Decide and audit the security boundary a Flow runs at — System Context With Sharing, System Context Without Sharing, or User Context — plus the per-element runInMode override and…
Orchestrate continuous security validation, threat modeling, vulnerability management, and security gate enforcement across SDLC phases
Multi-agent swarm orchestration via RuFlo + Claude Code. Turns single coding sessions into coordinated agent teams (architect/coder/tester/reviewer).
Framework for designing token economics for Flow-based protocols. Covers economic first principles (Fisher Equation MV=PQ, Nash equilibrium, mechanism design, behavioral…
Trace data flow across files from source to sink. Use for cross-file taint analysis, understanding how user input reaches dangerous sinks, and documenting vulnerability paths.
Static-analyze Apex source for DML and SOQL operations missing CRUD/FLS enforcement. Reports every `insert`/`update`/`delete`/`upsert`/`merge` and dynamic SOQL that doesn't use…
Local database and persistence selection for Flutter including SharedPreferences, SecureStorage, Hive, and Drift.
Complete guide for using drift database library in Flutter applications. Use when building Flutter apps that need local SQLite database storage with type-safe queries, reactive…
Mapa canônico do fluxo de uma cotação até a ativação do associado neste projeto (Praticcar). Use ao mexer em qualquer etapa entre criação da cotação e ativação — link público,…
Apply Fly.io security best practices for secrets management, private networking, TLS certificates, and deploy token scoping.
Guides fnox provider selection and setup — age encryption, AWS (Parameter Store and Secrets Manager), 1Password, Bitwarden, GCP, Azure, Doppler, Vault, and local options.
Security best practices for fnox — key rotation, gitignore rules, CI/CD secret handling, access control, missing-secret enforcement, and avoiding common mistakes.
Normalize vendor-specific billing rows (AWS CUR, Azure Cost Management, GCP Billing Export, OCI) into FOCUS v1.2 columns from user-pasted CSV or JSON input.
Apply security best practices for Fondo including OAuth token management, financial data protection, SOC 2 compliance, and access control.
Apply ant colony optimization and foraging theory to resource search, exploration-exploitation tradeoffs, and distributed discovery.
Use whois in Forensic Claw for lawful DFIR, cyber security, evidence triage, intrusion analysis, and case-backed forensic workflows.
Forensics Data Collector - Auto-activating skill for Security Advanced. Triggers on: forensics data collector, forensics data collector Part of the Security Advanced skill…
SQL-powered forensic investigation and system interrogation using osquery to query operating systems as relational databases.
Audit existing infrastructure for security issues, waste, and misconfigurations. Use when asked to "audit my infra", "check cloud setup", "infra review", "are we wasting money",…
Authentication and session discipline. argon2id password hashing, server-side sessions vs JWT, OAuth 2.1 + PKCE, MFA via TOTP / WebAuthn, password reset hygiene, anti-enumeration…
Caddyfile discipline for production traffic. Global options, automatic HTTPS done right, security header pack, reverse_proxy with health checks, structured logs, multi-tenant…
GitHub Actions workflow discipline. SHA-pinned third-party actions, scoped permissions per job, OIDC federation over long-lived cloud credentials, dependency caching, concurrency…
Design and build networking infrastructure — VPCs, subnets, DNS, load balancers, firewall rules. Use when asked to "set up networking", "VPC design", "configure DNS", "load…
Exhaustive actor-based QA warfare for FitnessMealPlanner. Targets 100% of the role × endpoint × state × input × assertion coverage matrix across…
Secret handling discipline. Env loading with fail-fast validation, log redaction at source, error-to-client hygiene, weak-hash detection, rotation runbooks, hashed-at-rest API…
Security patterns for web forms including autocomplete attributes for password managers, CSRF protection, XSS prevention, and input sanitization.
Static security analysis of HTML forms without sending any requests. Checks for CSRF tokens, insecure actions, missing validation, hidden field issues, and common security…
Redrafts user-provided text into formal, binding legal language for contracts, policies, or codes of ethics.
Router for web form development. Use when creating forms, handling validation, user input, or data entry across React, Vue, or vanilla JavaScript.
Triage whether a known CVE/GHSA vulnerability is actually exploitable in this project. Use when the user wants a reachability verdict on a specific advisory — is the project…
Expert in Gravito security and authentication. Trigger this when setting up Auth, configuring CSP, or implementing security middleware.
FortiOS VDOM segmentation audit with UTM profile binding validation, FortiGuard service health assessment, SD-WAN security evaluation, and HA cluster posture check.
Fortinet FortiSASE audit — Secure Web Gateway policy review, ZTNA application gateway assessment, thin edge FortiGate integration validation, SD-WAN security overlay analysis,…
Prüft FOSS in Robotik: kommerzielle Bereitstellung, Hochrisiko-KI-Ausnahmen, SBOM, Lizenzen, Security und Haftungsallokation.
Pure mathematical structure. Sets, groups, rings, fields, topology — the formal bedrock everything else rests on.
Manages founder business portfolio, signals, vault, and snapshots. Tracks business health, stores credentials securely, and generates AI-powered business analytics and…
Decision validation and thinking frameworks for startup founders. Use when you need to pressure-test a decision, validate your next steps, think through strategic options, or…
Apply Framer security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Framer security configuration.
Use when choosing, replacing, or justifying a framework, library, SDK, runtime, database, UI kit, or platform by fit: constraints, team skill, ecosystem maturity, migration cost,…
프레임워크와 언어의 소스코드 및 개발자 가이드를 직접 분석하여 메타적 보안 구조를 파악하는 스킬. Spring의 mass assignment, Java getHost()의 URL Confusion처럼 프레임워크/언어 설계상의 보안 함의를 소스코드 레벨에서 추출한다.
Use when you need to design, review, or improve REST APIs with Micronaut — including @Controller routes, HTTP status codes, DTOs, Bean Validation, exception handlers, pag — from…
Use when you need to design, review, or improve security in Micronaut applications — including micronaut-security authentication, @Secured and intercept-url-map rules, JW — from…
Use when you need to design, review, or improve REST APIs with Quarkus REST (Jakarta REST) — including resource classes, HTTP methods, status codes, request/response DTOs — from…
Use when you need to design, review, or improve security in Quarkus applications — including Quarkus Security with JWT/OIDC, basic auth, @RolesAllowed / @Authenticated / — from…
Use when you need to design, review, or improve validation in Quarkus applications — including Bean Validation on JAX-RS resources, @Valid on parameters and CDI beans, co — from…
Use when you need to design, review, or improve security in Spring Boot applications — including SecurityFilterChain, OAuth2/JWT resource server patterns, form login basi — from…
Práce s Freelo.io v1 REST API a webhooky — projekty, tasklists, tasky, subtasks, komentáře, time tracking, work reporty, custom fields, faktury, soubory.
Manage the freshie ecosystem inventory database — a CMDB tracking all plugins, skills, packs, and compliance grades across 50 SQLite tables.
Zentrales Fristenbuch fuer die Kanzlei mit Haupt- und Vorfristen ueber alle Rechtsgebiete. Berechnet Fristbeginn nach den jeweiligen Verfahrensordnungen (ZPO StPO SGG FGO VwGO…
Analyzes FedRAMP FRMR documents to extract control mappings, KSI entries, and version changes. Use when the user asks about FedRAMP requirements, control mappings, compliance…
Ultimate 25+ years expert-level frontend skill covering Next.js, React, TypeScript, Tailwind CSS, styled-components, Redux, Zustand, Webpack, Vite, Parcel, Jest/Vitest testing,…
You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention.
Audit frontend codebases for security vulnerabilities and bad practices. Use when performing security reviews, auditing code for XSS/CSRF/DOM vulnerabilities, checking Content…
Secure Solana frontends against phishing, bad prompts, and unsafe signing requests. Use for audits of wallet UX and dApp sites.
Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns.
Implement data persistence using SQLite with Dapper, JSON files, or event sourcing. Use when: "database", "save data", "store", "CRUD", "create table", "query", "SQL", "SQLite",…
Orchestrate a full non-mutating app or repo review across architecture, live flows, frontend quality, testing and coverage, security, observability and error instrumentation,…
Triggered when the user submits code or requests a comprehensive code quality analysis. Automatically performs static analysis, code review, and quality scoring.
ใช้สกิลนี้เมื่อต้องออกแบบ พัฒนา แก้บั๊ก รีแฟกเตอร์ หรือรีวิวโค้ด Web Application แบบ Full Stack บน stack React + TypeScript + Vite + Bun + Hono + PostgreSQL…
Master-level fullstack software engineering with deep backend expertise. Use when building production-grade APIs, database architectures, authentication systems, microservices, or…