Dual-AI engineering loop orchestrating Claude Code (planning/implementation) and Codex (validation/review).
Post-edit loop that invokes `/codex:rescue` for a second-model review of the current branch, collects the findings, and hands them off to `refactor-verify`'s review-driven fix…
Użyj, gdy kończysz sesję pracy nad projektem i chcesz uporządkować stan dokumentacji operacyjnej bez implementacji nowych zmian: zaktualizować ROADMAP.md, STATUS.md oraz w razie…
Spawn specialized OpenAI Codex CLI subagents for code review, debugging, architecture analysis, security audits, refactoring, and documentation via AGENTS.md persona injection…
[CLAUDE CODE ONLY] Leverage Codex CLI for AI peer review, second opinions on architecture and design decisions, cross-validation of implementations, security analysis, and…
Automated code review workflow using OpenAI Codex CLI. Implements iterative fix-and-review cycles until code passes validation or reaches iteration limit.
Architect-level guidance, workflows, and scripts for building agentic coding systems with OpenAI Codex.
Clerk for forced surrenders, threats, procedural irregularities, and lack of informed consent; use for Coercion_Duress queue.
Use this when the user wants BosskuAI to behave like an expert AI cofounder across product, engineering, UI/UX, security, SEO/GEO, GTM, marketing, sales, prioritization, and…
Gorev tipine gore dusunme modu secimi. 5 mod -- analytical (derin analiz), creative (yaratici cozum), systematic (adim adim), rapid (hizli aksiyon), debug (hata izleme).
Apply Cohere security best practices for API key management and access control. Use when securing API keys, implementing key rotation, or auditing Cohere security configuration.
Coinbase Automation: list and manage cryptocurrency wallets, accounts, and portfolio data via Coinbase CDP SDK — from security/security-misc
Autonomous crypto trading with technical and sentiment analysis. Use when executing trades, analyzing markets, or managing positions on Coinbase.
CoinGecko API documentation - cryptocurrency market data API, price feeds, market cap, volume, historical data.
Access cryptocurrency market data from CoinPaprika: prices, tickers, OHLCV, exchanges, contract lookups for 12,000+ coins and 350+ exchanges. Free tier, no API key needed.
Official CoinPaprika MCP server — real-time crypto market data for 12K+ coins and 350+ exchanges. 30 tools for tickers, OHLCV, exchange data, search, and price conversion.
Drafts a Collateral Assignment of Contracts assigning a borrower's contractual rights as security for debt under UCC Article 9.
Systematically collects, categorizes, and distributes indicators of compromise (IOCs) during and after security
Collects and synthesizes open-source intelligence (OSINT) about threat actors, malicious infrastructure, and
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform for gathering, sharing,
Claim tasks, record step progress, and verify SOP gates in the colony SQLite queue. Applies when your spawn message includes a db_path field.
Expert in designing and implementing visceral, satisfying combat systems. Masters hitbox/hurtbox design, frame data, combo systems, enemy archetypes, damage feedback, and the…
Production readiness for CometChat Android — server-side token auth, user management CRUD, ProGuard rules, and security checklist.
CometChat Android UIKit v6 production readiness — token auth, ProGuard/R8, security checklist, release configuration
Use when preparing a CometChat Flutter UIKit v5 app for production. Covers auth tokens, ProGuard, environment config, security hardening.
Production readiness for CometChat Flutter UIKit v6 — server-side auth tokens, user management, Android ProGuard/R8, iOS Info.plist, minSdk, release build checklist, environment…
Production-ready CometChat iOS setup — server-side auth tokens, security best practices, and deployment checklist.
Production readiness for CometChat — server-side token auth, user management CRUD, environment hardening, and security checklist. Replaces dev-mode authKey with server-side tokens.
Use when creating animations that reassure users, reduce anxiety, or communicate protection and security.
GLAW Master Command — the top-level intelligence-fusion orchestrator. Coordinates the FBI bureau, FinCEN financial-intelligence cell, CIA strategic-intelligence cell, SEC…
Use when reviewing, approving, or designing commercial motion — pricing models, deal review, discount approval, partnership economics, channel mix, commercial policy, RFP/RFI…
Analyze code changes for security vulnerabilities using LLM reasoning and threat model patterns. Use for PR reviews, pre-commit checks, or branch comparisons.
Application security testing coordinator for common vulnerability patterns including XSS, injection flaws, and client-side security issues.
Diagnose and fix runtime errors in Lightning Web Components including wire adapter failures, shadow DOM boundary violations, event propagation mistakes, async rendering timing…
OWASP Top 10 audit checklist for Web Applications (2021) and APIs (2023). Load during any security review, PR review, or codebase audit touching web, mobile backend, or API code.
Orchestrates pitfall prevention skills for common development issues. Auto-triggered during code review to check for TanStack Query, Drizzle ORM, Express API, React, WebSocket,…
Use when an agent must set up, onboard, verify, index, search, browse, author, or synchronize a private local company knowledge workspace that uses Markdown as truth, SQLite as…
Systematically identify and win accounts from major freight brokers by exploiting their known vulnerabilities.
Build durable competitive advantage using Hamilton Helmer's \"7 Powers\" framework—the complete, mutually exclusive enumeration of all possible sources of sustainable business…
Research competitors and produce a positioning + messaging comparison with content gaps, opportunities, threats, and a sales battlecard.
Scrape competitor ads from Meta Ad Library and Google Ads Transparency Center, analyze creative patterns (hooks, formats, CTAs), reverse-engineer landing page funnels, and produce…
Two niche audit specialists not covered by existing operations/finance/ecc skills — smart contract security audit (Solidity / EVM / DeFi) and business automation governance (n8n…
Automated compliance auditing for SOC2, HIPAA, GDPR, and PCI-DSS. Activates for compliance checks, security audits, regulatory requirements, and compliance automation.
Provides a checklist framework for surfacing potentially applicable application-compliance obligations across declared jurisdictions (Japan / EU / US-CA / platform stores).
Use when setting up or auditing how compliance documentation is structured, collected, and preserved for regulatory audit in Salesforce FSC — covering KYC data collection…
SOC2, HIPAA, GDPR, PCI-DSS, FedRAMP compliance implementation in code. Audit logging, data encryption, access controls, privacy by design, and regulatory requirement mapping.
Runs a 4-phase compliance pipeline: security scan, GDPR audit, dependency vulnerability check, and penetration test, producing a unified pass/fail compliance report.
Provides compliance, governance, and supply chain security guidance for cloud-native systems. Covers OPA Rego policies, Kyverno cluster policies, SBOM generation, SLSA provenance,…
Runs a 5-phase enterprise compliance and security hardening pipeline: regulatory review, GDPR audit, SOC 2 evaluation, dependency scan, and penetration test with cross-framework…
Validate compliance during migration with rule checking, audit trails, and security control validation
Create and manage OSCAL component definitions for reusable security control implementations. Inspired by CivicActions components and community patterns.
Composer dependency management playbook for safe, systematic package updates. Use when the user asks to update Composer dependencies, audit packages for security vulnerabilities,…
Composio OAuth integration for external service connections. CSRF-protected flow with state management, connection lifecycle transitions (pending→initiated→active), dynamic tool…
Coinbase Automation: list and manage cryptocurrency wallets, accounts, and portfolio data via Coinbase CDP SDK — from phamlongh230-lgtm/yamtam-engine
Automate Google Drive tasks via Rube MCP (Composio). Always search tools first for current schemas. — from phamlongh230-lgtm/yamtam-engine
Automate Securitytrails tasks via Rube MCP (Composio). Always search tools first for current schemas. — from phamlongh230-lgtm/yamtam-engine
SharePoint Automation: manage sites, lists, documents, folders, pages, and search content across SharePoint and OneDrive — from phamlongh230-lgtm/yamtam-engine
Exhaustive multi-dimensional project auditor covering code, runtime, infrastructure, security, performance, business logic, and human processes across 12 dimensions with — from…
Exhaustive multi-dimensional project auditor covering code, runtime, infrastructure, security, performance, business logic, and human processes across 12 dimensions with — from…
Ability to plan, direct, and oversee the development, operation, and governance of information systems to meet organisational objectives.