PostgreSQL Schema Architect
Schema mistakes are the most expensive kind — code refactors in days, but a wrong table design holds your data hostage for years
Ship agent workflows in 30 seconds. Browse 1,500+ expert-built and security scanned skills. Browse skills
THE AGENSI STORE
227 skills found
Schema mistakes are the most expensive kind — code refactors in days, but a wrong table design holds your data hostage for years
Reviewer left comments and your PR is stuck? Find the #1 blocking comment and get a finished reply — acknowledge, the fix, what to test — written to move the reviewer to approve.
Catch the dangerous migration before it locks or wrecks your production database. Scans SQL migration files for destructive and risky operations: DROP and TRUNCATE, drops without IF EXISTS, lossy column-type changes, NOT NULL added without a default, DELETE or UPDATE with no WHERE, non-concurrent index builds, dropped constraints, renames, and data backfills mixed into schema changes. Each finding is ranked by severity with a safer rewrite. Postgres, MySQL, and SQLite.
by Nex AI
Professional accessibility auditing for architects, balancing legal regulations with real-world usability.
Find the model-version coupling that breaks when you swap LLMs. Flags hardcoded model names and versions, deprecated or renamed parameters (the max_tokens to max_completion_tokens class of change), hardcoded token and context-window limits, response-format parsing tied to one model's output, tool-schema format coupling between providers, and hardcoded per-token cost constants. The patterns load from an editable model-rules table you update as new models ship.
by Corey Jacobs
Generate source-safe repository audits and repair handoff bundles without mutating your code.
Point it at an unfamiliar or inherited repo and quickly understand it. Maps the architecture, identifies the key modules and entry points, traces the core end-to-end flows, surfaces the conventions and gotchas, and assembles a clean ONBOARDING.md — turning a strange codebase into a clear mental model fast. Built for the moment you join a project, take one over, or have to explain a repo before changing it.
Expert accessibility auditing that prioritizes user impact and provides production-ready code fixes for WCAG compliance.
Turns Claude into a senior WordPress launch reviewer that audits a site, theme, or plugin against the entire pre-launch standard across 7 weighted domains and returns one objective go/no-go decision with a scored blocker list.
Audit your project's dependencies for supply-chain risk before they ship. Detects the ecosystem, runs the right vulnerability scanners against live advisory data, and adds the checks tooling misses — outdated or abandoned packages, typosquatted or suspicious names, risky install scripts, and license conflicts — then returns a prioritized fix list and a PASS / REVIEW / BLOCK verdict. It's npm audit with triage and judgment on top.
Architect safe, staged code migrations with zero-downtime patterns and automated rollback gates.
Generate a real test suite for any function, module, or file — meaningful edge cases, error paths, boundary conditions, and proper mocks, not happy-path stubs. Detects your project's framework and conventions, plans the cases deliberately before writing, and hands back runnable tests plus a summary of what's covered. Built to write the tests that actually catch bugs.
by Timoranjes
Senior-level Python code auditor for PEP 8, type safety, security vulnerabilities, and 3.10+ modernizations.
Scaffold a secure, spec-compliant MCP server from a description of the tools you want to expose. Sets up the official SDK (TypeScript or Python/FastMCP), defines tools/resources/prompts with strict JSON Schema, wires the right transport (stdio or Streamable HTTP), adds OAuth 2.1 for remote, and hardens against the MCP-specific footguns — prompt injection via tool output, token passthrough, over-broad scopes, command/path/SSRF injection, leaked secrets — before it ships. Returns a runnable skeleton plus a security checklist. Built by someone who's shipped production MCP servers.
A senior WordPress security auditor that reasons about WP-API taint flow — not regex hits — to find the 8 real plugin/theme vulnerability classes a generic scanner misses, and returns scored findings with ready-to-merge before→after patches.
by Shandra
Plans safe dependency upgrades and framework migrations for legacy applications with risk analysis, compatibility mapping, test planning, rollback strategy, and phased AI coding prompts.
Find the LLM integration code that will not survive a provider being pulled or going down. Flags single-provider lock-in with no alternative, calls with no failover branch, missing timeouts, retries with no limit or backoff, no degraded-mode default, and hardcoded endpoints with no alternate. This is about the model going away, not the model declining.
Inventory every LLM model and provider your code depends on, the AI bill of materials, and flag the dependency risk. It lists each provider, model, and where it's used, then flags hardcoded model ids, single-provider dependency with no alternative, the same model referenced by different ids, model ids with no config or env indirection, and providers pinned in your manifests. Recognizes OpenAI, Anthropic, Google Gemini, and more from an editable list.
by Timoranjes
Professional Go code auditor for performance optimization, concurrency safety, and modern 1.21+ idioms.
Check your app for the security mistakes that leak data before you launch, explained in plain English. Flags API keys and secrets sitting in your code, a committed .env file, data with no login protecting it, database tables anyone can read, debug mode left on, wide-open sharing (CORS), hardcoded admin passwords, and public storage buckets. Built for non-technical founders shipping AI-built apps: every finding tells you what is wrong, why it matters, and how to fix it.
Turns an OpenAPI/Swagger spec into an exhaustive, framework-ready test suite — happy-path, validation, contract-conformance, auth, and defensive security tests — with a coverage matrix mapping every endpoint, status code, and schema constraint to a test.
by Nex AI
Automatically scan code for trackers and generate GDPR-compliant cookie banners and Dutch privacy policies.
A DevSecOps engineer that stands up and tunes static analysis (Semgrep, SonarQube, CodeQL) for high-signal findings — picks the right tool for the stack, writes the config and rulesets, wires a sane CI gate, and tunes out the false positives that get scanners muted.
by Ifásola
Specialized static security scanner for MCP servers and Python tool handlers to prevent injection and data leaks.