Analyze a CycloneDX/SPDX SBOM file using sbomr. Use when asked to inspect, summarize, or query an SBOM file — e.g.
Score 80/100
Inspects the OrchestKit telemetry pipeline for the current project — lists all known telemetry files with write counts, sizes, schema status, growth trend, and orphan detection.
Score 80/100
Inspect and validate Vertex AI Agent Engine deployments including Code Execution Sandbox, Memory Bank, A2A protocol compliance, and security posture.
Score 80/100
Launch a comprehensive website audit. Specify a URL or audit the current codebase. Optionally specify categories: seo, accessibility, performance, security, mobile, content,…
Score 80/100
Verifies financial data against source documents, bank statements, contracts
Score 75/100
Vehicle cybersecurity engineering per ISO/SAE 21434
Score 75/100
Advanced binary exploitation and mitigation bypass
Score 75/100
Web application security testing with Burp Suite integration
Score 75/100
This skill should be used when the user says "configure hooks", "set up quality gates", "add PostToolUse hook", "set up permission hooks", "create hook configuration", "add…
Score 75/100
Chief Security Officer mode. Infrastructure-first security audit: secrets archaeology, dependency supply chain, CI/CD pipeline security, LLM/AI security, skill supply chain…
Score 75/100
CVE and CWE database querying and management
Score 75/100
Advanced debugging integration for vulnerability research
Score 75/100
MITRE ATT&CK framework mapping and analysis
Score 75/100
Implement OAuth 2.0 and OpenID Connect flows for SDKs
Score 75/100
Offensive security tools and techniques integration
Score 75/100
Pipedrive CRM integration optimized for SMB sales teams
Score 75/100
Post-quantum cryptography evaluation skill for quantum-safe migration
Score 75/100
Exploit development automation using pwntools framework
Score 75/100
This skill should be used for cross-artifact consistency reviewer -- validates alignment across SPEC.md, REQUIREMENTS.md, ROADMAP.md, and DESIGN.md.
Score 75/100
Run security scans including SAST, dependency scanning, and secret detection
Score 75/100
Ethereum and blockchain smart contract security analysis
Score 75/100
Integration with security-focused static analysis tools
Score 75/100
STIX/TAXII threat intelligence format and sharing
Score 75/100
Generate threat models using STRIDE, PASTA, or VAST methodologies
Score 75/100
Validate production readiness of Vertex AI Agent Engine deployments across security, monitoring, performance, compliance, and best practices.
Score 75/100
YARA rule creation, testing, and deployment
Score 75/100
5-level verification pyramid: static→unit→Playwright E2E (homepage-first, 6bp)→AI visual→post-deploy. 8-check quality gate.
Score 70/100
You MUST use this when building projects end-to-end. Orchestrates all 12 team roles — automatically switches between CTO, architect, PM, engineers, SRE, security, DBA, QA, and EM…
Score 70/100
Generates audit trail infrastructure for entities. Implements IAuditable interface, EF Core SaveChanges interceptor, and automatic population of CreatedAt, UpdatedAt, CreatedBy,…
Score 70/100
Configures 1Password CLI with direnv for fast, secure credential loading. Activates for: 1Password + direnv setup, slow secrets (>2 sec), .env.op files, op:// references, AWS…
Score 70/100
Secure secret management using 1Password CLI. Detect plaintext secrets in files and codebases, convert environment files to 1Password templates, inject secrets securely using op…
Score 70/100
Use when you need to design, review, or improve security in Spring Boot applications — including SecurityFilterChain, OAuth2/JWT resource server patterns, form login basics,…
Score 70/100
Protect your SaaS app from common vulnerabilities. Use when building auth, handling user data, or deploying features.
Score 70/100
Use when you need to design, review, or improve REST APIs with Quarkus REST (Jakarta REST) — including resource classes, HTTP methods, status codes, request/response DTOs, Bean…
Score 70/100
Use when you need to design, review, or improve validation in Quarkus applications — including Bean Validation on JAX-RS resources, @Valid on parameters and CDI beans, constraint…
Score 70/100
Use when you need to design, review, or improve security in Quarkus applications — including Quarkus Security with JWT/OIDC, basic auth, @RolesAllowed / @Authenticated /…
Score 70/100
Use when you need to design, review, or improve REST APIs with Micronaut — including @Controller routes, HTTP status codes, DTOs, Bean Validation, exception handlers, pagination,…
Score 70/100
Use when you need to design, review, or improve security in Micronaut applications — including micronaut-security authentication, @Secured and intercept-url-map rules, JWT/session…
Score 70/100
Create your cloud security skill in one prompt, then learn to improve it throughout the chapter
Score 70/100
Create your operational excellence skill in one prompt, then learn to improve it throughout the chapter
Score 70/100
Integrate Red Hat Ansible Automation Platform (AAP) with HashiCorp Vault Enterprise for dynamic SSH credential management.
Score 70/100
Background information about Lendtrain powered by Atlantic Home Mortgage — company history, credentials, founder bio, and contact information for borrower trust-building.
Score 70/100
Set up Abridge clinical AI platform authentication and EHR integration credentials. Use when onboarding a healthcare org to Abridge, configuring Epic/Athena integration, or…
Score 70/100
Apply HIPAA-compliant security practices for Abridge clinical AI integrations. Use when securing PHI in transit/at rest, configuring access controls, implementing audit logging,…
Score 70/100
Expert in groups, rings, fields, and algebraic structures with applications to cryptography and number theory
Score 70/100
RBAC/ABAC implementation patterns, least privilege access, row-level security, column masking, and access review workflows.
Score 70/100
Creates, debugs, and optimizes GitHub Actions workflow YAML files. Recommends current action versions with SHA pinning from a daily-updated index of 120+ actions.
Score 70/100
Create and configure GitHub Actions. Use when building custom actions, setting up runners, implementing security practices, or publishing to the marketplace.
Score 70/100
Generates complete FAERS pharmacovigilance study designs for multi-drug or class-level safety comparison inside one predefined SOC or AE family using active comparators,…
Score 70/100
Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege…
Score 70/100
Guide the user to add a data source, connection, or API connector to a Canvas App via Power Apps Studio, then verify and continue.
Score 70/100
Adds Excel Online (Business) connector to a Power Apps code app. Use when reading or writing Excel workbook data from OneDrive or SharePoint.
Score 70/100
Add Google Calendar as an MCP tool (list calendars, list/search/create events, free/busy queries) using OneCLI-managed OAuth. Multi-calendar and multi-account supported.
Score 70/100
Add Gmail as an MCP tool (read, search, send, label, draft) using OneCLI-managed OAuth. The agent gets Gmail tools in every enabled group; OneCLI injects real tokens at request…
Score 70/100
Use when the user wants to add a new MCP server integration — connect a custom tool, API, or service to the plugin by configuring it in .mcp.json with proper credentials and…
Score 70/100
Adds OneDrive for Business connector to a Power Apps code app. Use when uploading, downloading, listing, or managing files in OneDrive.
Score 70/100
Guides systematic implementation of new sustainability metrics in OSS Sustain Guard using the plugin-based metric system.
Score 70/100
Manage Linux systems covering systemd services, process management, filesystems, networking, performance tuning, and troubleshooting.
Score 70/100
Help and guidance for Azure DevOps synchronization with SpecWeave increments. Use when asking how to set up ADO sync, configure credentials, or troubleshoot integration issues.
Score 70/100
Install and configure Adobe Developer Console OAuth Server-to-Server credentials. Use when setting up a new Adobe integration, configuring API credentials, or initializing Adobe…
Score 70/100