**DEFAULT for cost analysis spanning LLM tokens, cloud spend, and database query cost — produces a ranked findings list with monthly $-cost estimate, severity, and remediation…
Chief Security Officer mode. Infrastructure-first security audit: secrets archaeology, dependency supply chain, CI/CD pipeline security, LLM/AI security, skill supply cha — from…
CVE and CWE database querying and management
Advanced debugging integration for vulnerability research
quality gates | code review debug audit security eval ui
This skill should be used when the user explicitly invokes `/oracle:mcp-fleet` to set up, extend, or wire multi-workspace MCP server access from Claude Code.
MITRE ATT&CK framework mapping and analysis
Implement OAuth 2.0 and OpenID Connect flows for SDKs
Offensive security tools and techniques integration
Okta SSO auto-login via Push MFA. Use this skill whenever the user needs to log in to any environment, mentions Okta/SSO authentication, or wants to open any internal tool…
Pipedrive CRM integration optimized for SMB sales teams
ALWAYS use this skill when the user mentions PKA, personal knowledge, repo map, knowledge base setup, replacing Obsidian/Notion/Tana/Heptabase, organizing notes and files into a…
ALWAYS use this skill when the user wants a dashboard, browser interface, or visual view of their knowledge base, notes, projects, or PKA system.
Proactive codebase audit that discovers code quality issues, security vulnerabilities, performance problems, and architectural debt using parallel analysis agents, then creates…
Post-quantum cryptography evaluation skill for quantum-safe migration
SQLite-based project documentation logger for tracking API references, components, and project progress.
Exploit development automation using pwntools framework
This skill should be used for cross-artifact consistency reviewer -- validates alignment across SPEC.md, REQUIREMENTS.md, ROADMAP.md, and DESIGN.md.
Run security scans including SAST, dependency scanning, and secret detection
Generate a client-ready security hygiene snapshot for a prospect domain. Free lead magnet for consulting practices.
This skill verifies security and threat-mitigation coverage for completed SB work.
Ethereum and blockchain smart contract security analysis
Integration with security-focused static analysis tools
STIX/TAXII threat intelligence format and sharing
Generate threat models using STRIDE, PASTA, or VAST methodologies
Validate production readiness of Vertex AI Agent Engine deployments across security, monitoring, performance, compliance, and best practices.
YARA rule creation, testing, and deployment
Sign in to ZeroGPU and persist the API key + Project ID. Use when the user asks to log in, authenticate, or set up ZeroGPU credentials for the first time.
Implement security best practices for TwinMind integrations. Use when securing API keys, configuring privacy settings, or implementing data protection for meeting recordings.
Soc2 Compliance Checker - Auto-activating skill for Security Advanced. Triggers on: soc2 compliance checker, soc2 compliance checker Part of the Security Advanced skill c — from…
5-level verification pyramid: static→unit→Playwright E2E (homepage-first, 6bp)→AI visual→post-deploy. 8-check quality gate.
You MUST use this when building projects end-to-end. Orchestrates all 12 team roles — automatically switches between CTO, architect, PM, engineers, SRE, security, DBA, QA, and EM…
Security-Scanner Agent fuer fabrikIQ und andere Projekte. Fuehrt umfassende Sicherheitspruefungen durch. — from tools-only/X-Skills
Generates audit trail infrastructure for entities. Implements IAuditable interface, EF Core SaveChanges interceptor, and automatic population of CreatedAt, UpdatedAt, CreatedBy,…
SSL/БСП subsystems guidance and search via 1c-mcp_ssl_server MCP. Use when working with standard library subsystems - users, files, print forms, background jobs, email, common…
Audits security and supply-chain risk between two git refs with Codex cross-validation. 预发布安全审计(含 Codex 交叉验证)。Use when performing pre-release security audits, supply-chain…
Configures 1Password CLI with direnv for fast, secure credential loading. Activates for: 1Password + direnv setup, slow secrets (>2 sec), .env.op files, op:// references, AWS…
Secure secret management using 1Password CLI. Detect plaintext secrets in files and codebases, convert environment files to 1Password templates, inject secrets securely using op…
Use when you need to design, review, or improve security in Spring Boot applications — including SecurityFilterChain, OAuth2/JWT resource server patterns, form login basi — from…
Complete VPN server setup from scratch. Takes a fresh VPS (IP + root + password from hosting provider) through full server hardening and 3x-ui (Xray proxy panel) installa — from…
Complete VPN server setup from scratch. Takes a fresh VPS (IP + root + password from hosting provider) through full server hardening and 3x-ui (Xray proxy panel) installa — from…
Protect your SaaS app from common vulnerabilities. Use when building auth, handling user data, or deploying features.
Use when you need to design, review, or improve REST APIs with Quarkus REST (Jakarta REST) — including resource classes, HTTP methods, status codes, request/response DTOs — from…
Use when you need to design, review, or improve validation in Quarkus applications — including Bean Validation on JAX-RS resources, @Valid on parameters and CDI beans, co — from…
Use when you need to design, review, or improve security in Quarkus applications — including Quarkus Security with JWT/OIDC, basic auth, @RolesAllowed / @Authenticated / — from…
create an initial PyTM-based threat model of your system by asking questions after the 4 Questions Framework
Use when you need to design, review, or improve REST APIs with Micronaut — including @Controller routes, HTTP status codes, DTOs, Bean Validation, exception handlers, pag — from…
Use when you need to design, review, or improve security in Micronaut applications — including micronaut-security authentication, @Secured and intercept-url-map rules, JW — from…
Create your cloud security skill in one prompt, then learn to improve it throughout the chapter
Create your operational excellence skill in one prompt, then learn to improve it throughout the chapter
Two superpowers for AI agents: a collective brain and a Base ecosystem mentor. BRAIN: Before debugging/compiling/architecting, search for existing solutions.
Zero-knowledge secrets management via PassBox — store, retrieve, rotate, and inject credentials securely.
Integrate Red Hat Ansible Automation Platform (AAP) with HashiCorp Vault Enterprise for dynamic SSH credential management.
AAWP (AI Agent Wallet Protocol) — the only crypto wallet protocol built exclusively for AI Agents on EVM-compatible blockchains and Solana. Not for humans.
Background information about Lendtrain powered by Atlantic Home Mortgage — company history, credentials, founder bio, and contact information for borrower trust-building.
Set up Abridge clinical AI platform authentication and EHR integration credentials. Use when onboarding a healthcare org to Abridge, configuring Epic/Athena integration, or…
Apply HIPAA-compliant security practices for Abridge clinical AI integrations. Use when securing PHI in transit/at rest, configuring access controls, implementing audit logging,…
Expert in groups, rings, fields, and algebraic structures with applications to cryptography and number theory
RBAC/ABAC implementation patterns, least privilege access, row-level security, column masking, and access review workflows.
Protocol Type Trigger account_abstraction (detected when ERC-4337 interfaces, EntryPoint, UserOperation, or Paymaster patterns found) - Inject Into Breadth agents, depth-external