NeRDS software development guidelines for Dutch government projects. Use when making architectural decisions, setting up CI/CD, implementing security practices, handling privacy…
Security standards and authentication tools for Dutch government software. Use when implementing DigiD, eHerkenning, OAuth, OIDC, PKIoverheid, or other Dutch government…
Record and query the decision log for a project. Activate when user mentions "audit", "trail", "log decisions", "decision history", "why was this decided", "ADR", "architecture…
Perform strict 7-dimension peer review analyzing correctness, tests, performance, architecture, security, style, and diff cleanliness.
Perform OWASP Top 10 static security audit identifying vulnerabilities in access control, cryptography, injection, configuration, and logging.
別駭我!基本安全檢測 — Security self-check for Clawdbot/Moltbot. Run a quick audit of your clawdbot.json to catch dangerous misconfigurations — exposed gateway, missing auth, open DM…
Dope.security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Dope.security data.
Validate and test Doppler secrets. TRIGGERS - add to Doppler, store secret, validate token, test credentials.
Doppler credential and publishing workflows. TRIGGERS - PyPI publish, AWS credentials, Doppler secrets.
Find denial of service vulnerabilities through resource exhaustion, algorithmic complexity, memory exhaustion, and file/network resource abuse.
dotenvx - secure environment variable management with encryption. Use for encrypting .env files, multi-environment configuration, cross-platform secret management, and migrating…
dotenvx is a secure, cross-platform environment variable manager from the creator of dotenv. It provides encrypted .env files, multi-environment support, and works with any…
Subject every non-trivial decision to a fresh-context adversarial review before it stands. Use when correctness matters more than speed, when working in unfamiliar code, when…
English language Controller-to-Controller data sharing agreement template used between two independent controllers exchanging personal data under the GDPR.
English language technical and organisational measures (TOM) annex template for a DPA under Article 32 GDPR.
Provides a structured risk scoring methodology for Data Protection Impact Assessments aligned with ENISA threat taxonomy and ISO 29134.
Default-Deny security posture for Supabase. Mandates strict RLS and 'WITH CHECK' clauses. — from security/security-misc
Default-Deny security posture for Supabase. Mandates strict RLS and 'WITH CHECK' clauses. — from security/security-misc
Generates Terms of Use and Cookie Policy documents for a cybersecurity company website, strictly limiting data usage to newsletters and event updates, prohibiting data sales, and…
Erkennt Fristen und Eile-Signale in Mandantenanfragen: Hauptverhandlung naechste Woche, Kuendigungsfrist laeuft, Haftungsfalle, Zwangsvollstreckung, Insolvenzantrag.
Fortress Sovereign Edition. Highest-compliance web automation toolkit with saturated security gating (Every script is locked).
Manage database schema with Drizzle ORM and SQLite migrations. Use when adding tables, modifying columns, creating indexes, or running migrations.
Provides comprehensive Drizzle ORM patterns for schema definition, CRUD operations, relations, queries, transactions, and migrations.
Drizzle ORM best practices including schema design with relationships, database migrations, prepared statements for performance, transactions, indexes, Turso SQLite database…
Hook implementations, service/DI patterns, and security patterns for Drupal 10/11. Use when implementing hooks, form alters, event subscribers, creating services, working with…
Security and regulatory compliance — OWASP, privacy laws, data protection, web security, i18n. Use when auditing for security/privacy compliance, GDPR/KVKK, or pre-release legal…
Dependency upgrade loop — classify each dependency as safe-patch/safe-minor/review-major, apply safe groups with per-group commits, surface majors with migration notes and…
Universal code quality fix — format, lint, type-check, l10n, and security scan for any stack. Use when the user asks to fix code quality, run formatters/linters/type-checks, or…
Erstellt Datenschutz-Folgenabschätzung für Roboter mit Sensorik, Telemetrie, KI-Auswertung oder vulnerablen Nutzergruppen.
Risikoanalyse im Rahmen der DSFA: Eintrittswahrscheinlichkeit mal Schadenschwere fuer Bedrohungsszenarien systematisch ermitteln.
ALWAYS USE when building data lakehouse with DuckDB compute, configuring dbt-duckdb with Polaris plugin, or designing catalog-first architecture in floe-platform.
Query remote Parquet files via HTTP without downloading using DuckDB httpfs. Leverage column pruning, row filtering, and range requests for efficient bandwidth usage.
Comprehensive application audit. Analyzes best practices, security compliance, frontend design quality. Identifies top improvements and critical errors.
Duo Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Duo Security data.
Create and review Cloudflare Durable Objects. Use when building stateful coordination (chat rooms, multiplayer games, booking systems), implementing RPC methods, SQLite s — from…
Security-role assignment, user access, application users, business units, and admin self-elevation in Dataverse environments.
Migrating standard Lightning Record Page layouts (Page Layouts on the Record Detail component) to Dynamic Forms — converting fields and sections to component-level placement,…
Query Dynatrace observability data including logs, metrics, problems, and vulnerabilities using DQL
Contains verified MeF rejection code resolution procedures (R0000-901 through R0000-905-01 with 10-day perfection-period workflows), EFIN application and annual renewal…
Expert on EAS Build cloud service for building iOS and Android apps. Covers build configuration, credentials management, custom builds, CI/CD integration, and troubleshooting.
Expo (EAS) iOS/Android アプリのデプロイ自動化スキル。 App ID 登録、証明書・プロビジョニングプロファイル作成、 EAS ビルド、TestFlight 配布、App Store 提出までを CLI から実行する。 任意の Expo プロジェクトで使える汎用スキル。 Use when: App ID…
eBPF-based runtime behavioral monitoring for detecting sandbox escapes and privilege escalation. Tracee event signatures, file access monitoring, network connection alerts, and…
Security scanner cho Claude Code config — quét CLAUDE.md, settings.json, hooks, MCP servers, agents tìm lỗ hổng bảo mật. 1282 tests, 102 static analysis rules.
Elliptic curve cryptography for agent key pairs and command signing. EC key generation (secp256k1/p256), ECDSA sign/verify, ECDH shared secret, DER/PEM encoding, and hardware-safe…
Property-based testing and fuzzing using Echidna for smart contracts. Includes invariant definition, corpus management, coverage analysis, and CI/CD integration for comprehensive…
Weighs each attack path's effort against its likely impact to find the most important weakness with the least wasted effort, pursuing high-value surfaces first.
Scan one dependency surface, draft the advisory, and package the approved publication bundle.
Use to red-team an Econometrica manuscript before submission and to anticipate co-editor and referee objections — proof gaps, generality, missing finite-sample evidence, and…
Generate diagrams from natural language using EdrawMax AI APIs. Supports four diagram types: flowchart (流程图), infographic (信息图), Gantt chart (甘特图), and mind map (思维导图).
Edrone integration. Manage data, records, and automate workflows. Use when the user wants to interact with Edrone data.
Auditoria de segurança, análise de vulnerabilidades OWASP, proteção de dados e hardening
Greek social security (EFKA) integration — employee records, contribution calculations, APD declarations. Human approval for submissions.
Produces legally focused summaries of California Environmental Impact Reports (EIRs) under CEQA and federal Environmental Impact Statements (EISs) under NEPA.
Advisory guidance for Amazon EKS architecture and configuration decisions — compute strategy, networking, security, reliability, cost, autoscaling, observability, multi-tenancy,…
Use when designing EKS architecture. Generates design documents with Mermaid diagrams, ADRs, security architecture, and validation reports.
IAM Roles for Service Accounts (IRSA) for EKS pod-level AWS permissions. Use when configuring pod IAM access, setting up AWS service integrations, implementing least-privilege…
EKS networking configuration including VPC CNI, load balancers, and network policies. Use when setting up cluster networking, configuring ingress/load balancing, implementing…
EKS security hardening and best practices. Use when configuring cluster security, implementing pod security, managing secrets, preparing for compliance audits, hardening…
Cross-platform specifics for Electrobun apps — platform support matrix, Linux/Windows/macOS behavioral differences, CEF requirements by platform, events API, security patterns, CI…
Build secure desktop applications with Electron 33, Vite, React, and TypeScript. Covers type-safe IPC via contextBridge, OAuth with custom protocol handlers, native module…