Plausibilisiert die in `annahmen-sammeln-fortfuehrung` gesammelten Annahmen. Pruefraster Konsistenz mit Vergangenheit (BWA SuSa Jahresabschluss) Marktentwicklung (Branche…
Use when targeting Annual Computer Security Applications Conference (ACSAC) or deciding whether a computer-science manuscript fits this venue.
Annual security report aggregation and analysis. USE WHEN annual reports, security reports, threat reports, industry reports, update reports, analyze reports, vendor reports,…
Formátování nálezu (z bug-hunter / dead-code-hunter / perf-hunter / security-auditor / ručního pozorování) do bloku v /docs/anomalies.md + draft Jira issue body.
Apply Anthropic Claude API security best practices for key management, input validation, and prompt injection defense.
Prueft Zugriffsschutz, Technological Protection Measures, Umgehung, Tools, Exemptions und Security-Research-Risiken im Us Copyright Registrierung Verlag.
Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text.
Coleta e consulta dados de leiloeiros oficiais de todas as 27 Juntas Comerciais do Brasil. Scraper multi-UF, banco SQLite, API FastAPI e exportacao CSV/JSON.
Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting. — from security/red-team
Orchestrate multiple Antigravity skills through guided workflows for SaaS MVP delivery, security audits, AI agent builds, and browser QA.
Grundsteuer-Gegenbeweis mit gemeinem Wert vorbereiten: Kaufpreis, Verkehrswertgutachten, Maklerbewertung, Gutachterausschuss, Sonderfaktoren und BFH-AdV-Linie zu deutlich…
创建、审查或验证 Anybox 第三方插件包。Use when the user asks to make a plugin, convert an API/SaaS/local tool into an installable plugin, write plugin.json, add plugin MCP servers, add bundled…
Anyquery is a SQL query engine that lets you run SQL against 40+ apps, files, and databases including GitHub, Notion, Chrome, and Apple Notes.
Classify whether a requested action is safe to proceed, requires explicit approval, or should not be executed.
Fail-closed OpenClaw security toolkit (public-safe). Use to prevent accidental or unexpected data leakage by running local-only checks: default-deny allowlists, lightweight…
Build natural-language crypto/DeFi agents and EVM MCP plugins (Claude Code, Cursor, Codex, Gemini). Aomi turns prompts into wallet-signed txs on Ethereum, Base, Arbitrum,…
AOSP Part VIII — Connectivity. Use when reasoning about Networking (ConnectivityService, Wi-Fi framework, netd, DNS resolver, VPN, tethering, NetworkSecurityConfig, VCN, Thread…
AOSP Part VII — Framework Services. Use when reasoning about PackageManagerService (install/uninstall, APK parsing, permissions, package visibility), ContentProviders…
AOSP Part IX — Security. Use when reasoning about SELinux on Android, Keystore/Keymint, Trusty TEE, gatekeeper/weaver, Android Verified Boot, dm-verity, hardware-backed…
IHK Fachinformatiker AP1 Training-Tracker mit 280 Fragen in SQLite-Datenbank. 50 Subnetting-Fragen, interaktives Training, automatische Statistiken.
Expert guidance for Apache NiFi Registry including flow versioning, buckets, Git integration, security, and registry client configuration.
Post-generation review of completed application documents. Evaluates requirement alignment, framing register, and structural vulnerabilities from a panel-reviewer perspective.
Strategy layer for resilient Apex HTTP callouts: bounded retry with backoff, queueable async retry chains, circuit-breaker via Platform Cache, idempotency keys, dead-letter…
Custom Permissions in Apex: FeatureManagement.checkPermission, $Permission global variable, permission-set gating of feature code, Custom Permission metadata.
Safe construction of dynamic SOQL — Database.query bind variables (:varName, API 60+ semantics), Database.queryWithBinds(query, Map, AccessLevel) (API 55+),…
Use when Apex must sign, verify, encrypt, hash, encode, or decode payloads — including HMAC for webhook signatures, RSA/ECDSA signing for JWT bearer flows, AES for stored secrets,…
Use when writing Apex that calls out to external endpoints via Named Credentials, working with custom header formula tokens ({!$Credential.OAuthToken}), querying per-user auth…
Storing API keys, signing secrets, and third-party tokens that Apex must consume — Protected Custom Metadata in a managed package, Protected Custom Settings, Encrypted Custom…
Use when designing, reviewing, or debugging Apex execution context, sharing keywords, CRUD/FLS enforcement, system-vs-user mode behavior, or secure write patterns.
Use Security.stripInaccessible to enforce CRUD/FLS on user-supplied records before DML, and to scrub query results before returning them to clients.
Use when Apex needs to check what the running user is, can see, or can do — via UserInfo, FeatureManagement, FeatureManagement.checkPermission, or…
Drafts a standalone API Acceptable Use Policy (AUP) for incorporation by reference into a master API license or terms-of-service agreement.
API design conventions, namespace coordinate system, RBAC roles, ClawHub compatibility layer, OpenAPI contract sync rules, and CSRF/session handling.
Secure API authentication with JWT, OAuth 2.0, API keys. Use for authentication systems, third-party integrations, service-to-service communication, or encountering token…
REST API design patterns, OpenAPI specifications, versioning strategies, authentication, error handling, and security best practices.
Automated API security testing starting from domains. Discovers REST, GraphQL, and SOAP APIs, reconstructs schemas, and tests for BOLA/IDOR, BFLA, mass assignment, JWT attacks,…
Generate complete FastAPI backend scaffolds from OpenAPI 3.x specifications. Automatically creates SQLAlchemy models, Pydantic schemas, FastAPI routers, CRUD operations, database…
Securely manages API credentials for multiple providers (Anthropic Claude, Google Gemini, GitHub). Use when skills need to access stored API keys for external service invocations.
Audits and hardens API credential handling (env vars, separation, rotation plan, least privilege, auditability).
RESTful and GraphQL API design expert covering best practices, security, and scalability
Design-first API development skill. Generates OpenAPI 3.1 specifications, enforces REST design best practices, validates endpoints, handles versioning, pagination, error…
API tasarımı, GraphQL schema, OpenAPI spec, versioning. ⚠️ Tasarım aşaması için kullan. Uygulama/security için → backend-api.
Guidelines for building clean, scalable APIs with Go standard library and NestJS TypeScript, covering security, validation, and modular architecture.
Builds production-ready REST API endpoints with validation, error handling, authentication, and documentation. Follows best practices for security and scalability.
Domain specialist for API design, development, and best practices. Scope: RESTful API design, GraphQL, API documentation, authentication, authorization, rate limiting, CORS, error…
Designing HTTP error classification, RFC 7807-style error payload structure, and client-side error parsing for Salesforce REST/SOAP integrations and custom Apex REST endpoints.
Builds flexible API filtering and sorting systems with query parameter parsing, validation, and security.
Builds flexible API filtering and sorting systems with query parameter parsing, validation, and security.
Provide comprehensive techniques for testing REST, SOAP, and GraphQL APIs during bug bounty hunting and penetration testing engagements.
API security hardening patterns. Use when implementing rate limiting, input validation, CORS configuration, API key management, request throttling, or protecting endpoints from…
Designs event-driven architectures, webhook systems, API chaining flows, ETL pipelines, and integration patterns between services.
Interactive HTTPS proxy for API security testing with traffic interception, modification, and replay capabilities.
Use when implementing API authentication, authorization, or security patterns. Covers OAuth 2.0, OIDC, JWT, API keys, rate limiting, and common API security vulnerabilities.
Use when configuring, auditing, or troubleshooting API rate limits, Connected App OAuth scope restriction, Connected App IP restrictions, API session policies, or API usage…
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities — from…
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities — from…
Durcissement de la sécurité des APIs — rate limiting, validation d'entrée, headers de sécurité, CORS, protection contre les attaques courantes.
REST API security hardening with authentication, rate limiting, input validation, security headers. Use for production APIs, security audits, defense-in-depth, or encountering…
Designs and documents authentication, authorization, and security patterns for any API. Use whenever the user asks about OAuth 2.0, JWT, API keys, RBAC, ABAC, rate limiting for…
Comprehensive API security review against OWASP API Security Top 10 (2023). Use when reviewing OpenAPI/Swagger specs, auditing REST/GraphQL/gRPC implementations, testing…