> elizaOS/eliza

> 1password

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

> address-sanitizer

AddressSanitizer detects memory errors during fuzzing. Use when fuzzing C/C++ code to find buffer overflows and use-after-free bugs.

> aflpp

AFL++ is a fork of AFL with better fuzzing performance and advanced features. Use for multi-core fuzzing of C/C++ projects.

> algorand-vulnerability-scanner

Scans Algorand smart contracts for 11 common vulnerabilities including rekeying attacks, unchecked transaction fees, missing field validations, and access control issues. Use when auditing Algorand projects (TEAL/PyTeal).

> apple-notes

Manage Apple Notes via the `memo` CLI on macOS (create, view, edit, delete, search, move, and export notes). Use when a user asks Otto to add a note, list notes, search notes, or manage note folders.

> apple-reminders

Manage Apple Reminders via the `remindctl` CLI on macOS (list, add, edit, complete, delete). Supports lists, date filters, and JSON/plain output. Use when the user asks about reminders, todos, tasks, to-do lists, "remind me", scheduling tasks, checking what is due today, completing or deleting reminders, or managing reminder lists on macOS.

> ask-questions-if-underspecified

Clarify requirements before implementing. Use when serious doubts arise.

> atheris

Atheris is a coverage-guided Python fuzzing framework built on libFuzzer for finding bugs, crashes, and security vulnerabilities in pure Python code and Python C extensions. It provides AddressSanitizer integration for detecting memory corruption, buffer overflows, and use-after-free errors. Assists with writing fuzz harnesses, configuring sanitizers, managing corpora, running fuzzing campaigns, and setting up Docker-based fuzzing environments. Covers instrumentation of Python imports, parallel

> audit-context-building

Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.

> audit-prep-assistant

Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates documentation (flowcharts, user stories, inline comments).

> bear-notes

Create, search, read, tag, and append to Bear app notes on macOS via the grizzly CLI. Use when the user wants to create a new note in Bear, search Bear notes by tag, read or open a Bear note by ID, append text to an existing Bear note, list Bear tags, or automate note-taking in Bear. Requires the grizzly binary and Bear app running on macOS.

> bird

X/Twitter CLI for reading, searching, posting, and engagement via cookies. Provides direct access to tweets, timelines, social media feeds, bookmarks, lists, and trending topics through GraphQL and cookie-based authentication. Use when the user wants to tweet, read a tweet, search Twitter, check their timeline, browse social media, view replies, follow or unfollow accounts, manage bookmarks, or interact with X/Twitter from the command line.

> blogwatcher

Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI. Use when the user wants to subscribe to blogs, track news feeds, manage a feed reader, scan for new articles, add or remove RSS or Atom subscriptions, or mark posts as read.

> blucli

BluOS CLI (blu) for discovery, playback, grouping, and volume control of Bluesound and NAD speakers. Use when the user wants to play music, stream audio, control speakers, adjust volume, group or ungroup Bluesound players, search TuneIn radio, or manage multi-room streaming setups.

> bluebubbles

Handles sending and managing iMessages through BlueBubbles, the recommended iMessage integration. Triggers when the user wants to send a text message, send an iMessage, send a text, text someone, message a contact, react with a tapback, reply to a message thread, send an attachment via iMessage, edit or unsend a sent message, or manage group chat participants. All calls go through the generic message tool with channel="bluebubbles".

> burpsuite-project-parser

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.

> cairo-vulnerability-scanner

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.

> camsnap

Capture frames or clips from RTSP/ONVIF cameras. Grabs snapshots, video clips, and motion events from IP cameras, security cameras, and video streams. Use when the user wants to take a snapshot from a camera, record a clip from an RTSP stream, monitor motion on a security camera, discover ONVIF devices on the network, or configure camera access for automated surveillance capture.

> canvas

Display, present, and render HTML content on connected Otto nodes (Mac app, iOS, Android). Show on device, preview on mobile, push to screen, or navigate to a URL on any connected node. Use for games, visualizations, dashboards, interactive demos, and live-reloading development previews. Supports presenting, hiding, navigating, evaluating JavaScript, and capturing screenshots of canvas content across Mac, iOS, and Android devices.

> cargo-fuzz

cargo-fuzz is the primary fuzzing tool for Rust projects built with Cargo. It enables developers to set up fuzz testing, write fuzz harnesses, and run fuzzing campaigns using the libFuzzer backend. Covers installation, harness writing, structure-aware fuzzing with the arbitrary crate, sanitizer integration including AddressSanitizer, coverage analysis, seed corpus management, and troubleshooting common issues. Useful when a developer needs to fuzz Rust code, find memory bugs, test parsers, or im

> claude-in-chrome-troubleshooting

Diagnose and fix Claude in Chrome MCP extension connectivity issues. Use when mcp__claude-in-chrome__* tools fail, return "Browser extension is not connected", or behave erratically.

> clawhub

Use the ClawHub CLI to search, install, update, and publish agent skills from clawhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawhub CLI.

> code-maturity-assessor

Systematic code maturity assessment using Trail of Bits' 9-category framework. Analyzes codebase for arithmetic safety, auditing practices, access controls, complexity, decentralization, documentation, MEV risks, low-level code, and testing. Produces professional scorecard with evidence-based ratings and actionable recommendations.

> codeql

Guides the agent through CodeQL static analysis, including creating databases, writing custom QL queries, running interprocedural data flow and control flow analysis, detecting security vulnerabilities, setting up GitHub Actions code scanning, and managing query packs. Covers C, C++, Go, Java, Kotlin, JavaScript, TypeScript, Python, Ruby, Swift, and SARIF output processing.

> coding-agent

Run Codex CLI, Claude Code, OpenCode, or Pi Coding Agent via background process for programmatic control. Use when the agent needs to spawn, monitor, or orchestrate coding agents in a terminal session, delegate programming tasks to a sub-agent, review pull requests with an external CLI tool, or run parallel background coding workflows across git worktrees.

> constant-time-analysis

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets, secret-dependent branches, or constant-time programming questions in C, C++, Go, Rust, Swift, Java, Kotlin, C#, PHP, JavaScript, TypeScript, Python, or Ruby.

> constant-time-testing

Guides developers through detecting and preventing side-channel attacks, timing leaks, and constant-time violations in cryptographic implementations. Covers techniques for identifying timing side channels in crypto code, including cache-timing attacks, secret-dependent branching, and microarchitectural leakage. Applies formal verification, statistical analysis (dudect), and dynamic tracing (timecop) to audit crypto primitives for timing vulnerabilities and ensure constant-time execution.

> cosmos-vulnerability-scanner

Scans Cosmos SDK blockchains for 9 consensus-critical vulnerabilities including non-determinism, incorrect signers, ABCI panics, and rounding errors. Use when auditing Cosmos chains or CosmWasm contracts.

> coverage-analysis

The agent uses coverage analysis to measure which code paths, branches, and functions are exercised during fuzzing campaigns. It generates LLVM and GCC coverage reports, identifies uncovered code blocks, detects magic value checks that block fuzzer progress, and tracks coverage trends over time. The agent applies this technique when assessing harness effectiveness, diagnosing coverage plateaus, comparing differential coverage between campaigns, or integrating coverage instrumentation into CMake

> crow

Agent payment service via CrowPay — gives your agent a wallet to pay for APIs and services. Use this skill whenever the agent needs to handle HTTP 402 Payment Required responses, pay for an API, buy credits or subscriptions, pay a merchant with a credit card, set up an agent wallet, or manage spending rules. Also use when the user mentions CrowPay, Crow, agent payments, USDC, x402, or buying anything on the internet for the agent — even if they don't say "Crow" by name.

> differential-review

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage, and generates comprehensive markdown reports. Automatically detects and prevents security regressions.

> discord

Use when you need to control Discord from Otto via the discord tool: send messages, react, post or upload stickers, upload emojis, run polls, manage threads/pins/search, create/edit/delete channels and categories, fetch permissions or member/role/channel info, set bot presence/activity, or handle moderation actions in Discord DMs or channels.

> dwarf-expert

Provides expertise for analyzing DWARF debug files and understanding the DWARF debug format/standard (v3-v5). Triggers when understanding DWARF information, interacting with DWARF files, answering DWARF-related questions, or working with code that parses DWARF data.

> eightctl

Control Eight Sleep pods (status, temperature, alarms, schedules). Use when the user asks to check bed temperature, adjust sleep settings, turn the pod on or off, set a sleep schedule, manage alarms, or control Eight Sleep audio and base features.

> entry-point-analyzer

Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by access level (public, admin, role-restricted, contract-only), and generates structured audit reports. Excludes view/pure/read-only functions. Use when auditing smart contracts (Solidity, Vyper, Solana/Rust, Move, TON, CosmWasm) or when asked to find entry points, audit flows, external functions, access control patterns, or p

> firebase-apk-scanner

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use when analyzing APK files for Firebase vulnerabilities, performing mobile app security audits, or testing Firebase endpoint security. For authorized security research only.

> fix-review

Verifies that git commits address security audit findings without introducing bugs. This skill should be used when the user asks to "verify these commits fix the audit findings", "check if TOB-XXX was addressed", "review the fix branch", "validate remediation commits", "did these changes address the security report", "post-audit remediation review", "compare fix commits to audit report", or when reviewing commits against security audit reports.

> food-order

Reorder Foodora orders + track ETA/status with ordercli. Never confirm without explicit user approval. Triggers: order food, reorder, track ETA.

> fuzzing-dictionary

The agent creates and manages fuzzing dictionaries containing domain-specific tokens, magic bytes, protocol keywords, and format-specific strings to guide mutation-based fuzzers past early validation checks. It generates dictionary entries from header files, binary strings, man pages, and LLM prompts, and passes them to libFuzzer via -dict=, AFL++ via -x, or cargo-fuzz. The agent applies this technique when fuzzing parsers (JSON, XML, config files), protocol handlers (HTTP, DNS), file format pro

> fuzzing-obstacles

The agent patches the system under test (SUT) to overcome common fuzzing obstacles using conditional compilation. It bypasses checksum and hash verification, replaces non-deterministic PRNG seeding with fixed seeds, skips complex multi-stage validation, and provides safe default values to prevent false positives. The agent uses FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in C/C++ and cfg!(fuzzing) in Rust to ensure patches apply only during fuzzing builds. It applies this technique when coverage re

> gemini

Gemini CLI for one-shot Q&A, summaries, and generation. Use when the user asks to query Gemini, generate text with Google AI, summarize content using Gemini, run a one-shot prompt, get a Gemini response, or produce JSON output via the Gemini CLI. Supports model selection, output formatting, and extension management.

> gifgrep

Search GIF providers with CLI/TUI, download results, and extract stills/sheets. Use when the user wants to find a GIF, search for animated images, browse GIFs by keyword, download a GIF from Tenor or Giphy, extract a still frame from a GIF, create a contact sheet of GIF frames, or preview GIFs in the terminal.

> github

Interact with GitHub using the `gh` CLI to manage repositories, issues, pull requests, CI/CD workflow runs, and API queries. Use when the user asks to create, list, view, merge, or close pull requests and issues; check CI status or workflow run logs; query the GitHub API for repository data; or perform any GitHub operation from the command line. Covers `gh issue`, `gh pr`, `gh run`, `gh repo`, and `gh api` subcommands.

> gog

Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs. Use when the user asks to send an email, check inbox, search Gmail, create or list calendar events, search Google Drive files, look up contacts, read or update spreadsheets, or export Google Docs. Handles OAuth-authenticated access to Google services via the gog command-line tool.

> goplaces

Query Google Places API (New) via the goplaces CLI for text search, place details, resolve, and reviews. Use for human-friendly place lookup or JSON output for scripts.

> guidelines-advisor

Smart contract development advisor based on Trail of Bits' best practices. Analyzes codebase to generate documentation/specifications, review architecture, check upgradeability patterns, assess implementation quality, identify pitfalls, review dependencies, and evaluate testing. Provides actionable recommendations.

> harness-writing

The agent writes and improves fuzzing harnesses — the entrypoint functions that receive random data from fuzzers and route it to the system under test (SUT). It implements LLVMFuzzerTestOneInput for C/C++ with libFuzzer and AFL++ persistent mode, fuzz_target! macros for Rust with cargo-fuzz and the arbitrary crate, and go-fuzz Fuzz functions for Go. The agent structures inputs using FuzzedDataProvider, applies interleaved fuzzing patterns for multi-operation targets, handles input size validatio

> healthcheck

Host security hardening and risk-tolerance configuration for Otto deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, Otto cron scheduling for periodic checks, or version status checks on a machine running Otto (laptop, workstation, Pi, VPS).

> himalaya

CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language). Use when the user wants to check email, read mail, send email, compose a message, search inbox, reply to a message, forward mail, manage folders, download attachments, or organize messages from the command line.

> imsg

iMessage/SMS CLI for listing chats, fetching history, watching conversations, and sending messages on macOS via the Messages app. Use when the user wants to send a text message, read iMessages, check recent texts, reply to a conversation, send an SMS, or interact with the Messages app from the terminal. Supports texting contacts by phone number or email, attaching files, and streaming incoming messages in real time.

> insecure-defaults

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

> interpreting-culture-index

Use when interpreting Culture Index surveys, CI profiles, behavioral assessments, or personality data. Supports individual interpretation, team composition (gas/brake/glue), burnout detection, profile comparison, hiring profiles, manager coaching, interview transcript analysis for trait prediction, candidate debrief, onboarding planning, and conflict mediation. Handles PDF vision or JSON input.

> libafl

The agent uses LibAFL, a modular Rust fuzzing library, to build custom fuzzers with fine-grained control over observers, feedback mechanisms, mutators, schedulers, and executors. It supports drop-in libFuzzer replacement mode via libFuzzer.a, fully custom fuzzer construction with InProcessExecutor and coverage-guided feedback, multi-core fuzzing with Launcher, crash deduplication via BacktraceObserver, and dictionary-based token mutations. The agent applies LibAFL when standard fuzzers like libF

> libfuzzer

Coverage-guided fuzzer built into LLVM for C/C++ projects. Use for fuzzing C/C++ code that can be compiled with Clang.

> local-places

Searches for local businesses and points of interest via a Google Places API proxy running on localhost. Resolves vague locations, applies filters for type, rating, and price, and returns structured place details. Use when the user asks to find restaurants, nearby places, coffee shops, business search, local recommendations, or anything involving place discovery by location.

> mcporter

Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation. Use when the user needs to interact with MCP servers, call remote tools, manage server authentication or OAuth flows, inspect available MCP tools and their schemas, generate CLI wrappers or TypeScript types from MCP servers, or manage the mcporter daemon and configuration.

> model-usage

Use CodexBar CLI local cost usage to summarize per-model usage for Codex or Claude, including the current (most recent) model or a full model breakdown. Trigger when asked for model-level usage/cost data from codexbar, or when you need a scriptable per-model summary from codexbar cost JSON.

> modern-python

Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.

> nano-banana-pro

Generate or edit images via Gemini 3 Pro Image (Nano Banana Pro). Use when the user asks to create an image, generate a picture, produce AI-generated artwork, edit a photo, compose multiple images, or upscale an image to higher resolution. Supports text-to-image generation, single-image editing, and multi-image composition using the Gemini API.

> nano-pdf

Edits PDF files using natural-language instructions via the nano-pdf CLI. Supports modifying text, changing titles, fixing typos, and updating content on specific pages. Use when the user wants to edit a PDF, modify PDF content, update PDF text, fix a typo in a PDF, change a PDF title, or rewrite part of a PDF page.

> nightmarket

Discover and call paid third-party API services through the Nightmarket marketplace. Use this skill whenever the user needs a third-party API, wants to find available API services, or when you encounter a 402 Payment Required response from a nightmarket.ai URL. Also use when the user mentions Nightmarket, browsing APIs for their agent, or paying for API calls with USDC. Even if the user doesn't mention Nightmarket by name, use this skill if they need external data, analytics, automation, or any

> notion

Notion API for creating and managing pages, databases, and blocks. Use when the user wants to create a Notion page, query a Notion database, update Notion properties, search Notion, add content to Notion, manage Notion blocks, or interact with Notion data sources and workspaces via the API.

> obsidian

Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli. Use when the user asks about notes, vault management, PKM, knowledge base organization, wikilinks, or personal knowledge management in Obsidian.

> openai-image-gen

Batch-generate images via the OpenAI Images API using DALL-E 2, DALL-E 3, or GPT image models. Produces random-but-structured prompts, renders them, and outputs a browsable `index.html` gallery. Use when the user asks to generate AI images, create pictures with DALL-E, batch-produce image assets, render AI art, or build an image gallery from text prompts.

> openai-whisper

Local speech-to-text with the Whisper CLI (no API key). Use when the user needs to transcribe audio, convert speech to text, generate subtitles, translate spoken language, or produce SRT/VTT captions from mp3, m4a, or wav files using the local Whisper model.

> openai-whisper-api

Transcribe audio via OpenAI Audio Transcriptions API (Whisper). Use when the user wants to transcribe, convert speech to text, extract words from audio or voice recordings, generate a transcript from an audio file, or perform speech recognition on m4a, ogg, or wav files using the Whisper model.

> openhue

Controls Philips Hue smart lights, rooms, and scenes via the OpenHue CLI and a Hue Bridge. Use when the user asks to turn lights on or off, change brightness or color, activate a scene, list rooms, discover bridges, or manage smart lighting. Handles setup, querying light state, and adjusting individual or grouped lights by name or ID.

> oracle

Best practices for using the oracle CLI (prompt + file bundling, engines, sessions, and file attachment patterns). Use when the developer needs to send a one-shot prompt with file context to another model, bundle repository files for external LLM review, run oracle browser or API queries, manage oracle sessions, attach or exclude files with glob patterns, or preview token costs with dry-run mode.

> ordercli

Foodora-only CLI for checking past orders and active order status (Deliveroo WIP). Use when the user asks to check food delivery orders, track a Foodora delivery, view order history, reorder a meal, look up past food orders, check delivery status, or manage Foodora sessions and authentication.

> ossfuzz

The agent uses OSS-Fuzz, Google's free distributed continuous fuzzing platform, to build, run, and manage fuzzing infrastructure for open-source projects. It configures project enrollment files (project.yaml, Dockerfile, build.sh), builds fuzzers locally with helper.py, runs harnesses with AddressSanitizer and other sanitizers, generates coverage reports, and troubleshoots build failures. The agent applies this technique when setting up continuous fuzzing for C/C++, Rust, Python (Atheris), or Go

> peekaboo

Capture and automate macOS UI with the Peekaboo CLI. Provides screenshot capture, screen recording, click automation, keyboard input, window management, menu interaction, and accessibility-driven element targeting on macOS. Use when the user asks to take a screenshot, capture the screen, click a UI element, automate mouse or keyboard input, manage application windows, interact with menus or the Dock, scroll, drag, swipe, type text into fields, or inspect on-screen elements.

> property-based-testing

Provides guidance for property-based testing across multiple languages and smart contracts. Use when writing tests, reviewing code with serialization/validation/parsing patterns, designing features, or when property-based testing would provide stronger coverage than example-based tests.

> ruzzy

Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.

> sag

ElevenLabs text-to-speech with mac-style say UX. Use when the user asks to convert text to speech, generate voice audio, speak text aloud, read aloud, produce TTS output, create a voice generation, or synthesize spoken audio using ElevenLabs.

> sarif-parsing

Parse, analyze, and process SARIF (Static Analysis Results Interchange Format) files. Use when reading security scan results, aggregating findings from multiple tools, deduplicating alerts, extracting specific vulnerabilities, or integrating SARIF data into CI/CD pipelines.

> secure-workflow-guide

Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.

> semgrep

Semgrep is a fast, lightweight static analysis tool for finding bugs, security vulnerabilities, and enforcing code standards across a codebase. The agent should use this skill when asked to run static analysis, scan code for security issues, detect code patterns or anti-patterns, write or test custom Semgrep rules, set up SAST in CI/CD pipelines, triage scan findings, suppress false positives, or perform a rapid security audit without building the project.

> semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

> semgrep-rule-variant-creator

Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target languages. Takes an existing rule and target languages as input, produces independent rule+test directories for each language.

> session-logs

Search and analyze session logs (older/parent conversations) stored as JSONL files using jq and rg. Use when the user asks about prior chats, previous conversations, conversation history, what was said before, session costs, token usage, or tool usage breakdown across past sessions.

> sharp-edges

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.

> sherpa-onnx-tts

Local text-to-speech via sherpa-onnx (offline, no cloud). Converts text to speech audio using the sherpa-onnx runtime and Piper VITS voices with no cloud dependency. Use when the user asks to generate speech, read text aloud, produce a voice audio file, perform TTS, speech synthesis, or convert text to WAV output locally.

> skill-creator

Creates, updates, and packages AgentSkills with proper SKILL.md frontmatter, bundled scripts, references, and assets. Provides guidance on skill naming, progressive disclosure, and context-efficient design. Use when building a new skill from scratch, restructuring an existing skill, writing or improving SKILL.md files, organizing skill resources into scripts/references/assets folders, packaging skills for distribution, or iterating on skill quality after testing.

> slack

Use when the agent needs to send, edit, delete, or read Slack messages, add or list emoji reactions, pin or unpin messages, fetch member info, or list custom emoji in Slack channels and DMs. Handles all Slack workspace interactions including message management, reaction workflows, pinned-item management, and user lookups via the configured bot token.

> solana-vulnerability-scanner

Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing. Use when auditing Solana/Anchor programs.

> songsee

Generate spectrograms and feature-panel visualizations from audio with the songsee CLI. Use when the user wants to visualize an audio file, create a spectrogram image, render mel or chroma panels, analyze frequency content, or produce a multi-panel audio feature grid from MP3 or WAV files.

> sonoscli

Control Sonos speakers (discover/status/play/volume/group). Use when the user wants to play music, pause playback, adjust volume, check speaker status, discover Sonos devices, group or ungroup speakers, manage favorites, browse the queue, or search Spotify on Sonos.

> spec-to-code-compliance

Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitepapers, finding gaps between specs and implementation, or performing compliance checks for protocol implementations.

> spotify-player

Terminal Spotify playback/search via spogo (preferred) or spotify_player. Use when the user asks to play music, search for a song, skip a track, pause playback, check what is currently playing, control Spotify, list audio devices, or manage a Spotify queue from the terminal.

> static-analysis

Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection. Use when running static analysis scans, writing custom detection rules, or processing analysis results.

> substrate-vulnerability-scanner

Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets.

> summarize

Summarizes, condenses, or extracts text, transcripts, and key points from URLs, articles, web pages, PDFs, podcasts, YouTube videos, and local files. Acts as a fallback transcription tool when the user asks to transcribe, digest, recap, or get the gist of a link, video, or document.

> testing-handbook-generator

Meta-skill that analyzes the Trail of Bits Testing Handbook (appsec.guide) and generates Claude Code skills for security testing tools and techniques. Use when creating new skills based on handbook content.

> testing-handbook-skills

Application security testing toolkit from the Trail of Bits Testing Handbook. Helps the agent set up fuzzing campaigns, write fuzz harnesses, run coverage-guided fuzzers (libFuzzer, AFL++, cargo-fuzz, Atheris, Ruzzy), and triage crashes. Covers memory-safety sanitizers (AddressSanitizer, UBSan, MSan), static analysis with Semgrep and CodeQL, cryptographic validation using Wycheproof test vectors, and constant-time verification. Use when testing C, C++, Rust, Python, or Ruby code for vulnerabilit

> things-mac

Manage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database). Use when a user asks Otto to add a task to Things, list inbox/today/upcoming, search tasks, or inspect projects/areas/tags.

> tmux

Remote-control tmux sessions for interactive CLIs by sending keystrokes, capturing pane output, and managing terminal multiplexer windows. Enables parallel coding-agent orchestration, background process management, and REPL interaction via sockets. Use when the agent needs to launch, monitor, or coordinate long-running terminal processes, run multiple agents in parallel, interact with a Python REPL, or scrape live shell output from a persistent session.

> token-integration-analyzer

Token integration and implementation analyzer based on Trail of Bits' token integration checklist. Analyzes token implementations for ERC20/ERC721 conformity, checks for 20+ weird token patterns, assesses contract composition and owner privileges, performs on-chain scarcity analysis, and evaluates how protocols handle non-standard tokens. Context-aware for both token implementations and token integrations.

> ton-vulnerability-scanner

Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks. Use when auditing FunC contracts.

> trello

Manages Trello boards, lists, and cards via the Trello REST API. Use when the user wants to create cards, move tasks between lists, list boards, add comments, archive cards, or check what is on a Trello board. Handles authentication, pagination, and rate-limit awareness for all Trello REST endpoints.

> variant-analysis

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.

> video-frames

Extract frames or short clips from videos using ffmpeg. Use when the user asks to grab a frame, capture a screenshot from a video, extract a thumbnail, pull a still image from footage, or snapshot a specific timestamp in a video file.

> voice-call

Initiates, manages, and inspects voice calls through the Otto voice-call plugin using Twilio, Telnyx, Plivo, or mock providers. Supports starting outbound calls, continuing conversations, speaking messages, ending calls, and checking call status. Use when the user wants to make a phone call, dial a number, place a voice call, check call status, send a voice message, or speak to someone over the phone.

> wacli

Send WhatsApp messages to other people or search/sync WhatsApp history via the wacli CLI (not for normal user chats). Use when the user asks to send a WhatsApp message, text someone on WhatsApp, search WhatsApp chat history, sync WhatsApp conversations, backfill message history, or forward a file via WhatsApp to a third party.

> weather

Get current weather and forecasts (no API key required). Use when the user asks about the weather, temperature, forecast, wind, humidity, or climate conditions for a city or location. Fetches real-time weather data from free services using curl.

> wycheproof

Guides agents in using Wycheproof test vectors to validate cryptographic implementations against known attacks, edge cases, and vulnerability patterns. Covers integrating test vectors for AES-GCM, ECDSA, ECDH, EdDSA, RSA, and ChaCha20-Poly1305 into testing workflows. Helps when writing crypto tests, checking for signature malleability, invalid curve attacks, padding oracle issues, DER encoding bugs, or setting up CI for cryptographic libraries. Applies to verifying encryption, decryption, signin

> yara-rule-authoring

Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules. Covers naming conventions, string selection, performance optimization, migration from legacy YARA, and false positive reduction. Triggers on: YARA, YARA-X, malware detection, threat hunting, IOC, signature, crx module, dex module.