Эксперт по container registry. Используй для настройки ECR, Harbor, Docker Hub, image security и CI/CD интеграции.
Monitors container runtime behavior using Falco rules and the Docker Engine API. Detects anomalous syscalls, privilege escalations, and unexpected network connections in real time.
Scans containers and Dockerfiles for security issues. Wraps Hadolint for Dockerfile linting and Trivy for container image scanning.
Comprehensive container security guidance including vulnerability scanning with Trivy, image hardening, secrets management, and CIS benchmark compliance.
Container Security Auditor - Auto-activating skill for Security Advanced. Triggers on: container security auditor, container security auditor Part of the Security Advanced skill…
Harden Docker/container images and runtime deployments with secure base images, non-root users, CVE scanning, SBOM/signing, seccomp/AppArmor, and Kubernetes pod security controls.
Security incident containment playbooks for isolating threats across network, endpoint, identity, cloud, and application layers.
Content Security Policy Generator - Auto-activating skill for Security Fundamentals. Triggers on: content security policy generator, content security policy generator Part of the…
Use when designing or fixing a Content Security Policy on a real site, choosing between nonce-based and hash-based CSP, adding strict-dynamic, debugging "Refused to execute inline…
Save, compress, version, encrypt, and resume full chat context when approaching token/message limits.
Save, compress, version, encrypt, and resume full chat context when approaching token/message limits.
Zbiera, zapisuje i ładuje kontekst osobisty i firmowy w 20 warstwach informacyjnych. Tryb zapisu: "zapamiętaj że...", "zapisz że...", "zanotuj...", "dodaj do kontekstu...".
Exploit the 1M token context (Opus 4.6 / Sonnet 4.6) for full codebase awareness in SpecKit. Intelligently loads constitution, specs, skills, and codebase files while staying…
Authentication, authorization, Clerk integration, RLS policies, and security patterns. Use when working with security-resolver code, files, or integration.
Review pull requests for code quality, security vulnerabilities, best practices, and potential issues. Use when reviewing PRs, examining diffs, or providing code review feedback.
Apply Google's continuous fuzzing methodology using OSS-Fuzz and ClusterFuzz. Emphasizes coverage-guided fuzzing, automated bug triage, and integration into CI/CD.
Continuum Security SLNE integration. Manage data, records, and automate workflows. Use when the user wants to interact with Continuum Security SLNE data.
Contour version bumps (Go, Envoy), dependency updates, and vulnerability / CVE checks for release branches and images
Contrast Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Contrast Security data.
Maps NIST controls to FedRAMP requirements and documents. Use when helping with control implementation, compliance mapping, security baseline alignment, or understanding control…
Inspecteur des finances publiques IA. Simule un contrôle fiscal DGFIP complet sur les comptes d'une entreprise française (SASU, EURL, SAS, SARL).
Convierte archivos a Markdown usando MarkItDown. Úsala siempre que el usuario agregue, suba, arrastre o mencione un PDF, un audio (mp3, wav, m4a), un Word (docx), un Excel (xlsx),…
Audit Convex—schema, security, runtime edges, migrations, function risk. Triggers—review, contract, remediate. Not greenfield spec (convex-feature-spec).
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations — from Convex
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations — from Convex
Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling — from Convex
Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling — from Convex
Cookie Security Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: cookie security analyzer, cookie security analyzer Part of the Security Fundamentals skill…
Run manager-worker agent collaboration in Matrix rooms where humans can watch, intervene, and keep credentials out of worker hands.
Autonomous penetration testing coordinator using ReAct methodology. Automatically activates when user provides a target IP or asks to start penetration testing.
Battle-tested Playwright patterns for writing and debugging reliable E2E, API, component, visual, accessibility, and security tests.
Build, review, or improve Core Data persistence in apps that have not adopted SwiftData. Use when working with NSManagedObject subclasses, NSFetchedResultsController for…
Code review and quality assurance specialist for ensuring code quality, security, and maintainability
Detailed development workflow patterns, checklists, and standards. Auto-loads for complex tasks, planning, debugging, testing, or when explicit patterns are needed.
Secure CoreWeave deployments with RBAC, network policies, and secrets management. Use when hardening GPU workloads, managing model access, or configuring namespace isolation.
Correlates security events in IBM QRadar SIEM using AQL (Ariel Query Language), custom rules, building blocks,
Correlates disparate security incidents, IOCs, and adversary behaviors across time and organizations to identify
Cors Policy Validator - Auto-activating skill for Security Fundamentals. Triggers on: cors policy validator, cors policy validator Part of the Security Fundamentals skill category.
Import memories from other AI memory systems into Cortex. Supports claude-mem (SQLite), Claude Desktop sessions, ChatGPT web export (JSON), Gemini Takeout (JSON), Cursor…
Store a global memory that is visible across all projects. Use when the user shares architecture rules, coding conventions, infrastructure facts, security policies, team…
Expert guidance for Cosmian Key Management System including key generation, certificate management, encryption operations, access policies, and KMS CLI operations.
Scans Cosmos SDK blockchain modules and CosmWasm contracts for consensus-critical vulnerabilities — chain halts, fund loss, state divergence.
Erstellt Kosten- und Risikobudget: Gerichtskosten, Anwaltskosten, Übersetzung, Transcript, Sachverständige, Security, Settlement und Enforcement.
Architect a feature with the Carmack Council before writing code. Use when explicitly asked to plan a feature, do a "council plan", "carmack plan", or invoke /council-plan.
Perform a rigorous Carmack Council code review. Use when explicitly asked to review code, do a "council review", "carmack review", or invoke /council-review.
Use when the user asks for a food security profile, country agricultural overview, country hunger or nutrition assessment, or food system summary for a specific country.
Verifies provider credentials via NPI MCP, searches Medicare coverage policies via CMS Coverage MCP, and maps clinical evidence against payer policy requirements with…
Deep code property graph analysis with Joern CPG (AST+CFG+PDG) and CodeQL for control flow, data flow, taint analysis, and security auditing
C++ coding rules from ai-toolkit: coding-style, frameworks, patterns, security, testing. Triggers: .cpp, .cc, .cxx, .hpp, .h, CMakeLists.txt, Makefile, GoogleTest, clang-tidy.
Code Query with AI-enhanced deterministic analysis via SplitMix ternary classification
Advanced password recovery and hash cracking tool supporting multiple algorithms and attack modes. Use when: (1) Performing authorized password auditing and security assessments,…
Garnish — Craft CMS's built-in JavaScript UI toolkit for the control panel. Covers the full Garnish surface: class system (Garnish.Base.extend, init, setSettings, addListener,…
Craft CMS 5 plugin and module development — extending Craft with PHP. Covers the full extend surface: elements, element queries, services, models, records, project config,…
Multi-channel outbound sequences dla polskiego SaaS B2B micro-small (deal 299-4999 PLN/mies). Capacity math (meeting rate benchmarks PL), 14-day sprint cadence, channel mix (email…
Analyzes Python code quality using CRAP scores and book-derived diagnostics. Use when the user asks to check code quality, analyze complexity, review code for maintainability,…
Crea nuevas skills de Claude Code desde cero. Es la skill que hace skills. Usa esta skill cuando el usuario quiera crear su propia skill, automatizar un flujo de trabajo, hacer…
Create a new packet analyzer for Minecraft Bedrock logs. Generates template code, provides documentation links, and guides testing workflow.
Creates a new Network Security Group and associates it with the specified subnets and/or NICs of a Virtual Network.
Create or improve a Symfony CRUD with controller, entity, repository, form, Twig templates, validation, security checks, and tests.
Creates a new GameMaker enemy that can switch between melee and ranged attacks based on distance, formation role, cooldowns, and line of sight.