自動化 Obsidian 筆記庫與 KM 核心知識庫 (OneDrive) 的同步與結構化管理。
OWASP Top 10 vulnerability scanning and remediation
Revisa código contra as 10 falhas mais comuns antes de merge
Authorized exploitation, proof-of-concept chain, kill-chain mapping.
PHP development — OOP patterns, Laravel basics, WordPress plugin development, REST API endpoints, wpdb queries, security (sanitization, nonces)
Execute use when you need to work with backup and recovery. — from jeremylongshore/claude-code-plugins-plus-skills
Comprehensive Python programming reference covering syntax, concurrency, networking, databases, ML/LLM development, and HPC.
Design Doc compliance and security validation with optional auto-fixes — from shinpr/claude-code-workflows
Design Doc compliance and security validation with optional auto-fixes — from shinpr/claude-code-workflows
Supply chain and dependency security analysis across all package ecosystems
NoSQL Injection detection for MongoDB, Redis, CouchDB, and Elasticsearch
Codebase discovery and architecture mapping for security analysis
False positive elimination and confidence scoring for all security findings
Execute use when you need to work with security and compliance.
Process use when you need to work with security and compliance.
Security architecture and implementation patterns. Use when designing
Sempre considera vetores OWASP top-10 ao escrever/revisar código
Infrastructure security, headers, encryption, and compliance.
OWASP Top 10, authentication, and secure coding practices
Static Application Security Testing (SAST) for code vulnerability
Especialista em segurança OWASP, LGPD e threat modeling para sistemas modernos.
Perform a comprehensive security review of the current codebase
Security review of changes introduced on a branch compared to a base
Security review of staged changes only (git diff --cached)
Stock quotes, history, search, compare, crypto via Yahoo.
TeyvatGuide 项目 SKILL。处理 Vue+Tauri+TypeScript 项目开发,包括组件开发、API 集成、SQLite 操作或代码规范。
Security auditing and hardening for OpenClaw and system infrastructure.
MCPツールとAPI統合のセキュリティ設計を体系化するスキル。 脅威整理、制御設計、設定検証を通じて安全なツール運用を支援する。
Configure Twilio credentials and phone numbers for voice calls
Act on behalf of your user in any third-party software that supports OAuth 2.0
Paste a vendor's domain. Get a security risk assessment in 60 seconds.
Audit and harden VPS security — fail2ban, SSH hardening, firewall setup
AI 驅動的本地網絡掃描器與安全分析工具 (Local Network Scanner and AI Security Analyzer)
Disconnect Wire memory and remove stored credentials
Web application security scanner with proxy and active/passive scanning
Variable name improvement, function extraction, magic number constants, dead code removal, and code review. For refactoring and PR review — does not change behavior.
Compress, extract, list, and encrypt ZIP archives in batch. Use when archiving files, extracting packages, listing contents, encrypting backups, or batching.
Use when you need to run security checks for MCP and agent workflows before merging changes in shared repositories.
Kuroco API設計・実装およびコンテンツ管理(CRUD操作)のベストプラクティス。使用キーワード:「Kuroco…
CTF 综合解题编排器。当面对未知类型的 CTF 挑战、需要自动分析挑战类型并选择正确解题路径时使用。自动调度对应的专项 skill(pwn/crypto/web/reverse/forensics/osint/malware/misc),适合给定挑战文件或服务端点但不确定属于哪个类别的场景
Audit a JavaScript / TypeScript project (npm, pnpm, or yarn) for outdated versions, vulnerabilities, unused or missing declarations, lockfile drift, and duplicates.
Audit a Swift / Xcode project (Swift Package Manager and/or CocoaPods) for outdated versions, vulnerabilities, unused or missing declarations, and duplicates.
Action findings from dependency-audit-npm. Detects npm / pnpm / yarn (classic or berry), respects Corepack, uses overrides / resolutions for transitive vulns. Local commits only.
外部IdP連携(Federation/SSO)機能の開発・設定を行う際に使用。Google、Azure AD、カスタムOIDCプロバイダー連携、userinfo_mapping_rules設定、oauth-extension実装時に役立つ。
Python向け統合コードレビュー。Quality/Security/Performance/Architecture/Anti-Fallback + CodeRabbitパターンを全検出
Execute this skill enables AI assistant to manage and monitor ssl/tls
移动安全漏洞挖掘知识库,基于HackerOne公开报告提供Android和iOS应用的漏洞挖掘手法、技术细节和代码模式分析;用于安全研究人员和漏洞挖掘者学习参考、代码审计和漏洞检测指导。
Use this skill whenever the user wants to do anything with PDF files. This includes reading or extracting text/tables from PDFs, combining or merging multiple PDFs into o — from…
Execute this skill enables AI assistant to conduct a security-focused
红队评估全流程方法论。当开始一个完整的渗透测试项目/红队评估、需要从侦察到报告的完整流程编排时使用。适用于外网打点、安全评估项目、定期渗透测试。本技能负责任务调度——具体漏洞利用调用专项 skills,不要在本技能内做深度漏洞测试
Go プロジェクトの脆弱性スキャンを実行する。「脆弱性スキャン」「govulncheck」「セキュリティチェック」「脆弱性確認」「vuln」「CVE チェック」「セキュリティスキャン」などで起動。govulncheck を使用して既知の脆弱性を検出。
Execute this skill enables comprehensive vulnerability scanning using
Execute this skill enables AI assistant to automatically scan for xss
STRIDE脅威モデリングに基づくthreat-model.mdを生成。保護対象資産・信頼境界・脅威・緩和策を定義し、セキュリティ要件を導出する。
AI実行環境のシークレット境界設定。settings.json permissions.denyルールを生成し、シークレットへの事故的アクセスを防止する。
機密情報検出スキル。APIキー、パスワード、トークン等の機密情報をコードから検出。git-secrets/truffleHog/gitleaks等のツールを統合。漏洩防止と早期発見に使用。
服务器安全审计与加固。扫描 SSH、防火墙、端口暴露、文件权限、暴力破解等安全问题,生成报告并提供一键修复。当用户说服务器安全、安全审计、安全检查、安全加固时使用
Special Tribunal for Lebanon (STL / TSL — Tribunal Spécial pour le Liban) research, drafting, and analysis.
脆弱性スキャンスキル。CVE/依存関係脆弱性を検出し、npm audit/pip-audit/trivy等の結果を解析。セキュリティリスクの優先順位付けと修正提案を提供。
Decrypt MCP tokens for remote sessions