- 📄 compliance-templates.md
- 📄 SKILL.md
- 📄 standards-reference.md
Use when answering questions about IFRS standards, IAS standards, IASB, financial reporting, revenue recognition, lease accounting, impairment, financial instruments, expected credit loss, ECL, consolidation, business combinations, fair value measurement, first-time adoption, deferred tax, provisions, insurance contracts, journal entries, disclosure requirements, IFRS compliance checks, audit support, GAAP differences, goodwill, or transitioning from local GAAP to IFRS.
- 📄 .gitignore
- 📄 README.md
- 📄 SKILL.md
BML Connect (Bank of Maldives) payment API integration guide. Use this skill whenever the user mentions BML Connect, Bank of Maldives payments, MVR transactions, MobilePay integration, Maldivian payment processing, laari currency, or wants to accept payments in the Maldives. Also trigger when you see BML API keys, `/public/v2/transactions`, `/public-customers`, or any reference to merchants.bankofmaldives.com.mv. Even if the user just says "add payments" or "integrate a payment gateway" in a Maldivian context, this skill applies. --- # BML Connect Integration BML Connect is the Bank of Maldives merchant payment platform — the primary way to accept online payments in the Maldives. This skill contains everything needed to integrate with the BML Connect API. --- ## Authentication Every API call uses a static API key in the Authorization header. No OAuth, no token exchange, no expiry. ```
Comprehensive website and web app audit covering security, UX, performance, accessibility, SEO, compliance, and revenue protection. Use this skill whenever the user asks to audit, review, check, or score a website or web application. Also use when the user says 'full-stack audit', 'UX audit', 'security audit', 'launch checklist', 'is my site ready to launch', 'check my site', 'review my code for issues', 'what did I miss', or any variation of wanting a comprehensive quality review before or after launch. This skill catches the issues that AI-built and vibe-coded sites consistently get wrong: client-side paywalls, exposed database tables, missing security headers, broken mobile layouts, and trust gaps that kill conversion. Triggers even if the user only asks about one area (e.g., 'check my security') because problems compound across categories.
This skill should be used when the user asks to "create api endpoint", "django ninja", "django api", "add endpoint", "rest api django", "ninja router", "api schemas", or mentions API development, endpoint organization, or Pydantic schemas in Django projects. Provides Django Ninja patterns with 1-endpoint-per-file organization. --- # Django Ninja API Development Opinionated Django Ninja patterns with single-endpoint-per-file organization. ## Core Principles 1. **One endpoint = one file** - Each endpoint lives in its own file 2. **Logical grouping** - Endpoints grouped in subpackages by domain 3. **Router per group** - Each group has its own router 4. **Schemas in separate package** - Pydantic models in `schemas/` 5. **Services for logic** - Business logic in services, not endpoints ## API Structure ``` myapp/ ├── api/ │ ├── __init__.py # Main NinjaAPI instance │ ├── users/ │ │ ├── __init__.py # Router: users_router │ │ ├── list.py # GET /users/ │ │ ├── detail.py # GET /users/{id} │ │ ├── create.py # POST /users/ │ │ ├── update.py # PUT /users/{id} │ │ └── delete.py # DELETE /users/{id} │ ├── products/ │ │ ├── __init__.py │ │ ├── list.py │ │ ├── detail.py │ │ └── search.py │ └── auth/ │ ├── __init__.py │ ├── login.py │ ├── logout.py │ └── refresh.py └── schemas/ ├── __init__.py ├── user.py # UserIn, UserOut, UserPatch ├── product.py └── common.py # Pagination, errors ``` ## Main API Setup In `api/__init__.py`: ```python from ninja import NinjaAPI from ninja.security import HttpBearer from .users import router as users_router from .products import router as products_router from .auth import router as auth_router class AuthBearer(HttpBearer): def authenticate(self, request, token): # Token validation logic from ..services.auth import AuthService return AuthService.validate_token(token) api = NinjaAPI( title="My API",
- 📄 accessibility-contrast.md
- 📄 color-conversion.md
- 📄 gamut-and-tailwind.md
OKLCH color space for web projects. Convert hex/rgb/hsl to oklch, generate palettes, check contrast, handle gamut boundaries, and theme with Tailwind v4. Triggers on oklch, color conversion, palette generation, contrast ratio, gamut, display p3, design tokens, hue drift, chroma, dark mode colors.
Analyze Flutter and Dart projects for accessibility issues using conalyz. Use this skill when the user asks to check accessibility, audit widgets, find WCAG issues, or improve accessibility in their Flutter app. Triggers on phrases like "check accessibility", "audit my Flutter app", "find accessibility issues", "WCAG compliance", or any mention of conalyz.
Deep product audit. Brutal honest assessment of what you're building, who for, the biggest strategic gap, and the question you're avoiding. Produces AUDIT.md.
Create and invite a DiscoClaw Discord bot to a server, configure required intents/permissions, and generate/verify local .env settings for DiscoClaw. Use when setting up DiscoClaw for a new user/server, rotating bot tokens, debugging why the bot cannot read messages (Message Content Intent), or when generating an invite URL for a given client ID.
Token allocation and vesting schedule builder. Walks founders through allocation design, vesting schedules, and generates a professional Excel token release schedule with supply/demand simulation chart. Use when a founder says "tokenomics", "allocation", "vesting schedule", "token release", "how do I structure my token supply", or after /why-token.
Full multi-platform paid advertising audit with parallel subagent delegation. Analyzes Google Ads, Meta Ads, LinkedIn Ads, TikTok Ads, and Microsoft Ads accounts. Generates health score per platform and aggregate score. Use when user says "audit", "full ad check", "analyze my ads", "account health check", or "PPC audit". --- # Full Multi-Platform Ads Audit ## Process 1. **Collect account data** — request exports, screenshots, or API access 2. **Detect business type** — analyze account signals per ads orchestrator 3. **Identify active platforms** — determine which platforms are in use 4. **Delegate to subagents** (if available, otherwise run inline sequentially): - `audit-google` — Conversion tracking, wasted spend, structure, keywords, ads, settings (G01-G74) - `audit-meta` — Pixel/CAPI health, creative fatigue, structure, audience (M01-M46) - `audit-creative` — LinkedIn, TikTok, Microsoft creative checks + cross-platform synthesis - `audit-tracking` — LinkedIn, TikTok, Microsoft tracking + cross-platform tracking health - `audit-budget` — LinkedIn, TikTok, Microsoft budget/bidding + cross-platform allocation - `audit-compliance` — All-platform compliance, settings, performance benchmarks 5. **Score** — calculate per-platform and aggregate Ads Health Score (0-100) 6. **Report** — generate prioritized action plan with Quick Wins ## Data Collection Ask the user for available data. Accept any combination: - Google Ads: account export, Change History, Search Terms Report - Meta Ads: Ads Manager export, Events Manager screenshot, EMQ scores - LinkedIn Ads: Campaign Manager export, Insight Tag status - TikTok Ads: Ads Manager export, Pixel/Events API status - Microsoft Ads: account export, UET tag status, import validation results If no exports available, audit from screenshots or manual data entry. ## Scoring Read `ads/references/scoring-system.md` for full algorithm. ### Per-Platform Weights | Platform | Category Weights | |----------|-----------------| | Google | Conve
- 📁 .github/
- 📁 src/
- 📁 tests/
- 📄 .gitignore
- 📄 .npmignore
- 📄 advanced-installation.md
An AI-friendly CLI for Jira designed for maximum efficiency and security. All output is structured JSON — no human-readable formatting, no interactive prompts.
Use when creating or modifying REST API endpoints (Rails controllers, engine routes, API actions). Requires generating or updating an API Collection file (e.g., Postman Collection v2.1) so the new or changed endpoints can be tested. Trigger words: endpoint, API route, controller action, API collection, request collection. --- # REST API Collection Use this skill when you add or change a REST API endpoint so that a compatible collection file is generated or updated for testing in a modern API client. **Core principle:** Every API surface (Rails app or engine) has a single API collection file that stays in sync with its endpoints. All names, descriptions, and variable labels in the collection must be in **English**. ## Quick Reference | Aspect | Rule | |--------|------| | When | Create or update collection when creating or modifying any REST API endpoint (route + controller action) | | Format | Postman Collection JSON v2.1 (`schema` or `info.schema` references v2.1) is a good default standard. | | Location | One file per app or engine, e.g. `docs/api-collections/<app-or-engine-name>.json` or `spec/fixtures/api-collections/` | | Language | All request names, descriptions, and variable names in the collection in **English** | | Per request | method, URL (with variables for base URL), headers (Content-Type, Authorization if needed), body example when applicable | ## HARD-GATE: Generate on Endpoint Change ``` When you create or modify a REST API endpoint (new or changed route and controller action), you MUST also create or update the corresponding API collection file so the flow can be tested. Do not leave the collection missing or outdated.
