Claude Skills

This skill enables Claude to detect SQL injection vulnerabilities in code by using a dedicated plugin to analyze codebases. It identifies potential SQLi flaws and provides remediation guidance, triggered by phrases like "detect SQL injection" or "scan for SQLi." Use it when you need to check code for SQL injection risks and receive actionable security recommendations.

This skill enables Claude to detect SQL injection vulnerabilities in code using a dedicated plugin to analyze codebases and identify flaws. It provides remediation guidance and is triggered by requests to scan for SQLi or check code for injection risks. Use it to proactively find and fix these security vulnerabilities in your applications.

This skill automates SOC2 audit preparation by gathering evidence, generating reports, and identifying compliance gaps using the soc2-audit-helper plugin. It's designed for use when developers request help with audit preparation, compliance checks, or security controls. The tool streamlines initial compliance stages through automated data collection and preliminary analysis.

This skill automates SOC2 audit preparation by using a dedicated plugin to gather evidence, generate reports, and identify compliance gaps. It's triggered by terms like "SOC2 audit" or "evidence gathering" and streamlines initial compliance tasks. Developers can use it for automated data collection and preliminary analysis of security controls.

This skill helps developers manage snapshot test failures by intelligently analyzing diffs to distinguish intentional changes from regressions. It allows selective snapshot updates across Jest, Vitest, Playwright, and Storybook frameworks. Use it when encountering snapshot test failures or when you need to update snapshots after intentional code changes.

This skill helps developers manage snapshot test failures by intelligently analyzing diffs and selectively updating snapshots across Jest, Vitest, Playwright, and Storybook. It distinguishes intentional changes from regressions to maintain test integrity. Use it when handling snapshot failures, updates, or by triggering the `/snapshot-manager` command.

This skill executes a pre-defined suite of smoke tests to verify critical application functionality like system health, authentication, and core features. It is designed for use after deployments, upgrades, or significant configuration changes to ensure the application is operational. Developers can trigger it using the terms "smoke test" or "st".

This skill runs a suite of smoke tests to verify critical application functionality like system health, authentication, and core features. It's designed for use after deployments or significant changes to ensure the application is operational. Developers can trigger it using the `/smoke-test` or `/st` command for a fast pass/fail assessment.

This skill enables Claude to define, track, and analyze service reliability metrics like SLAs, SLIs, and SLOs. Use it when discussing error budgets or needing to establish and monitor service performance targets. It helps developers set key metrics, define objectives, and proactively track performance against them.

The Version Bumper skill automatically increments semantic versions in plugin.json and marketplace catalog files when triggered by keywords like "bump version" or "release." It ensures version consistency across the repository by handling MAJOR, MINOR, and PATCH updates according to semantic versioning rules. Use this skill to streamline the release process for Claude Code plugins.

This Claude skill automatically validates Claude Code plugins against repository standards when triggered by keywords like "validate plugin" or "check plugin." It performs comprehensive checks on plugin structure, JSON schemas, required files, and compliance requirements. Developers should use it to ensure their plugins meet all specifications before submission or debugging.

This Claude Skill automatically scaffolds new Claude Code plugins with proper structure and marketplace integration when triggered by phrases like "create plugin" or "plugin from template." It handles the complete setup process including directory creation, file generation, and catalog updates specifically for the claude-code-plugins repository workflow. Developers should use it to quickly generate validated plugin templates with all required components.

Plugin Auditor automatically reviews Claude Code plugins for security vulnerabilities, best practices, and compliance with repository standards. It triggers when users mention audit, security review, or best practices checks, scanning for issues like hardcoded secrets and dangerous commands. This tool uses Read, Grep, and Bash to perform its automated code audits.

This Claude Skill automatically manages the claude-code-plugins two-catalog system, handling updates and syncing between `marketplace.extended.json` and `marketplace.json`. It triggers on keywords like "update marketplace" or "sync catalog" to maintain catalog integrity and plugin distribution. Use it for automated catalog management within the Claude Code environment.

The Version Bumper skill automatically updates semantic versions across `plugin.json` and marketplace catalog files when triggered by keywords like "bump version" or "release." It ensures version consistency in the claude-code-plugins repository by handling MAJOR, MINOR, and PATCH increments according to semantic versioning rules. Use this skill to streamline the release process and maintain synchronized versioning.

This skill automatically validates Claude Code plugins against repository standards when triggered by keywords like "validate plugin" or "check plugin." It performs comprehensive checks on plugin structure, JSON schemas, frontmatter, permissions, and security compliance. Developers should use it to ensure their plugins meet all requirements before submission or debugging.

This skill automatically scaffolds new Claude Code plugins with complete directory structure and marketplace integration when triggered by phrases like "create plugin" or "plugin from template." It gathers requirements like plugin name, category, and type, then generates all necessary files specifically for the claude-code-plugins repository workflow.

Plugin Auditor automatically reviews Claude Code plugins for security vulnerabilities, best practices, and compliance with repository standards. It triggers when users mention audit, security review, or best practices checks, scanning for issues like hardcoded secrets and dangerous commands. This skill uses Read, Grep, and Bash tools to perform its automated analysis.

This Claude skill automatically manages the claude-code-plugins marketplace catalog by handling updates, syncing between the source `marketplace.extended.json` and the generated `marketplace.json`, and distributing plugins. It triggers when users mention marketplace updates, catalog syncs, or adding plugins. Use it to maintain catalog integrity within the two-catalog system.

This skill audits session management code to identify vulnerabilities like insecure session IDs or insufficient expiration. Use it when reviewing session security implementations or best practices in your codebase. It leverages the session-security-checker plugin to automatically analyze and flag potential security issues.

MoAI Worktree is a Git worktree management skill for developers working on parallel SPEC projects, creating isolated workspaces to prevent conflicts. It automatically registers new worktrees and integrates with the MoAI-ADK for seamless development. Use this skill when you need to develop multiple specifications concurrently without the overhead of context switching.

wacli is a command-line tool that enables WhatsApp messaging, search, and synchronization via the WhatsApp Web protocol. It's primarily used within Clawdis workflows for automated handling but can be called directly to send messages, sync chats, or query history. Key features include QR-based authentication, continuous background syncing, and the ability to send both text and files.

The video-frames skill extracts individual frames or short clips from videos using ffmpeg. It's useful for creating thumbnails, inspecting video content at specific timestamps, or generating crisp UI frames. Developers can quickly extract frames at precise times using simple CLI commands with JPG or PNG output options.

This CLI tool summarizes web URLs, local files (including PDFs, images, audio), and YouTube links using various AI models. Developers can use it for quick content extraction by setting provider API keys and adjusting output length. It defaults to Google's Gemini model and is installed via Homebrew.