Lu1sDV

Use when developing, debugging, deploying, or maintaining any CTFd instance or fork, addressing issues like Docker stack problems, plugin development, CSRF 302 errors, theme customization, database migrations, nginx proxy misconfigurations, SQLAlchemy 1.4 gotchas, pytest test infrastructure, or API 500 responses.

Use when scheduling tasks in Docker environments with Ofelia, configuring job-exec, job-run, job-local, job-service-run via INI files or Docker labels, cron scheduling, overlap prevention, logging to Slack/email/disk, Docker Compose integration, Swarm services, and troubleshooting scheduled container jobs.

Use for designing test strategies, planning test pyramid coverage, evaluating automation, and improving test quality. It's also useful for diagnosing flaky tests, slow suites, or coverage gaps, offering framework-agnostic strategy and automation planning.

Use when the user requests iterative refinement with quality gates, wants to compare multiple approaches, needs repeat passes, or seeks autonomous task completion. Triggers include cook, let it cook, review loop, race approaches, ralph, and iterate until done.

Scans codebases for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. It supports 'run all' and 'important only' scan modes and is triggered by commands like 'run codeql' or 'find vulnerabilities with codeql'.

Use when auditing code for vulnerabilities, assessing change impact, tracing dataflow, finding callers/callees of a function, mapping a refactor's blast radius, hunting sinks across a large codebase, or needing repeatable interprocedural queries over a Code Property Graph.

Use when a technical decision has 2-4 distinct options and the user wants a recommendation, not open-ended exploration. It's ideal for scenarios like 'X vs Y' or 'A or B', and should be skipped for open-ended analysis or questions without a real contest.

Use when building or improving time series forecasting models and the user asks about exogenous variables, calendar features, rolling statistics, cyclical encoding, differencing, or feature scaling — or when forecast accuracy has plateaued and new features may help.

Replicates the Hermes Agent's self-evolving loop, enabling agents to learn from experience through persistent declarative memory, session recall, agent-managed procedural skills, and post-task review for skill creation/patching. Ideal for designing, evaluating, or operating AI agent workflows that need to save durable user/project facts and recall prior conversations.

Use when deploying, configuring, integrating, or troubleshooting GlitchTip, including self-hosted installation, SDK setup, source maps, sentry-cli, uptime monitoring, alerting, environment variables, Docker Compose, Helm, social auth, and migration from Sentry.

Use this skill to audit OAuth 2.0 / OIDC implementations against RFC 9700, review client/authorization-server code, evaluate PKCE/state/redirect-URI handling, harden token exchange/refresh flows, or triage suspected OAuth vulnerabilities.

Use when someone needs to rapidly learn an unfamiliar technical domain under a tight deadline, when previous attempts through books, courses, or unstructured practice have failed, or when bridging a fundamental knowledge gap using an LLM as a private tutor.

Use for geocoding addresses, reverse geocoding coordinates, address autocomplete, or integrating location search with OpenStreetMap data via Photon API (photon.komoot.io).

Use when sink subagents encounter unseen languages or new technique categories requiring fresh, comprehensive research beyond well-known sinks. It orchestrates parallel research swarms with structured JSON citations.

Use this skill to find, browse, or install community skills, or when a required capability might be available as a marketplace skill. It activates with phrases like "find a skill", "search skills", "install skill", "skillsmp", or "marketplace".

Performs web search, content extraction, site crawling, and AI-powered research using the Tavily API. Use for online search results, current events, news, financial data, content from URLs, or multi-topic research with citations.

Use when working with Telethon (Telegram MTProto client) for debugging FloodWaitError, mocking for tests, handling None-as-False boolean fields, entity resolution, rate limiting, session management, or version compatibility issues.

Use for vulnerability research, security auditing, code analysis, bug bounty, CTF, penetration testing, or exploit development. It covers source audit across 30+ attack domains, sink analysis for 12 languages, SAST/DAST integration, vulnerability chaining, and PoC development.

Use when testing for SSRF in web applications, accessing internal services through SSRF, bypassing SSRF filters, auditing applications that fetch user-supplied URLs, or implementing SSRF prevention. Covers blind and non-blind SSRF, cloud metadata exploitation, protocol smuggling, and defense strategies.

Use for research, audit, or investigation tasks requiring multi-source coverage, such as security research, codebase audits, framework deep-dives, or market comparisons. This skill is ideal for requests needing exhaustive or comprehensive analysis over a long horizon.

Use when building, configuring, deploying, or troubleshooting ZeroClaw AI agent infrastructure, including provider setup, channel binding, memory backends, config.toml authoring, CLI usage, Docker/native runtime, and migration from other agent frameworks.

Use when improving Lighthouse scores, reducing page load times, debugging performance bottlenecks, optimizing Core Web Vitals for SEO, or implementing modern browser performance APIs like View Transitions and Speculation Rules.

This skill is used for directing LLM coding agents on substantial development tasks, such as establishing executable oracles or constraining output quality. It also helps systematically correct recurring quality or architecture issues in LLM-generated code.