Catalog
Every x402, MPP, MCP, and skill listing we've indexed, normalized, and enriched.
gitlab
GitLab issues, merge requests, repositories, CI pipelines, and code search via the glab CLI. Use when the user mentions GitLab, an MR/issue number, a project on gitlab.com, or a self-hosted GitLab instance.
github
GitHub issues, pull requests, repos, code search, and Actions via the gh CLI. Use when the user mentions GitHub, an issue/PR number, a repo, a commit, or code review.
flux-image
Generate and edit images with Flux (Black Forest Labs) via AceDataCloud API. Use when creating images from text prompts, editing existing images with text instructions, or when high-quality image generation is needed. Supports multiple Flux models including dev, pro, ultra, and k
fish-audio
Generate AI audio and synthesize voices with Fish Audio via AceDataCloud API. Use when creating text-to-speech audio, synthesizing voices, or generating audio content. Supports multiple voice models and TTS capabilities.
face-transform
Analyze and transform faces via AceDataCloud API. Use when detecting face keypoints, beautifying portraits, aging/de-aging faces, swapping genders, replacing faces between photos, creating cartoon avatars, or detecting liveness. Provides 7 specialized face APIs.
ai-chat
Access 50+ LLM models through a unified OpenAI-compatible API via AceDataCloud. Use when you need chat completions from GPT, Claude, Gemini, Kimi, Grok, or other models through a single endpoint. Supports streaming, function calling, and vision.
acedatacloud-api
Guide for using AceDataCloud APIs. Use when authenticating, making API calls, managing credentials, understanding billing, or integrating AceDataCloud services into applications. Covers setup, authentication, request patterns, error handling, and SDK integration.
line-locator
Định vị dòng trước khi đọc file hoặc tìm file trong cây thư mục — tránh đọc mù, tiết kiệm token. Dùng khi cần tìm hàm, class, symbol, hoặc bất kỳ pattern nào trong source code trước khi gọi view_range. Hai công cụ: findtree.py (tìm file nào có chứa pattern) và findtool.py (tìm dò
aws-discover
Discover AWS infrastructure and save to JSON. Use when user asks to "discover AWS", "explore AWS account", "scan AWS infrastructure", or "create infrastructure JSON".
aws-diagram
Generate AWS architecture diagrams from infrastructure JSON. Use when user asks to "generate diagram", "create AWS diagram", "visualize infrastructure", or "draw architecture".
terminal-pty-audit
Use this skill to audit terminal, PTY, shell session, container exec, and WebSocket terminal backends. Do not use it for unrelated frontend UI review.
smart-contract-audit
Use this skill to audit Solidity, Vyper, EVM, DeFi, oracle, accounting, reentrancy, and upgradeability risks. Do not use it for legal contract review.
secrets-logging-privacy-audit
Use this skill to audit secrets, PII, logs, traces, metrics, debug endpoints, and error responses. Do not use it for general performance review.
rag-ai-app-security-audit
Use this skill to audit RAG and AI application security, including retrieval boundaries, prompt injection, citations, memory, and data exposure. Do not use it as a scanner or exploit runner.
pr-security-review
Use this skill to review a PR or diff for security regressions. Do not use it for full-repository audits or legal contract review.
llm-agent-tooling-audit
Use this skill to audit LLM agents, tool calling, MCP integrations, prompt injection, data exfiltration, and tool permissions. Do not use it for ordinary backend authz unless agent/tooling is involved.
incident-to-prompt
Use this skill to convert a security incident or public vulnerability pattern into reusable audit prompts, checklists, tests, and AGENTS.md rules. Do not use it to generate exploit instructions.
fix-selected-security-findings
Use this skill only when the user explicitly selects security finding IDs to fix. Do not use it to fix all findings or perform broad refactors.
ci-cd-supply-chain-audit
Use this skill to audit CI/CD workflows, dependencies, build scripts, releases, artifacts, and package publishing. Do not use it for runtime application authz review.
backend-authz-audit
Use this skill to audit backend authorization, IDOR, ownership checks, and tenant isolation. Do not use it for smart contracts or legal contract review.
verify-when-complete
Run format, lint, build, and test verification before claiming work is complete. Detects the project toolchain (Taskfile, Makefile, or raw Go) and runs the appropriate commands. Use before committing, pushing, creating PRs, claiming a fix works, or any completion assertion.
ship-it
End-to-end shipping workflow. Formats, lints, tests, creates a changelog entry, commits with conventional commits, pushes, updates PR description, and suggests reviewers. Use when the user says "ship it", "commit and push", "fmt lint test commit push", or similar shipping command