Build unsigned DeFi transactions from natural language. Use when the user wants to send, transfer, swap, stake, unstake, wrap, unwrap, supply, withdraw, borrow, repay, deposit, delegate, add liquidity, remove liquidity, or trade yield tokens on-chain. Covers ETH, ERC-20, ERC-721, Aave, Lido, Uniswap, Curve, Compound, MakerDAO, Rocket Pool, EigenLayer, Balancer, Pendle, and WETH.
Token-optimized prompt compression techniques for reducing LLM instruction size while preserving or improving quality
Azure上にデプロイされたリソースのセキュリティ構成を評価し、Azure Security Benchmark v3およびCIS Benchmarksに準拠しているかを検証する。 IAM、ネットワークセキュリティ、データ暗号化、Defender for Cloud、ログ監視、Azure Policyを確認する。 「Azureのセキュリティ監査」「クラウドセキュリティ監査」「Azure監査」「IAM監査」「NSG監査」等のキーワードで使用する。 --- # Azureクラウド セキュリティレビュー ## 目的 Azure上にデプロイされたリソースのセキュリティ構成を評価し、Azure Security Benchmark v3およびCIS Benchmarksに準拠しているかを検証する。 ## 前提条件 - Azure CLIがインストールされ、対象サブスクリプションにログイン済みであること - 対象リソースグループへの読み取り権限(Reader以上)を持っていること ## 作業指示 1. **Azure環境の全体把握を行う** - 以下のコマンドでリソースの全体像を確認する: ```bash # サブスクリプション一覧 az account list --output table # リソースグループ一覧 az group list --output table # リソース一覧 az resource list --resource-group <rg-name> --output table ``` 2. **IAM(Identity and Access Management)を検証する** - 以下を確認する: ```bash # ロール割り当ての確認 az role assignment list --all --output table # カスタムロールの確認 az role definition list --custom-role-only true --output table ``` - 検証項目: - マネージドID(Managed Identity)が使用されているか - サービスプリンシパルにパスワード認証ではなく証明書認証が使用されているか - 最小権限の原則が適用されているか(Owner権限の付与が最小限か) - ゲストユーザのアクセスが適切に制限されているか - Privileged Identity Management(PIM)が有効化されているか 3. **ネットワークセキュリティを検証する** - 以下を確認する: ```bash # NSGルールの確認 az network nsg list --output table az network nsg rule list --nsg-name <nsg-name> --resource-group <rg-name> --output table # パブリックIPの確認 az network public-ip list --output table # VNet構成の確認 az network vnet list --output table ``` - 検証項目: - 不要なインバウンドルール(0.0.0.0/0からのSSH/RDP)がないか - プライベートエンドポイントが使用されているか - WAF(Web Application Firewall)が適用されているか - DDoS Protection が有効化されているか 4. **データ保護・暗号化を検証する** - 以下を確認する: ```bash # Key Vaultの確認 az keyvault list --output table az keyvault show --name <vault-name> # ストレージアカウントの確認 az storage account list --output table az storage account show --name <account-name> --query "{httpsOnly:enableHttpsTrafficOnly,minimumTlsVersion:minimumTlsVersion,publicAccess:allowBlobPublicAccess}" ``` - 検証項目: - ストレージアカウントのパブリックアクセスが無効化されているか - HTTPSのみの通信が強制されているか - TLS 1.2以上が最小バージョンとして設定されているか - Key Vaultでシークレットが管理されているか - Key Vaultのソフト削除と消去保護が有効化されているか 5. **Mi
WCAG 2.1 AA compliance audit plus Universal Design for Learning (UDL 3.0) enhancement review for course designs. Two-tier output: "Must Fix" for accessibility violations and "Should Improve" for UDL recommendations. Works standalone or reads from the idstack project manifest. (idstack)
Fetch, scrape, or download football data from any source. Also handles API key setup and credential management. Use when the user wants to get data from StatsBomb, Opta, FBref, Understat, SportMonks, Wyscout, Kaggle, or any football data source. Also use when they ask about API keys, authentication, setting up access to a provider, or what data is available free vs paid.
Claude Code Manager — manage accounts, sessions, environments, and optimize token usage. Use when the user mentions switching Claude accounts, cleaning up sessions, environment snapshots, disk usage, token optimization, Claude Code health check, orphaned sessions, orphaned processes, tmp files, MCP audit, project bindings, session search, token usage history, account reorder, profiles, isolated, concurrent sessions, watch, rate limit, auto-switch, dashboard, session archive, setup wizard, recover, usage dashboard, usage compare, claudeignore, permission rules, statusline, status bar, or says "ccm", "doctor", "clean cache", "clean tmp", "session list", "session search", "env snapshot", "bind", "unbind", "reorder", "usage history", "init", "permissions audit", "statusline", "ccm watch", "ccm profiles", "ccm setup", "ccm recover".
iOS 26 / iPadOS 26 Liquid Glass design system for web and app development. Exact design tokens, component specs, layout patterns, and animation parameters from Apple's official Figma Community Kit.
Use when user wants to audit long-term memory for stale, incorrect, outdated, or duplicate entries, or correct memory entries based on new information
Guide for implementing web accessibility (WCAG). Use when designing UI components, reviewing interfaces for accessibility, or ensuring compliance with W3C WAI standards.
Accessibility audit: WCAG 2.1 AA — forms, icons, HTMX, Alpine, semantic HTML
Audit an existing repository or paper-code release for open-source hardening gaps across correctness, maintainability, testability, security, performance, observability, and documentation. Use when the user says "audit this repo", "harden this project", "open source readiness", or wants a prioritized file-level report before changing code.
Detect whether stolen credentials were used and rotate them after a supply chain attack or security incident. Use this skill when credentials may have been exfiltrated and the user needs to determine if they were abused, rotate compromised credentials, or verify rotation completeness. Trigger when users ask about checking cloud audit logs after a compromise, detecting unauthorized credential use, finding lateral movement from stolen tokens, rotating credentials after an incident, auditing API key usage, or verifying that credential rotation was complete. Also trigger when an ecosystem-specific skill (pypi-supply-chain-response, npm-supply-chain-response, github-actions-supply-chain-response) hands off credential rotation to this skill. Works as a follow-up to any incident response skill or standalone for credential-focused incidents.
skill-sample/ ├─ SKILL.md ⭐ Required: skill entry doc (purpose / usage / examples / deps) ├─ manifest.sample.json ⭐ Recommended: machine-readable metadata (index / validation / autofill) ├─ LICENSE.sample ⭐ Recommended: license & scope (open source / restriction / commercial) ├─ scripts/ │ └─ example-run.py ✅ Runnable example script for quick verification ├─ assets/ │ ├─ example-formatting-guide.md 🧩 Output conventions: layout / structure / style │ └─ example-template.tex 🧩 Templates: quickly generate standardized output └─ references/ 🧩 Knowledge base: methods / guides / best practices ├─ example-ref-structure.md 🧩 Structure reference ├─ example-ref-analysis.md 🧩 Analysis reference └─ example-ref-visuals.md 🧩 Visual reference
More Agent Skills specs Anthropic docs: https://agentskills.io/home
├─ ⭐ Required: YAML Frontmatter (must be at top) │ ├─ ⭐ name : unique skill name, follow naming convention │ └─ ⭐ description : include trigger keywords for matching │ ├─ ✅ Optional: Frontmatter extension fields │ ├─ ✅ license : license identifier │ ├─ ✅ compatibility : runtime constraints when needed │ ├─ ✅ metadata : key-value fields (author/version/source_url...) │ └─ 🧩 allowed-tools : tool whitelist (experimental) │ └─ ✅ Recommended: Markdown body (progressive disclosure) ├─ ✅ Overview / Purpose ├─ ✅ When to use ├─ ✅ Step-by-step ├─ ✅ Inputs / Outputs ├─ ✅ Examples ├─ 🧩 Files & References ├─ 🧩 Edge cases ├─ 🧩 Troubleshooting └─ 🧩 Safety notes
Skill files are scattered across GitHub and communities, difficult to search, and hard to evaluate. SkillWink organizes open-source skills into a searchable, filterable library you can directly download and use.
We provide keyword search, version updates, multi-metric ranking (downloads / likes / comments / updates), and open SKILL.md standards. You can also discuss usage and improvements on skill detail pages.
Quick Start:
Import/download skills (.zip/.skill), then place locally:
~/.claude/skills/ (Claude Code)
~/.codex/skills/ (Codex CLI)
One SKILL.md can be reused across tools.
Everything you need to know: what skills are, how they work, how to find/import them, and how to contribute.
A skill is a reusable capability package, usually including SKILL.md (purpose/IO/how-to) and optional scripts/templates/examples.
Think of it as a plugin playbook + resource bundle for AI assistants/toolchains.
Skills use progressive disclosure: load brief metadata first, load full docs only when needed, then execute by guidance.
This keeps agents lightweight while preserving enough context for complex tasks.
Use these three together:
Note: file size for all methods should be within 10MB.
Typical paths (may vary by local setup):
One SKILL.md can usually be reused across tools.
Yes. Most skills are standardized docs + assets, so they can be reused where format is supported.
Example: retrieval + writing + automation scripts as one workflow.
Some skills come from public GitHub repositories and some are uploaded by SkillWink creators. Always review code before installing and own your security decisions.
Most common reasons:
We try to avoid that. Use ranking + comments to surface better skills:
