators/changelog/versions/.

Skills

72

endorlabs/skills-ideas

Scan a repository's GitHub Actions workflows for insecure patterns and vulnerable third-party action versions using Endor Labs. Use when the user says "scan GitHub Actions", "workflow security", "endor ghactions", "insecure CI workflow", "vulnerable action version", "harden my GHA workflows", or focuses on `.github/workflows` without asking for a full dependency or secrets scan. Do NOT use for combined supply chain reports (/endor-supply-chain), generic quick scans (/endor-scan), adding Endor to pipelines (/endor-cicd), or dependency-only checks (/endor-check).

Skills

72

endorlabs/skills-ideas

Assess supply chain risk for your repository by scanning dependencies, secrets, and GitHub Actions workflows using Endor Labs. Use when the user says "supply chain risk", "supply chain assessment", "assess my supply chain", "endor supply chain", "third-party risk", "software supply chain", or wants a combined view of dependency vulnerabilities, leaked secrets, and CI/CD pipeline risks. Do NOT use for GitHub Actions workflows only (/endor-ghactions), code-level SAST scanning (/endor-sast), single package checks (/endor-check), or full reachability analysis (/endor-scan-full).

Skills

72

endorlabs/skills-ideas

Scan for exposed secrets, credentials, API keys, and sensitive data in your codebase. Use when the user says "find secrets", "scan for API keys", "exposed credentials", "endor secrets", "check for hardcoded passwords", pre-commit / staged-only secret checks, or suspects leaked tokens in code. Detects AWS keys, GitHub tokens, Stripe keys, private keys, and more. Do NOT use for code vulnerability scanning (/endor-sast) or dependency checks (/endor-sca).

Skills

72

endorlabs/skills-ideas

Remediate security vulnerabilities by finding safe upgrade paths. Use when the user says "fix this vulnerability", "how do I fix CVE-XXXX", "remediate this finding", "patch this vuln", "endor fix", or wants step-by-step fix instructions for a specific CVE, finding, or vulnerable package. Can apply fixes automatically. Do NOT use for general scanning (/endor-scan) or just viewing vulnerability info (/endor-explain).

Skills

72

endorlabs/skills-ideas

Onboarding wizard for Endor Labs. Guides users through prerequisites, MCP server configuration, authentication, namespace setup, and running their first scan. Use when the user says "endor setup", "configure endor", "endor auth", "set up endor", "install endor", "endor onboarding", or when any MCP tool fails with an auth or namespace error. Do NOT use when the user already has a working setup — route to specific skills instead.

Skills

72

endorlabs/skills-ideas

Comprehensive security scan with full reachability analysis. Builds call graphs to determine which vulnerabilities are actually exploitable in your code. Use when the user says "full scan", "deep scan", "reachability scan", "which vulns are actually reachable", "endor scan full", or before a release. Takes 2-5 minutes. Do NOT use for quick daily scans (/endor-scan) or checking individual packages (/endor-check).

Skills

72

helium/helium-release-proposals

Record the result of a Helium Release Proposal community vote. Updates the HRP status to Approved (or back to Proposed if the vote failed), adds the vote URL, and updates the README with the result. Use when the user says "the vote passed", "record the vote result", "close the vote", "the vote is done", "update the HRP with the vote result", or mentions a heliumvote.com URL for an HRP. Also handles cancelling a vote that never started (reverting Frozen back to Proposed).

Skills

72

helium/helium-release-proposals

Start the voting process for a Helium Release Proposal. Creates the vote summary gist, opens a PR against helium/helium-vote, and updates the HRP status to Frozen. Use when the user says "open voting", "start the vote", "create the vote", "put it to vote", "kick off voting", or it's time to submit an HRP for community vote.

Skills

72

helium/helium-release-proposals

Review a Helium Release Proposal PR or release file for quality, completeness, and consistency. Use this skill whenever the user mentions reviewing an HRP, checking if a release is ready, validating a release file, or asks "is this ready to merge". Also triggers for "check the HRP", "lint the release", "review the proposal", or "look at this PR".

Skills

72

endorlabs/skills-ideas

Get detailed information about a specific CVE or security finding. Use when the user says "what is CVE-2024-XXXXX", "explain this vulnerability", "tell me about GHSA-...", "endor explain", "finding details", or wants to understand severity, impact, attack vectors, and affected versions for a specific issue. Do NOT use for fixing a vuln (/endor-fix) or listing all findings (/endor-findings).

Skills

72

endorlabs/skills-ideas

Pre-PR security review of your current branch or git diff. Use when the user says "review my changes", "ready to merge", "pre-PR check", "security review before PR", "endor review", or is about to create a pull request. Runs dependency checks, SAST, secrets detection, and license compliance as a security gate. Do NOT use for scanning repos outside the current branch (/endor-scan) or checking individual packages (/endor-check).

Skills

72

endorlabs/skills-ideas

Validate an Endor Labs policy against a project to test if it matches any findings. Use when the user says "validate policy", "test policy", "does this policy match", "endor validate", "check policy against project", or wants to verify that a policy (finding or exception) correctly targets findings in a specific project before enforcing it. Do NOT use for creating policies (/endor-policy) or viewing findings (/endor-findings).

Skills

72

endorlabs/skills-ideas

Troubleshoot Endor Labs scan errors and failures. Use when the user says "scan failed", "why did the scan fail", "endor troubleshoot", "fix scan error", "diagnose error", or pastes an error message from a failed scan. Matches errors against known patterns across NPM, Maven, PyPI, Go, Cargo, NuGet, RubyGems, and Packagist. Do NOT use for setup issues (/endor-setup) or general scanning (/endor-scan).

Skills

72

freekmurze/dotfiles

Create, schedule, and manage social media posts via Typefully. ALWAYS use this skill when asked to draft, schedule, post, or check tweets, posts, threads, or social media content for Twitter/X, LinkedIn, Threads, Bluesky, or Mastodon.

Skills

72

headout/pm-os-marketplace

The Prototype Builder specialist for Headout's PM OS. Use this skill whenever a product change involves a user-facing experience update — a new flow, a redesigned page, a new component, a changed interaction — and the PM or team needs to visualize what it should look and feel like before writing a full spec or handing to design. Two sequenced modes: MODE A — Journey Map (annotated user journey: every screen state, decision point, edge case, interaction). MODE B — HTML Prototype (working, clickable prototype from the journey map). Always run A before B. Trigger for: "what should this flow look like", "mock up the UX", "I want to see how this works before writing the spec", "build a prototype of X", "walk me through the user journey", "something to show the design team", or any feature involving a user-facing experience change.

Skills

72

headout/pm-os-marketplace

The Implementation Planner specialist for Headout's PM OS. Use this skill to convert an approved PRD and design into a detailed, engineer-ready (and coding-agent-ready) implementation plan. It produces a structured task breakdown with clear sequencing, per-task acceptance criteria, API contracts, state transitions, dependencies, and rollout strategy. The output of this skill is designed to be directly usable by Cursor (or any AI coding agent) as the authoritative source of truth for what to build and in what order. Trigger this skill when a PM says "write the implementation plan for this", "break this into engineering tasks", "create the tech breakdown", "what's the build plan", "prepare this for engineering handoff", or when a spec has passed L1 review and is ready for engineering pickup. The Implementation Planner requires a spec (ideally post-L1 review) as input. It can also incorporate a prototype and data insights brief if available.

Skills

72

Can't find what you're looking for? Evaluate a missing skill.