Expert CIS Controls v8 (CIS Top 18) advisor — implementation group scoping (IG1/IG2/IG3), control gap assessments, safeguard-level guidance, asset inventory, software inventory,…
CIS Controls v8 expert for baseline security. Deep knowledge of 18 controls, 153 safeguards, Implementation Groups (IG1/IG2/IG3), and practical implementation guidance for…
Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIPAA/GDPR), security architecture strategy, incident response…
Expert CISO coaching and mentorship for security leaders in training. Use when the user asks for CISO coach guidance, executive communication advice, security leadership…
Comprehensive Citrix domain knowledge covering CVAD, DaaS, Gateway, NetScaler, and Workspace products.
Production readiness checklist for Claude-powered applications — Use when working with prod-checklist patterns. error handling, monitoring, fallbacks, cost controls, and security.
Secure your Anthropic integration — API key management, input validation, Use when working with security-basics patterns. prompt injection defense, and data privacy.
Extract and structure claims from discourse into analyzable argument maps with logical relationships and assumptions.
Claims-based authorization for agents and operations. Grant, revoke, and verify permissions for secure multi-agent coordination.
Secure Clari API tokens and implement data handling best practices. Use when managing API tokens, restricting data access, or implementing PII handling for exported forecast data.
Executes the /clarify phase using AskUserQuestion tool to resolve ambiguities through structured questions (≤3), prioritization, and answer integration.
Develops data classification policies with tiered handling (public, internal, confidential, restricted), labeling requirements, enforcement mechanisms, and procedures per tier.
Use when a board-superpowers SKILL is about to perform a mutating action — changing card status, editing card body, pushing a claim branch, opening or merging a PR, writing…
Build autonomous AI agents with Claude Agent SDK. Structured outputs (v0.1.45, Nov 2025) guarantee JSON schema validation, plugins system, hooks for event-driven workflows.
Use when building Android apps with Kotlin, Jetpack Compose, MVVM, Hilt, Room 3 (KSP, SQLiteDriver, Flow/suspend DAOs), and multi-module architecture.
Администрирование Claude Code: OpenTelemetry мониторинг, безопасность, IAM (аутентификация, разрешения, managed settings), управление затратами, аналитика.
Answers questions about Claude Code features, configuration, and usage from local documentation synced from code.claude.com.
Use when reviewing code for security vulnerabilities, implementing authentication/authorization, handling user input, or discussing web application security.
Consult official Claude Code documentation from code.claude.com using selective fetching. Use when working on hooks, skills, subagents, plugins, agent teams, MCP servers,…
Build production-grade, security-first network security applications (e.g., security modules like MCP/NCM/NPM/IPAM/STIG Manager/Syslog/IDS/IPS/SIEM/SOAR/), using Dockerized…
CLAUDE Framework coding standards for code quality, naming conventions, error handling, security, testing, database, and logging
Optimize oversized CLAUDE.md files using progressive disclosure. Analyzes content tiers, detects encryption constraints, creates sub-documents, and rewrites the main file with a…
Discover, message, and coordinate AI coding agents (Claude Code, Codex CLI) running on the same machine via a shared Unix socket broker backed by SQLite.
Claude Code'u tam bir dev ekibine dönüştüren 6 plugin yönetimi - Planning, Design, Code Review, Security, Memory, Team Coordination.
Access Claude Code session logs (JSONL transcripts and SQLite FTS index) for cross-session context, handoff, and memory retrieval.
Professional skill creation with research-driven workflow and automated validation. USE WHEN: Creating new skills, validating existing skills, deciding between Skills vs…
暗号化と鍵ライフサイクル管理スキル。暗号化アルゴリズム選定、 鍵生成、保管、ローテーション、廃棄の全フェーズを網羅します。 保存時・転送時・使用時の暗号化戦略を提供します。 📖 参照書籍: - 『The Pragmatic Programmer』(Andrew Hunt, David Thomas): 実践的改善 📚 リソース参照: -…
Trail of Bits security skills analysis for Solidity contracts. Use for deep smart contract security review with invariant suggestions.
Review code changes with criteria-driven analysis (Security, Architecture, Standards, Performance). Use when reviewing PRs or code changes.
Lets two OpenClaw agents negotiate, coordinate, and commit to tasks in real time — peer-to-peer task negotiation, commitment tracking, and deadline reminders.
Gmail security proxy with policy enforcement, approval workflows, and audit logging. Use when the user wants to read, search, or send Gmail with guardrails — send actions may…
Security audit and hardening for Clawdbot/Moltbot installations. Detects exposed gateways, fixes permissions, enables authentication, and guides firewall/Tailscale setup.
Security scanner and input sanitizer for AI agents. Detects prompt injection, command injection, SSRF, credential exfiltration, and path traversal attacks.
Encrypted Clawdbot-to-Clawdbot messaging. Send messages to friends' Clawdbots with end-to-end encryption.
Use when the user asks about clawker setup, configuration, troubleshooting, or onboarding. Acts as a clawker internals expert — understands how config maps to generated…
Security advisory feed package for OpenClaw-related threats and vulnerabilities. The upstream feed is updated daily; local automation is handled by clawsec-suite or the operator.
Use when checking for security vulnerabilities in NanoClaw skills, before installing new skills, or when asked about security advisories affecting the bot
Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis…
ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup for additional…
Pure local 2026 ClawHub/OpenClaw skill scanner. Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. 100% read-only analysis.
Trustless USDC escrow for autonomous agent commerce on Base L2. Recursive hire chains with cascading settlement, dispute cascade, session keys, CCTP cross-chain, encrypted…
OpenClaw security audit + prompt injection detector. Scans gateway/vulns/cron/PI patterns. Use for frenzy-proofing installs. — from dvcrn/openclaw-skills-marketplace
The decentralized social network for AI agents. Post to subclaw communities, reply to other agents, send and receive zaps with Cashu, and build the AI economy on Nostr.
Community incident reporting for AI agents. Contribute to collective security by reporting threats.
Apply Clay security best practices for API keys, webhook secrets, and data access control. Use when securing Clay integrations, rotating API keys, auditing access, or implementing…
Sweeps a fleet repo (or every fleet repo) for redundant CI surface. Three classes: orphan workflow YAML files (lint.yml / check.yml / type.yml / test.yml that the unified ci.yml…
Progressive audit and cleanup of GitHub accounts - stale forks, orphaned secrets, failing workflows, security configs. Audit-first with user approval before destructive actions.
Deep codebase cleanup — kills dead code, fixes all lint/format warnings, removes orphaned files, cleans stale TODOs, strips security hazards, tightens TypeScript strict mode, and…
Guidelines for implementing Clerk authentication in Next.js applications with middleware, hooks, and security best practices
Manage incident response for Clerk authentication issues. Use when handling auth outages, security incidents, or production authentication problems.
Implement security best practices with Clerk authentication. Use when securing your application, reviewing auth implementation, or hardening Clerk configuration.
Run 150+ AI apps via inference.sh CLI (infsh) — image generation, video creation, LLMs, search, 3D, social automation. Uses the terminal tool.
Transform predictable story elements into fresh, original versions. Use when something feels generic, when feedback says "I've seen this before," when elements orbit the…
Test and validate ClickHouse Cloud connection using clickhouse-connect for gapless-crypto-clickhouse.
Store ClickHouse Cloud credentials in Doppler + 1Password for gapless-crypto-clickhouse. Use when setting up new services, rotating credentials, or backing up authentication…
ClickHouse Cloud user and permission management. TRIGGERS - create ClickHouse user, ClickHouse permissions, ClickHouse Cloud credentials.
Fetch ClickHouse Cloud service details from API (organization ID, service endpoints, configuration). Use when setting up new ClickHouse Cloud services, discovering endpoints, or…
Handle data lifecycle in ClickHouse — TTL expiration, data deletion (GDPR), column-level encryption, and audit logging with real ClickHouse SQL.
Configure ClickHouse enterprise RBAC — SQL-based users, roles, row policies, column-level grants, and quota management.
Install @clickhouse/client and configure authentication to ClickHouse Cloud or self-hosted. Use when setting up a new ClickHouse project, configuring connection strings, or…