Complete ClickHouse operations guide for DevOps and SRE teams managing production deployments. Provides practical guidance on monitoring essential metrics (query latency,…
Secure ClickHouse with user management, network restrictions, TLS, and audit logging. Use when hardening a ClickHouse deployment, creating restricted users, or configuring…
Clickjacking playbook. Use when testing whether target pages can be framed, whether X-Frame-Options or CSP frame-ancestors are properly configured, and whether UI redress attacks…
Set up ClickUp API v2 authentication with personal tokens or OAuth 2.0. Use when configuring a new ClickUp integration, setting up API access, or initializing OAuth flows for…
Secure ClickUp API tokens, implement least-privilege access, and audit usage. Use when securing API keys, rotating tokens, configuring per-environment credentials, or auditing…
Secure client database for Greek accounting firms. Manages profiles, AFM numbers, compliance history with encryption and GDPR compliance.
Project handover process for lead generation websites. Documentation, training, credentials, maintenance. Use when project complete.
API de Clientes da Tray. Utilize quando o desenvolvedor precisar gerenciar dados de clientes da loja: listagem, consulta, cadastro, atualização e exclusão.
在 Linux VPS 上部署 CLIProxyAPI + NewAPI 组合栈,把 Codex/Claude/Gemini/Qwen 等订阅账号包装成可计费的 OpenAI 兼容 API。负责 NewAPI Docker 部署、容器→宿主桥接、模型计费倍率(ModelRatio/CacheRatio/CompletionRatio)、SQLite…
Expert skill for integrating cloud AI APIs (Claude, GPT-4, Gemini). Covers secure API key management, prompt injection prevention, rate limiting, cost optimization, and protection…
Sécurité cloud incluant IAM, encryption, networking, compliance, secrets management et CSPM. Se déclenche avec "sécurité cloud", "cloud security", "IAM", "encryption at r — from…
Cloud design patterns for distributed systems architecture covering 42 industry-standard patterns across reliability, performance, messaging, security, and deployment categories.
Cloud (Bulut) Pentest Metodolojisi. AWS, GCP ve Azure ortamlarında SSRF üzerinden Metadata Servisi (IMDS) sömürüsü ve ele geçirilen IAM key'leri ile bulut kaynaklarının keşfi.
Expert FinOps guidance covering cloud, AI, and SaaS technology spend. Includes AI cost management, GenAI capacity planning, Anthropic billing, AWS (EC2, Bedrock, Savings Plans,…
Cloud IAM red-team attack chain across AWS, Azure, GCP — focused on EXTERNAL exploitation paths and post-credential-discovery privilege analysis.
雲端基礎設施安全檢查清單與最佳實踐。 Use when: 部署到雲端平台、配置 IAM、設定 CI/CD pipeline、實作 IaC、配置監控或管理 secrets。 Triggers: "cloud security", "IAM policy", "CI/CD security", "Terraform security", "Cloudflare…
Maps cloud infrastructure from domains and identifies pivot paths from external to cloud internals. Detects cloud providers, enumerates S3/GCS/Azure storage, finds subdomain…
Use when assessing cloud infrastructure for security misconfigurations, IAM privilege escalation paths, S3 public exposure, open security group rules, or IaC security gaps.
Implement comprehensive cloud security across AWS, Azure, and GCP with IAM, encryption, network security, compliance, and threat detection.
Sécurité cloud incluant IAM, encryption, networking, compliance, secrets management et CSPM. Se déclenche avec "sécurité cloud", "cloud security", "IAM", "encryption at r — from…
Activate when users need help setting up cloud security monitoring for AWS, Azure, or GCP, including adapter configuration, detection rules, and threat response.
Cloud Security Posture - Auto-activating skill for Security Advanced. Triggers on: cloud security posture, cloud security posture Part of the Security Advanced skill category.
Multi-cloud security assessment and penetration testing capabilities. Execute Prowler/ScoutSuite assessments, analyze IAM policies, identify cloud misconfigurations, test…
Cross-platform cloud storage path resolution — OneDrive, iCloud, Dropbox path discovery and normalization
Cloud System Engineer fuer VPS-Umgebungen. Prueft Infrastruktur, Sicherheit, Docker-Container-Status, DNS, Firewall und Ressourcen.
Official Cloudflare MCP servers that enable AI assistants to manage Workers applications, debug logs, analyze Radar traffic data, configure security settings, and interact with…
Automatically validates Cloudflare Workers security patterns during development, ensuring proper secret management, CORS configuration, and input validation
Cloudflare Workers security with authentication, CORS, rate limiting, input validation. Use for securing APIs, JWT/API keys, or encountering auth failures, CORS errors,…
Defense-in-depth security for AI-assisted development. Pre-commit secret scanning (Gitleaks + native fallback), repo-wide pattern detection, token lifecycle management, and AI…
Pre-production security audit and vulnerability scanning. Run Snyk + Aikido dependency scans, OWASP analysis, and set up automated GitHub security checks with Jules.
Review RFCs for problem clarity, compliance, security, and performance using SCQA framework
Draft and submit a vulnerability report to the bug bounty platform. Reads scope.yaml for platform/program, uses brain + findings for content. Always drafts first for review.
CMMC v2.0 expert for DoD contractors. Provides deep knowledge of Cybersecurity Maturity Model Certification including 5 levels, 14 domains, 171 practices, NIST 800-171 alignment,…
Container Network Interface (CNI) plugin patterns and Kubernetes NetworkPolicy for agent network isolation.
Apply CO7 Network Effects to exploit increasing value as user base or connections grow.
Manage a Cobo TSS Node for MPC threshold signing. Use when: setting up a new TSS Node, starting/stopping the node service, checking node status or health, signing for key share…
Performs comprehensive codebase analysis covering architecture, code quality, security, performance, testing, and maintainability.
Team code quality checklist - use for checking Python code quality, bugs, security issues, and best practices
Classify code tasks and execute task-specific checklists with quality gates. Route to WRITE, DEBUG, REVIEW, OPTIMIZE, REFACTOR, SIMPLIFY, or SECURE workflows, each invoking…
Grafo de conhecimento do ecossistema OpenCode, inspirado pelo GraphRAG + Zep Cloud do MiroFish. Mapeia agentes, skills, MCPs, comandos e suas relações em um grafo pesquisável via…
Detect code injection vulnerabilities in packages that dynamically generate or evaluate code via new Function(), eval(), vm.run*, or template literal interpolation.
Code Injection Detector - Auto-activating skill for Security Fundamentals. Triggers on: code injection detector, code injection detector Part of the Security Fundamentals skill…
Run a multi-agent "panel review" of the user's local code changes before they open a PR. Orchestrates five specialized reviewer agents (Security, Performance, Resilience, Bugs,…
Expert code reviewer that enforces best practices, clean code principles, strong typing (TypeScript), architecture guidelines, and security standards.
Use when assessing or improving code quality, maintainability, performance, or security hygiene - provides workflows for analysis, code review, and systematic improvements with…
Inherit and modernize legacy codebases. Technical debt, refactoring strategies, security audits, and incremental modernization.
Security-focused code review for OpenSite/Toastability platform. Use when reviewing PRs for security issues, auditing new API endpoints, checking for HIPAA/SOC2 compliance…
Comprehensive code security audit toolkit combining OWASP Top 10 vulnerability scanning, dependency analysis, secret detection, SSL/TLS verification, AI Agent security checks, and…
Conducts comprehensive security code reviews including vulnerability detection (OWASP Top 10, CWE), authentication/authorization flaws, injection attacks, cryptography issues,…
Provides adversarial code comprehension for security research, mapping architecture, tracing data flows, and hunting vulnerability variants to build ground-truth understanding…
Scan code for security issues: dependency vulnerabilities (npm/pip audit), secret leaks (regex and entropy analysis), and OWASP anti-patterns like SQL injection, XSS, or command…
Tiefe themenspezifische Analyse der Codebase (Security, Performance, UX, Architektur, Maintainability, DX, Datenfluesse) mit strukturiertem Report.
Evaluate the repo for security risks, correctness hazards, complexity hotspots, and documentation gaps, then produce a prioritized audit report and doc-only improvement plan.
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security.
Launcher-based map-reduce codebase ingest for large repositories. Use when a user wants a generalized, NotebookLM-ready understanding pack, codebase digest, source-grounded…
Review an existing codebase for redundant, legacy, dead, superseded, or attack-surface-increasing code paths and guide progressive removal with behavior mapping, test coverage,…
Execute CodeQL security scans with language detection, database caching, and SARIF output. Use when performing static security analysis on Python or GitHub Actions code.
Use after completing file changes - strongest for source code (AST-aware linting, security, tests), lighter support for markdown/config. Dispatches CodeRabbit reviewer subagent.
Configure CodeRabbit for security-focused code review with secret detection and vulnerability scanning.
Sets up and optimizes OpenAI Codex CLI + GPT-5.5 on Amazon Bedrock (GA June 2026). Handles AWS credential wiring (API key or SDK chain), region selection, VPC endpoint isolation,…