381,784 Collected SKILL.md files

Explore AI Agent Skills & Claude Prompts

Discover open-source agent skills for Claude Code, Codex, ChatGPT, and any tool that uses SKILL.md.

search
expand_more
Active:
anshumanbh
Showing 12 of 21 skills
anshumanbh

xxe-testing

by anshumanbh
star 274

Validate XML External Entity (XXE) injection vulnerabilities including file disclosure, SSRF, denial of service, and blind XXE via out-of-band channels. Test by injecting malicious XML with external entity references into endpoints that parse XML. Use when testing CWE-611 (XXE), CWE-827 (Improper Control of Document Type Definition), or related XML parsing vulnerabilities.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

xss-testing

by anshumanbh
star 274

Validate Cross-Site Scripting (XSS) vulnerabilities including Reflected, Stored, and DOM-based XSS. Test by injecting script payloads into user-controlled inputs and observing if they execute in browser context. Use when testing CWE-79 (XSS), CWE-80 (Basic XSS), CWE-81 (Error Message XSS), CWE-83 (Attribute XSS), CWE-84 (URI Scheme XSS), CWE-85 (Doubled Character XSS), CWE-86 (Invalid Character XSS), CWE-87 (Alternate XSS Syntax), or related XSS findings.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

agentic-security-threat-modeling

by anshumanbh
star 274

Identify agentic AI security threats based on OWASP Top 10 for Agentic Applications 2026. Use when analyzing AI agents, LLM-powered applications, chatbots, auto-reply systems, tool-using AI, browser automation, sandbox execution, or any application that uses AI/LLM APIs (Anthropic, OpenAI, Claude, GPT) to process user input and take actions.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

authorization-testing

by anshumanbh
star 274

Validate authorization failures including IDOR, privilege escalation, and missing access controls. Test by attempting unauthorized access with lower-privileged credentials. Use when testing CWE-639 (IDOR), CWE-269 (Improper Privilege Management), CWE-862 (Missing Authorization), CWE-863 (Incorrect Authorization), CWE-284 (Improper Access Control), CWE-285 (Improper Authorization), or CWE-425 (Direct Request / Forced Browsing) findings.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

command-injection-testing

by anshumanbh
star 274

Validate OS Command Injection vulnerabilities including direct command injection, blind command injection via time delays, and out-of-band command execution. Test by injecting shell metacharacters and commands into user-controlled inputs. Use when testing CWE-78 (OS Command Injection), CWE-77 (Command Injection), CWE-88 (Argument Injection), or related command execution vulnerabilities.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

injection-testing

by anshumanbh
star 274

Validate miscellaneous injection vulnerabilities NOT covered by dedicated skills. Covers SSTI, LDAP, XPath, XQuery, CRLF/HTTP Header, Email Header, GraphQL, Expression Language (EL/OGNL), JSON/JavaScript eval injection, ORM/HQL, CSV/Formula, Regex (ReDoS), YAML config, and Shellshock-style injection. Use when testing CWE-1336 (SSTI), CWE-90 (LDAP), CWE-643 (XPath), CWE-652 (XQuery), CWE-93/CWE-113 (CRLF/Header), CWE-917 (EL), CWE-94/CWE-95 (Code/Eval injection), CWE-1333 (ReDoS), CWE-1236 (CSV/Formula), and related injection classes.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

nosql-injection-testing

by anshumanbh
star 274

Validate NoSQL injection vulnerabilities across MongoDB, Cassandra, CouchDB, Redis, and other NoSQL databases. Test operator injection, JavaScript injection, and query manipulation patterns. Use when testing CWE-943 (Improper Neutralization of Special Elements in Data Query Logic) and related NoSQL injection classes.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

sql-injection-testing

by anshumanbh
star 274

Validate SQL injection vulnerabilities (including blind SQLi) across time-based, error-based, boolean-based, UNION-based, stacked-query, and out-of-band patterns. Use when testing CWE-89 (SQL Injection), CWE-564 (Hibernate SQL Injection), and related SQL injection classes across MySQL, PostgreSQL, MSSQL, Oracle, and SQLite targets.

navigation main article SKILL.md
schedule Updated 5 months ago
anshumanbh

ssrf-testing

by anshumanbh
star 274

Validate Server-Side Request Forgery (SSRF) vulnerabilities by testing if user-controlled URLs can reach internal services, cloud metadata endpoints, or alternative protocols. Use when testing CWE-918 (SSRF), CWE-441 (Unintended Proxy), CWE-611 (XXE leading to SSRF), or findings involving URL fetching, webhooks, file imports, image/PDF/SVG processing, or XML parsing with external entities.

navigation main article SKILL.md
schedule Updated 4 months ago
anshumanbh

sast-injection-testing

by anshumanbh
star 17

Investigate injection vulnerabilities in source code including SQL injection, XSS, and command injection. Use when threat model identifies CWE-89 (SQL Injection), CWE-79 (XSS), CWE-78 (OS Command Injection), or injection concerns.

navigation main article SKILL.md
schedule Updated 6 months ago
anshumanbh

sast-file-security-testing

by anshumanbh
star 17

Investigate file operation vulnerabilities including unrestricted file upload, path traversal in file operations, and insecure file handling. Use when threat model identifies CWE-434 (Unrestricted Upload), CWE-73 (External Control of File Path), CWE-427 (Uncontrolled Search Path), or file security concerns.

navigation main article SKILL.md
schedule Updated 6 months ago
anshumanbh

sast-security-misconfiguration-testing

by anshumanbh
star 17

Investigate security misconfiguration vulnerabilities including debug modes, default credentials, overly permissive settings, and insecure defaults. Use when threat model identifies CWE-16 (Configuration), CWE-1188 (Insecure Default Initialization), CWE-276 (Incorrect Default Permissions), or configuration concerns.

navigation main article SKILL.md
schedule Updated 6 months ago
Page 1 of 2

Browse Agent Skills by Occupation

23 major groups · 867 SOC occupations

Browse by Category

Explore agent skills organized by their primary use case

SKILLMD / CREATORS AND OCCUPATION CATEGORIES

Explore the agent skills ecosystem by occupation and creator

SkillMD is not just a keyword search box. It is an open map that organizes public skills by occupation, creator, and repository, helping you see which workflows, judgment criteria, and domain habits people are writing for AI agents.

Then follow creators and GitHub repositories back to the source: compare the skills a team maintains, whether the repo is active, and how the README frames the work before you open, install, or reuse anything.

Use it three ways: learn an unfamiliar field by occupation, study how creators organize skills, then use source context to decide what is worth opening or reusing.

01 Map a field

Browse 23 occupation groups and 867 SOC roles to learn what skills exist in adjacent domains and how they break down real work.

02 Follow creators

Use creator and repository pages to inspect maintained skill collections, recent updates, and source context before trusting a result.

03 Search with sources

Search 1.7M+ collected skills, then use occupation tags, creators, and GitHub source context to decide what is worth opening.

Start with the occupation map, then follow creators and repositories back to real code. SkillMD helps explain why a skill is worth opening, not only what it is named.

SEO KNOWLEDGE HUB & TECHNICAL OVERVIEW

Standardizing Agent Capabilities with SKILL.md and Model Context Protocol (MCP)

In the rapidly evolving landscape of artificial intelligence, LLM agents (Large Language Model agents) have transitioned from simple text predictors to autonomous problem solvers. To orchestrate complex, multi-step agentic workflows, developers require a standardized format to specify agent capabilities, prompt instructions, system rules, and database bindings. This is where SKILL.md and the Model Context Protocol (MCP) have emerged as standard developer paradigms. SkillMD serves as the central directory for indexing, exploring, and sharing these critical agent configurations.

Our open-source registry currently tracks over 1.7 million collected SKILL.md configurations and system prompts. By compiling agent configurations from active developers on GitHub, we bridge the gap between prompt engineering research and production execution. Whether you are building agents with Anthropic's Claude Code, OpenAI's GPT-4, Google's Gemini, or local models using Ollama and LlamaIndex, standardized skill definitions ensure your agents behave predictably across different runtime environments.

What is the Model Context Protocol (MCP)?

The Model Context Protocol (MCP) is an open-source standard designed to connect LLMs to data sources, developer tools, and external environments. MCP establishes a bidirectional communication channel between client applications (like Cursor, Claude Desktop, or custom agent systems) and servers hosting data or capabilities. Standardizing instructions via SKILL.md enables LLMs to query databases, read local files, execute terminal commands, and integrate third-party APIs. SkillMD allows you to find ready-to-run MCP servers and prompt instructions for various occupations and technical tasks.

The Structure of a Professional SKILL.md File

A valid SKILL.md configuration is designed to be easily read by humans and parsed by LLMs. It contains precise system instructions, trigger conditions, required parameters, and execution examples. Below is the typical architectural blueprint of a professional agent skill:

  • Metadata & Core Scope: Declares the name of the skill, author details, target models, and a description of the capability.
  • Triggers & Intent Detection: Details semantic triggers that help the agent decide when to invoke this skill.
  • System Prompts: Explicit system-level instructions that direct the agent's behavior, personality, safety guardrails, and formatting preferences.
  • Capabilities & Tools: Lists the files, databases, or APIs the agent must access to complete the tasks.
  • Few-Shot Examples: Demonstrates real inputs and outputs, helping the model generalize behavior through in-context learning.

Optimizing Agent Workflows for Modern LLMs

Writing effective agent skills requires deep knowledge of prompt engineering. With the release of advanced reasoning models like Claude 3.5 Sonnet, ChatGPT o1, and DeepSeek-V3, prompt templates must focus on structured thinking. Developers are encouraged to use XML tags (e.g., <thought>, <context>, and <rules>) to isolate execution boundaries. Standardized prompts prevent agents from suffering from context drift, ensuring that long-running tasks remain aligned with the initial system parameters.

Exploring by SOC Occupations and Creator Profiles

What makes SkillMD unique is its taxonomy. Instead of simple text search, we parse and organize files according to the Standard Occupational Classification (SOC) system. This means you can discover skills written for Computer and Mathematical roles, Business and Financial operations, Legal, Design, and and Educational Instruction fields. By tracking creator profiles, developers can study how different teams organize their custom instructions, compare version updates, and fork public configs for specialized enterprise use cases.

SkillMD operates as a high-performance index running on a fast Go backend and a highly responsive Astro SSR frontend. All search queries execute in milliseconds, featuring smart debouncing to prevent multiple API requests while keeping user data secure. Join our community of developers to standardize your AI agent instructions and optimize your LLM prompting workflows today.

8 QUESTIONS

Frequently Asked Questions

A practical guide to agent skills: what they are, how to inspect them, and how SkillMD helps you explore the ecosystem.