Sponsored by

Find leads on Reddit on auto pilot

Agent skills

Skills you can use with AI coding agents, indexed from public GitHub repositories.

Latest Most Popular

oscal-visualizer Create visual diagrams and representations of OSCAL documents including control hierarchies, component relationships, implementation flows, and SSP overviews. Inspired by oscal-diagrams and community visualization tools.
euCann/OSCAL-GRC-SKILLS 6
oscal-text-converter Convert OSCAL documents between formats (JSON, YAML, XML) and to human-readable formats like Markdown or plain text. Use for document transformation, reporting, and making OSCAL data accessible to non-technical stakeholders.
euCann/OSCAL-GRC-SKILLS 6
controls-extractor Extract and analyze security controls from OSCAL catalogs, profiles, and SSPs. Use this skill to get detailed information about control hierarchies, statements, parameters, and implementation status for compliance analysis.
euCann/OSCAL-GRC-SKILLS 6
workflow-orchestrator Orchestrate complex multi-step OSCAL compliance workflows by combining multiple skills. Use this skill for end-to-end compliance automation like FedRAMP package reviews, continuous monitoring, and gap assessments.
euCann/OSCAL-GRC-SKILLS 6
advanced-oscal-validator Perform comprehensive OSCAL validation using community-inspired patterns including JSON schema validation, business rule validation, cross-reference checking, and best practices from IBM Trestle, oscal-pydantic, and Lula. Use for thorough document quality assurance.
euCann/OSCAL-GRC-SKILLS 6
oscal-ssp-validator Validates OSCAL System Security Plan documents against NIST 800-18 Rev 1 requirements and FedRAMP baselines. Identifies missing elements, quality issues, and provides remediation guidance for achieving ATO compliance.
euCann/OSCAL-GRC-SKILLS 6
oscal-parser Parse OSCAL (Open Security Controls Assessment Language) documents in JSON, YAML, or XML formats and extract structured compliance data. Use this skill when working with security control catalogs, system security plans, component definitions, or other OSCAL document types.
euCann/OSCAL-GRC-SKILLS 6
oscal-catalog-provider Fetch official NIST 800-53 and FedRAMP OSCAL catalogs from authoritative sources
euCann/OSCAL-GRC-SKILLS 6
control-mapper Map security controls between different compliance frameworks including NIST 800-53, ISO 27001, CIS Controls, PCI-DSS, HIPAA, SOC 2, and CMMC. Use this skill for gap analysis, multi-framework compliance, and control rationalization.
euCann/OSCAL-GRC-SKILLS 6
component-definition-builder Create and manage OSCAL component definitions for reusable security control implementations. Inspired by CivicActions components and community patterns. Use for building component libraries and shared control implementations.
euCann/OSCAL-GRC-SKILLS 6
risk-assessor Perform comprehensive risk assessments on OSCAL systems including threat modeling, vulnerability analysis, risk scoring, and POA&M generation. Use this skill to evaluate security posture and prioritize remediation efforts.
euCann/OSCAL-GRC-SKILLS 6
evidence-collector Plan and manage security evidence collection for compliance audits and assessments. Use this skill to identify required evidence, track collection status, and ensure audit readiness.
euCann/OSCAL-GRC-SKILLS 6
compliance-report-generator Generate compliance reports from OSCAL assessment results, SSPs, and POA&Ms in various formats. Use this skill to create audit-ready documentation, executive summaries, and detailed compliance status reports.
euCann/OSCAL-GRC-SKILLS 6
design-audit Use when reviewing frontend design quality without a reference. Identifies UX issues, accessibility problems, and visual inconsistencies with actionable fix suggestions.
manashmandal/claude-skills
design-compare Use when comparing a frontend implementation against a reference design (Figma, mockup, screenshot). Performs pixel-level and structural analysis to identify discrepancies.
manashmandal/claude-skills
design-report Use when conducting comprehensive design review before launch, for stakeholder presentation, or when user requests expert-level design analysis. Produces detailed report from senior Apple product designer perspective.
manashmandal/claude-skills
differential-session-runner Run or continue a differential debugging session between two implementations, traces, captures, or outputs. Record artifact identity, exact commands, first mismatch progression, findings, validation, and next probe in a durable session log.
alchemiststudiosDOTai/harness-engineering 85
agents-md-mapper This skill should be used when creating, refreshing, or validating a repository `AGENTS.md` so it stays concise, current, and grounded in repository evidence. Use when `AGENTS.md` is missing or stale, after refactors or tooling changes, when new docs become the system of record, or when adding lightweight drift checks.
alchemiststudiosDOTai/harness-engineering 85
ast-grep-setup Set up ast-grep for a codebase with common TypeScript rules for detecting anti-patterns, enforcing best practices, and preventing bugs. Creates sgconfig.yml, rule files, and rule tests. Use when adding structural linting, banning legacy patterns, or implementing ratchet gates.
alchemiststudiosDOTai/harness-engineering 85
research-phase This skill should be used when mapping or researching a codebase to understand its structure, patterns, and architecture. Use when the user asks to "map the codebase", "research how X works", "find all Y patterns", or needs to understand code organization. Produces factual structural maps in .artifacts/research/—no suggestions, no recommendations, just what exists. Uses ast-grep for structural pattern matching.
alchemiststudiosDOTai/harness-engineering 85
plan-phase Generate execution-ready implementation plans from research docs - planning ONLY, no fixing or verifying. North Star is whether a JR developer can execute the plan with zero additional context.
alchemiststudiosDOTai/harness-engineering 85
execute-phase Execute implementation plans from .artifacts/plan/. Focus on EXECUTING ONLY - no planning, no fixes outside plan scope. Uses gated checks, atomic commits, and maintains a single execution log in .artifacts/execute/. Use when the user says "execute this plan" or provides a plan path.
alchemiststudiosDOTai/harness-engineering 85
qa-from-execute Perform quality assurance on code changes after the research-phase -> plan-phase -> execute-phase workflow. STRICTLY QA only—no coding, no fixes, no source-code changes. Focus on changed areas only, emphasizing control/data flow correctness.
alchemiststudiosDOTai/harness-engineering 85
harness-map Map a repository's mechanical harness layers: canonical check command, local and CI gates, architecture boundaries, structural rules, behavioral verification, docs ratchets, evidence workflows, and operator-facing surfaces. Use when you need to understand how a repo keeps change safe.
alchemiststudiosDOTai/harness-engineering 85