Labsco

Agent Skills

Instruction packs that give your AI agent know-how. Three different kinds — pick the right one below.

n8n-io · Development

1,311 standalone skills
bitwarden logo

starting-breakdown

121

by bitwarden

Sets up a new Bitwarden Tech Breakdown in the bitwarden/tech-breakdowns repo. Creates a per-breakdown folder (`<team>/<JIRA-KEY>-<short-slug>/`) containing `breakdown.md` from the template, so the future `tasks.md` and any specification artifacts can live alongside it. Use when a team is creating a new breakdown — triggered by phrasings such as "start a tech breakdown", "create a new breakdown for X", "set up the breakdown file", "spin up a breakdown".

bitwarden logo

work-breakdown

121

by bitwarden

Break down features and requirements into actionable, implementable tasks with clear scope and acceptance criteria. Use when planning implementation, organizing complex work, or creating task lists. Trigger phrases: "break down tasks", "create work plan", "organize implementation", "plan development". This skill works best when preceded by `requirements-elicitation` skill use.

bitwarden logo

threat-modeling

121

by bitwarden

This skill should be used when the user asks to "create a threat model", "define security goals", "generate a data flow diagram", "write security definitions", "perform an initial security assessment", or needs to produce threat model artifacts for new features or architecture changes.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

perform-security-review

121

by bitwarden

Performs a security-focused code review by launching multiple specialized agents and a verification agent to ensure comprehensive coverage and accurate findings. Use this skill when the user asks for a "perform-security-review", "bitwarden-security-review", "execute a security review", "run a comprehensive security audit", "perform an end-to-end security assessment", or needs to coordinate multiple security checks across code, dependencies, secrets, and configurations. The skill manages the work

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

reviewing-dependencies

121

by bitwarden

This skill should be used when the user asks to "review Dependabot alerts", "check for vulnerable dependencies", "audit third-party packages", "assess supply chain risk", "run Grype scan", or needs to evaluate dependency health, transitive risk, or supply chain security.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

reviewing-dependency-changes

121

by bitwarden

Use this skill when a PR diff contains changes to dependency manifest files (package.json, .csproj, Cargo.toml, go.mod, requirements.txt, etc.) or when reviewing Renovate/Dependabot bot PRs. Evaluates new dependencies for AppSec approval process compliance, major version bump significance, lock file hygiene, and dependency removal completeness. Does NOT perform deep security or license analysis — that is handled by the bitwarden-security-engineer plugin's reviewing-dependencies skill.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

extracting-session-data

121

by bitwarden

Locates, lists, filters, and extracts structured data from Claude Code native session logs. Supports both single and multiple session analysis.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

triaging-security-findings

121

by bitwarden

This skill should be used when the user asks to "triage security findings", "fix a Checkmarx finding", "review SonarCloud results", "dismiss a false positive", "check code scanning alerts", or needs to work with GitHub Advanced Security alerts, scanner annotations on PRs, or Grype vulnerability results.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

classifying-review-findings

121

by bitwarden

Use this skill when categorizing code review findings into severity levels. Apply when determining which emoji and label to use for PR comments, deciding if an issue should be flagged at all, or classifying findings as CRITICAL, IMPORTANT, DEBT, SUGGESTED, or QUESTION.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

avoiding-false-positives

121

by bitwarden

Use this skill to validate findings during a code review. For each finding, run the rejection criteria and verification checks. If a finding fails any check, drop it.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

architecting-solutions

121

by bitwarden

Framework for architecting solutions inside a team's domain while staying coherent with Bitwarden's holistic architecture. Covers security mindset, blast radius assessment, architectural judgment, Bitwarden-specific constraints, working with the architecture group, and working with initiative shepherds. Use when planning a solution, reviewing architecture within a team's scope, assessing blast radius, evaluating trade-offs, or deciding whether a choice needs architecture-group input.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

analyzing-git-sessions

121

by bitwarden

Analyzes git commits and changes within a timeframe or commit range, providing structured summaries for code review, retrospectives, work logs, or session documentation.

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

analyzing-code-security

121

by bitwarden

This skill should be used when the user asks to "analyze code for security issues", "check for OWASP vulnerabilities", "review code against CWE Top 25", "find injection vulnerabilities", "do a security code review", or needs manual security analysis against OWASP Top 10, API Top 10, Mobile Top 10, or CWE/SANS frameworks.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

addressing-code-review-comments

121

by bitwarden

Use when the user is addressing pull request review comments locally and asks for help evaluating, implementing, or drafting responses to reviewer feedback - requires technical rigor and verification, not performative agreement or blind implementation

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

preparing-design-handoff

121

by bitwarden

Prepare a Bitwarden design handoff — the Figma file in Ready-for-Dev state and the Jira state transitions that go with it. The end-of-In-Design gate / checklist.

bitwarden logo

action-remediate

121

by bitwarden

Remediate GitHub Actions action findings identified by the action-audit skill. Applies the appropriate fix per action type — `@main` ref for internal `bitwarden/` actions, full SHA with inline version comment for external actions, or full replacement — across selected repos and creates draft PRs. Run the action-audit skill first to identify findings before using this skill. <example> User: Go ahead and fix the unpinned actions from the audit Action: Trigger action-remediate to apply fixes and cr

🔥🔥FreeQuick setup
bitwarden logo

perform-preflight

121

by bitwarden

Quality gate checklist to run before committing or creating a PR. Use when finishing implementation, checking work quality, or preparing to commit. Triggered by "preflight", "self review", "ready to commit", "check my work", "quality gate".

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

action-audit

121

by bitwarden

Audit GitHub Actions action usage across an org. Searches for a specific action (incident mode) or sweeps all workflow files for non-compliant action references (audit mode). Produces a read-only report of findings with compliance status and resolved SHAs. Does not modify any files. <example> User: We need to check if any repos are using tj-actions/changed-files Action: Trigger action-audit in incident mode for that action </example> <example> User: Can you find all unpinned actions across the o

🔥🔥FreeQuick setup
bitwarden logo

reviewing-security-architecture

121

by bitwarden

This skill should be used when the user asks to "review the security architecture", "check authentication patterns", "evaluate trust boundaries", "review encryption implementation", "assess authorization design", or needs to evaluate system designs for authentication, authorization, data protection, or cryptographic correctness.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

reviewing-claude-config

121

by bitwarden

Reviews Claude configuration files for security, structure, and prompt engineering quality. Use when reviewing changes to CLAUDE.md files (project-level or .claude/), skills (SKILL.md), agents, prompts, commands, or settings. Validates YAML frontmatter, progressive disclosure patterns, token efficiency, and security best practices. Detects critical issues like committed settings.local.json, hardcoded secrets, malformed YAML, broken file references, oversized skill files, and insecure agent tool

🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

detecting-secrets

121

by bitwarden

This skill should be used when the user asks to "find hardcoded secrets", "audit for credential leaks", "check for API keys in code", "review secret scanning alerts", "rotate a leaked secret", or needs to detect hardcoded credentials, review secret handling patterns, or remediate exposed secrets.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
bitwarden logo

using-figma

121

by bitwarden

Read and inspect Figma designs via the Dev Mode MCP server — selects the right tool, parses Figma URLs into fileKey and nodeId, and turns design context into useful input for critique, copy review, handoff prep, and Design System work.

bitwarden logo

performing-multi-agent-code-review

121

by bitwarden

Perform a rigorous, multi-agent code review with architecture-compliance, parallel quality/security analysis, finding validation, and severity audit. Use when the user asks for a structured, deep, thorough, multi-pass, or multi-agent code review — or a review that includes architecture/pattern compliance, confidence-scored findings, or a severity audit. Use when the user asks for a code review across a commit range, time window, or N most recent commits in a locally checked-out repo.

bitwarden logo

evolving-design-system-components

121

by bitwarden

Propose a new UI pattern or modify an existing Design System component per Bitwarden's published governance process — design-team alignment, Core vs. Recipe/Snowflake decision with UI Foundation, Figma branching and property conventions, review gates, merge timing.

bitwarden logo

auditing-hackerone-vulns

121

by bitwarden

Audit all open HackerOne-sourced VULN Jira tickets and their linked engineering child items to identify what needs action. Use this skill whenever the user wants to: check VULN ticket status, see which HackerOne findings need status updates, identify vulnerabilities ready to verify or close, run a remediation audit, check "what do I need to do on my VULN tickets today", or get a prioritized view of open vulnerabilities. Outputs a sorted action table with emoji tokens. Always use this skill for H

warpdotdev logo

resolve-merge-conflicts

119

by warpdotdev

Resolve Git merge conflicts by extracting only unresolved paths, conflict hunks, and compact diffs instead of loading whole files into context. Use when a merge, rebase, cherry-pick, or stash pop stops on conflicts, when `git status` shows unmerged paths, or when files contain conflict markers.

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
warpdotdev logo

diagnose-ci-failures

119

by warpdotdev

Diagnose CI failures for a PR using the GitHub CLI, extract error logs, and generate a plan to fix them. Use when the user asks to check CI status, pull CI issues, triage test failures, or investigate PR build failures.

warpdotdev logo

respond-to-pr-comments-in-blocklist

119

by warpdotdev

Walk users through PR review comments, fetching and displaying them first when needed, collect per-comment response decisions, apply requested fixes, and preview GitHub replies and resolutions before posting. Use when responding to PR review comments on the current branch.

warpdotdev logo

pr-walkthrough

119

by warpdotdev

Generate a static interactive D3 walkthrough of a pull request. Use when the user wants a zoomable PR map, graph/canvas PR orientation, or alternate visualization of PR system components, data flow, code dependencies, and user actions.

warpdotdev logo

scan-new-specs

119

by warpdotdev

Scan warpdotdev/warp and warp-server for recently merged PRODUCT.md specs that don't yet have a corresponding docs PR in warpdotdev/docs. When a complete spec is found, auto-generates a full docs draft PR and tags the engineer. When a spec is too thin to draft from, pings the engineer directly. Designed to run as a scheduled Oz ambient agent (e.g., every 2-3 days). Use when setting up the automated docs trigger or running a manual docs coverage sweep.

← PrevPage 37 of 44Next →