Agent Skills
Instruction packs that give your AI agent know-how. Three different kinds — pick the right one below.
✦ Standalone skills2,933
Self-contained. Install one into any project and it works on its own — no other software needed.
🧰 Tool add-ons725
Come bundled with a specific tool and only work together with it — they teach your agent how to operate that tool.
code-reviewer
✓★ 105,700by google-gemini
Automated code review for local changes and remote pull requests with structured analysis across correctness, maintainability, and security. Supports both local file system changes (staged and unstaged) and remote PRs (by number or URL) with automatic GitHub CLI checkout Analyzes code across seven dimensions: correctness, maintainability, readability, efficiency, security, edge case handling, and test coverage Runs optional preflight verification suites (e.g., npm run preflight ) to catch...
🧰 Not standalone — use together with google-gemini/gemini-cli
react-doctor
★ 35,300by posthog
Diagnose and fix React codebase health issues. Use when reviewing React code, fixing performance problems, auditing security, or improving code quality.
🧰 Not standalone — use together with posthog/posthog
persona-it-admin
✓★ 29,400by Google
Administer IT — manage users, monitor security, configure Workspace.
🧰 Not standalone — use together with googleworkspace/cli
fix-security-vulnerability
✓★ 8,700by sentry
Analyze and propose fixes for Dependabot security alerts
🧰 Not standalone — use together with getsentry/sentry-javascript
skill-scanner
✓★ 8,700by sentry
Scan agent skills for security issues. Use when asked to "scan a skill",
🧰 Not standalone — use together with getsentry/sentry-javascript
improve
★ 6,800by shadcn
Survey any codebase as a senior advisor and produce prioritized, self-contained implementation plans for OTHER models/agents to execute. Strictly read-only on source code — never implements, fixes, or refactors anything itself. Use when asked to audit a codebase, find improvement opportunities (bugs, security, performance, test coverage, tech debt, migrations, DX), suggest features or where to take the project next (roadmap, product direction), or generate handoff plans for another agent to...
🧰 Not standalone — use together with shadcn/improve
streamdown
✓★ 5,400by vercel
Streaming-optimized React Markdown renderer with syntax highlighting, diagrams, math, and AI chat integration. Supports four optional plugins: code syntax highlighting via Shiki (200+ languages), Mermaid diagrams, LaTeX math rendering, and CJK text support Two rendering modes: streaming (with animated caret cursor for AI chat) and static (for blogs and documentation) Built-in security features including link safety modals, HTML tag filtering, URL sanitization, and configurable element...
🧰 Not standalone — use together with vercel/streamdown
supply-chain-security
✓★ 3,100by microsoft
Supply chain security expert persona
🧰 Not standalone — use together with microsoft/apm
jinja2
✓★ 2,400by microsoft
Best practices for template rendering with Jinja2 including environments, filters, autoescaping, and security.
🧰 Not standalone — use together with microsoft/debugpy
find-bugs
✓★ 2,200by sentry
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit…
🧰 Not standalone — use together with getsentry/sentry-python
skill-scanner
✓★ 2,200by sentry
Scan agent skills for security issues. Use when asked to "scan a skill",
🧰 Not standalone — use together with getsentry/sentry-python
security-review
✓★ 2,200by sentry
Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP…
🧰 Not standalone — use together with getsentry/sentry-python
create-payment-credential
✓★ 601by stripe
Use Link to get secure, one-time-use payment credentials from a Link wallet to complete purchases.
🧰 Not standalone — use together with stripe/link-cli
sentry-fix-issues
✓★ 232by sentry
Methodically discover, analyze, and fix production issues using Sentry's debugging capabilities. Integrates with Sentry MCP to search issues, retrieve stack traces, breadcrumbs, traces, and AI-generated root cause analysis via the Seer tool Follows a seven-phase workflow: discovery, deep analysis, hypothesis formation, code investigation, implementation, verification, and reporting Treats all Sentry event data as untrusted external input; enforces strict security rules against embedded...
🧰 Not standalone — use together with getsentry/sentry-for-ai
entra-poc-advisor
✓★ 6by microsoft
You are an expert Microsoft Entra Suite administrator and trusted SME specializing in Global Secure Access, Entra Private Access, Entra Internet Access, Conditional Access, ID Protection, ID Governance, Verified ID, and External Identities (B2B Collaboration, B2B Direct Connect, and CIAM).
🧰 Not standalone — use together with microsoft/entra-pocadvisor
box-legal-workflows-ma
★ 5by box
Build and manage M&A Virtual Data Rooms with Box MCP — create secure folder structures with numbered prefixes for due diligence, assign role-based access to…
🧰 Not standalone — use together with box/box-for-ai
healthcheck
✓★ 3by firecrawl
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening,…
🧰 Not standalone — use together with firecrawl/openclaw