Maps NIST controls to FedRAMP requirements and documents. Use when helping with control implementation, compliance mapping, security baseline alignment, or understanding control…
Inspecteur des finances publiques IA. Simule un contrôle fiscal DGFIP complet sur les comptes d'une entreprise française (SASU, EURL, SAS, SARL).
Convierte archivos a Markdown usando MarkItDown. Úsala siempre que el usuario agregue, suba, arrastre o mencione un PDF, un audio (mp3, wav, m4a), un Word (docx), un Excel (xlsx),…
Audit Convex—schema, security, runtime edges, migrations, function risk. Triggers—review, contract, remediate. Not greenfield spec (convex-feature-spec).
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations — from Convex
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations — from Convex
Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling — from Convex
Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling — from Convex
Cookie Security Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: cookie security analyzer, cookie security analyzer Part of the Security Fundamentals skill…
Run manager-worker agent collaboration in Matrix rooms where humans can watch, intervene, and keep credentials out of worker hands.
Autonomous penetration testing coordinator using ReAct methodology. Automatically activates when user provides a target IP or asks to start penetration testing.
Battle-tested Playwright patterns for writing and debugging reliable E2E, API, component, visual, accessibility, and security tests.
Build, review, or improve Core Data persistence in apps that have not adopted SwiftData. Use when working with NSManagedObject subclasses, NSFetchedResultsController for…
Code review and quality assurance specialist for ensuring code quality, security, and maintainability
Detailed development workflow patterns, checklists, and standards. Auto-loads for complex tasks, planning, debugging, testing, or when explicit patterns are needed.
Secure CoreWeave deployments with RBAC, network policies, and secrets management. Use when hardening GPU workloads, managing model access, or configuring namespace isolation.
Correlates security events in IBM QRadar SIEM using AQL (Ariel Query Language), custom rules, building blocks,
Correlates disparate security incidents, IOCs, and adversary behaviors across time and organizations to identify
Cors Policy Validator - Auto-activating skill for Security Fundamentals. Triggers on: cors policy validator, cors policy validator Part of the Security Fundamentals skill category.
Import memories from other AI memory systems into Cortex. Supports claude-mem (SQLite), Claude Desktop sessions, ChatGPT web export (JSON), Gemini Takeout (JSON), Cursor…
Store a global memory that is visible across all projects. Use when the user shares architecture rules, coding conventions, infrastructure facts, security policies, team…
Expert guidance for Cosmian Key Management System including key generation, certificate management, encryption operations, access policies, and KMS CLI operations.
Scans Cosmos SDK blockchain modules and CosmWasm contracts for consensus-critical vulnerabilities — chain halts, fund loss, state divergence.
Erstellt Kosten- und Risikobudget: Gerichtskosten, Anwaltskosten, Übersetzung, Transcript, Sachverständige, Security, Settlement und Enforcement.
Architect a feature with the Carmack Council before writing code. Use when explicitly asked to plan a feature, do a "council plan", "carmack plan", or invoke /council-plan.
Perform a rigorous Carmack Council code review. Use when explicitly asked to review code, do a "council review", "carmack review", or invoke /council-review.
Use when the user asks for a food security profile, country agricultural overview, country hunger or nutrition assessment, or food system summary for a specific country.
Verifies provider credentials via NPI MCP, searches Medicare coverage policies via CMS Coverage MCP, and maps clinical evidence against payer policy requirements with…
Deep code property graph analysis with Joern CPG (AST+CFG+PDG) and CodeQL for control flow, data flow, taint analysis, and security auditing
C++ coding rules from ai-toolkit: coding-style, frameworks, patterns, security, testing. Triggers: .cpp, .cc, .cxx, .hpp, .h, CMakeLists.txt, Makefile, GoogleTest, clang-tidy.
Code Query with AI-enhanced deterministic analysis via SplitMix ternary classification
Advanced password recovery and hash cracking tool supporting multiple algorithms and attack modes. Use when: (1) Performing authorized password auditing and security assessments,…
Garnish — Craft CMS's built-in JavaScript UI toolkit for the control panel. Covers the full Garnish surface: class system (Garnish.Base.extend, init, setSettings, addListener,…
Craft CMS 5 plugin and module development — extending Craft with PHP. Covers the full extend surface: elements, element queries, services, models, records, project config,…
Multi-channel outbound sequences dla polskiego SaaS B2B micro-small (deal 299-4999 PLN/mies). Capacity math (meeting rate benchmarks PL), 14-day sprint cadence, channel mix (email…
Analyzes Python code quality using CRAP scores and book-derived diagnostics. Use when the user asks to check code quality, analyze complexity, review code for maintainability,…
Crea nuevas skills de Claude Code desde cero. Es la skill que hace skills. Usa esta skill cuando el usuario quiera crear su propia skill, automatizar un flujo de trabajo, hacer…
Create a new packet analyzer for Minecraft Bedrock logs. Generates template code, provides documentation links, and guides testing workflow.
Creates a new Network Security Group and associates it with the specified subnets and/or NICs of a Virtual Network.
Create or improve a Symfony CRUD with controller, entity, repository, form, Twig templates, validation, security checks, and tests.
Creates a new GameMaker enemy that can switch between melee and ranged attacks based on distance, formation role, cooldowns, and line of sight.
You create simple, elegant, and impactful company logos based on the input given to you.
Generate a personalized AI skill based on your configured Zapier MCP tools. Scans your enabled actions and creates instructions that help your AI assistant know when and how to…
Setup observability platform configuration (Datadog, Prometheus, Splunk) with REQ-* dashboards and alerts. Creates monitors for each requirement with SLA tracking.
Create custom Semgrep rules for vulnerability detection. Use when writing new rules for specific vulnerability patterns, creating org-specific detections, or building rules for…
Expert guidance for creating Claude Code slash commands. Use when working with slash commands, creating custom commands, understanding command structure, or learning YAML — from…
Expert guidance for creating, building, and using Claude Code subagents and the Task tool. Use when working with subagents, setting up agent configurations, understanding — from…
Analyze a codebase and produce a structured threat model at .turbo/threat-model.md covering assets, trust boundaries, attack surfaces with existing mitigations, attacker stories,…
Use when creating or publishing Claude Code hooks - covers executable format, event types, JSON I/O, exit codes, security requirements, and PRPM package structure — from pr-pm/prpm
Use when creating or publishing Claude Code hooks - covers executable format, event types, JSON I/O, exit codes, security requirements, and PRPM package structure — from pr-pm/prpm
Use when building custom Kiro AI agents or when user asks for agent configurations - provides JSON structure, tool configuration, prompt patterns, and security best practices for…
Create GitHub issues in NASA-PDS repositories using organizational templates (bug reports, I&T bug reports, feature requests, tasks, vulnerabilities, release themes).
Creates a production-ready VPC with public and private subnets across multiple Availability Zones, including internet gateway, NAT gateways, route tables, and security groups…
Creates structured SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis with strategic implications and action planning.
Designing anatomically plausible, visually distinctive creatures that communicate threat, personality, and role through form - from terrifying bosses to collectible companionsUse…
PostToolUse hook that scans Bash tool output for leaked credentials — API keys, tokens, private keys, and secrets — before they reach the conversation.
Secure API key management for Claude Code — encrypted storage, auto-rotation, leak detection, safe injection
Credit and distressed debt analysis. Activate when the user mentions credit analysis, credit spread, high yield, investment grade, distressed debt, default probability, Altman…
Skeptically review a spec for unstated assumptions, untestable rules, missing edge cases, security gaps, and UX failures. Run after /cspec.
Interactive crypto deep-research framework with human-AI collaboration for superior research outcomes