Service mesh implementation with Istio for microservices traffic management, security, and observability.
Designs and optimizes prompts for large language models including system prompts, agent signals, and few-shot examples.
Comprehensive security audits identifying vulnerabilities, misconfigurations, and best-practice violations across applications, APIs, infrastructure, and data pipelines.
Quick routine security checks for secrets, dependencies, container images, and common vulnerabilities.
Threat modeling methodologies (STRIDE, DREAD, PASTA, attack trees) for secure architecture design. Use when planning new systems, reviewing architecture security, mapping trust…
API Design Rules (ADR) voor NL GOV REST APIs: Spectral-linting, naming, transport security, signing, encryption, problem+json errors, geo-extensie.
Gebruik deze skill wanneer de gebruiker vraagt over 'OAuth', 'OpenID Connect', 'OIDC', 'authenticatie', 'autorisatie', 'AuthZEN', 'SAML', 'identity management', 'toegangsbeheer',…
Generates a comprehensive crypto market report using CoinMarketCap MCP data. Use when users ask about overall market conditions, sentiment, or want a summary.
Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
Helpt bij het ontwerpen van overheidssystemen conform de Nederlandse Overheid Referentie Architectuur (NORA), inclusief basisprincipes, afgeleide principes, informatiebeveiliging…
OpenSearch detection engineering: SIGMA authoring, query DSL translation, MITRE ATT&CK mapping, anomaly detection, correlation rules, SOC incident escalation.
Run multiple Ralph loops concurrently for independent tasks. Supports all 6 ralph-* teammates (coder, reviewer, tester, researcher, frontend, security).
Enhance SEO (meta tags, semantic HTML) and security (vulnerability checks, hardening). Triggers: SEO, security, meta tags, vulnerability, 검색 최적화, 보안.
Phishing simulation campaign execution and analysis for security awareness assessment
Intensely interviews the user about their plan — one question at a time — challenging it against the project's existing domain model, sharpening terminology, and updating/creating…
Probe a target for HTTP methods that should not be enabled in production — TRACE (XST attack), unrestricted PUT/DELETE, DEBUG/CONNECT, WebDAV (PROPFIND/MKCOL/COPY/MOVE), and Allow…
Expert skill for protocol fuzzing, vulnerability discovery, and security testing
Use when auditing a Rails app for SQL injection, XSS, CSRF, mass-assignment, or Gemfile.lock CVEs, or when reviewing only NEW security regressions in a PR vs base branch.
User-invoked skill to run a comprehensive pre-ship review using all review agents relevant to the project's tech stack, with rad-code-review as the final gate.
Packages and runs a local SAST pipeline scan to identify source code vulnerabilities.
Scan a source-code tree for hardcoded credentials embedded in source files: AWS access keys, GitHub tokens, Stripe keys, Slack tokens, Anthropic API keys, OpenAI keys, JWT signing…
Audits Solidity codebases for smart contract vulnerabilities using a four-phase workflow (cheatsheet loading, codebase sweep, deep validation, reporting) covering 36 vulnerability…
Developer security training and assessment for secure coding practices and vulnerability prevention
Retroactively verify threat mitigations for a completed phase — from produtoramaxvision/maxvision
Teaches agents to recognize and avoid security threats during normal activity. Covers phishing detection, credential protection, domain verification, and social engineering…
Apply security awareness during code review and implementation. Catches common vulnerabilities without requiring full security audit.
Security controls and structured logging implementation. Use when security logging guidance is required.
Auditoría de seguridad OWASP Top 10. Usar para revisar código en busca de vulnerabilidades, validar autenticación/autorización, analizar input sanitization, detectar SQL…
Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security…
Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes.
Build flawless Claude Code skills. Studies existing skills as reference, ensures correct format, and pushes for genuine intelligence — skills that exploit something specific about…
Use when the user mentions a skill/plugin by name, asks "should I install X", asks for skill recommendations, wants a security check on a skill, asks about duplicates or…
MANUAL TRIGGER ONLY: invoke only when user types /specforge. Full SpecForge workflow: Act 1 (Sprint Planning) → Act 2 (Spec Generation) → Handoff.
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security…
SysQL query language reference for Sysdig Secure. Use when writing, debugging, or explaining SysQL graph queries against the Sysdig security datastore.
Automated technical architecture review, security assessment, scalability analysis
Scans and analyses third-party dependencies and IaC configurations for security vulnerabilities.
Build a dependency-tree map of a project (npm or Python) and trace the path from each known-vulnerable transitive package back to one or more direct dependencies.
GLAW alter-ego / veil-piercing analyst — the factor engine that decides whether the corporate shield holds.
Continuous vendor security monitoring for security ratings, breach notifications, and risk change detection
Automated vendor security assessment through questionnaire generation, response parsing, and risk scoring
Trusted domains, security assessment patterns, and domain research standards for WebFetch permissions
Provides web vulnerability testing methodology distilled from 88,636 real-world cases from the WooYun vulnerability database (2010-2016).
Write and test YARA rules for malware detection and threat hunting. Use when creating YARA signatures, detecting malware families, scanning files or memory for indicators of…
Helpt bij het integreren met ZGW API-standaarden (Zaakgericht Werken) en Haal Centraal API's voor Nederlandse overheidsorganisaties.
Every Abnormal Security threat, case, vendor, employee, and dashboard operation, plus a local threat store, ranked SOC triage, and one-shot client reporting.
Use when the user asks to check Action1 patch status, triage vulnerabilities, find stale or offline agents, score endpoint risk, or report patch posture across one or many client…
Active Directory security audit using the MITRE ATT&CK framework. Full domain enumeration, trust mapping, GPO analysis, ACL abuse paths, ADCS attacks (ESC1-ESC8), delegation abuse…
Integrates Power Pages generative-AI summarization APIs (PREVIEW) into a Single Page Application (SPA) site — the Search Summary API and the Data Summarization API — on any…
Maquina autonoma de seguranca (wrapper SENTINEL). Security + load testing + LGPD compliance. 6 dimensoes, modo hybrid, convergencia SSS >= 80. Security Certificate.
Debate multi-agente: 2-4 perspectivas (PM, Arquiteto, QA, Security) debatem decisao tecnica. Output: decisao + rationale + dissenting opinions → ADR.
5 expert personas debate proposed changes before implementation. Catches architectural, security, performance, and UX issues early.
Maquina autonoma de seguranca, load testing e LGPD. 6 dimensoes, modo hybrid, convergencia SSS >= 80. Security Certificate + Load Report + Fix PR.
Auditoria de seguranca, qualidade e conformidade. OWASP Top 10, secrets scan, dependency audit. Use antes de deploy.
End-to-end database connection for agami: sets up credentials on first run (DB-type picker → writes ~/.agami/credentials.example for the user to fill in), then introspects the…
Run the OWASP-aligned agentic security review path — covers goal hijacking, tool misuse, excessive agency, memory poisoning, secrets exposure, handoff failures, and observability.
Delete a secret. Requires authentication. Use for Agentuity cloud platform operations
Get a secret value. Requires authentication. Use for Agentuity cloud platform operations
Import secrets from a file to cloud and local .env. Requires authentication. Use for Agentuity cloud platform operations