Am I compromised? After supply-chain news — a poisoned npm/PyPI package, a malicious VS Code extension, a backdoored dep that ran as you — this runs a guided IOC triage of a…
Configure AI interaction audit logging for compliance. Activate when users mention "audit logging", "compliance logging", "ai interaction logs", "security audit", or "activity…
Analyze and update dependencies with vulnerability scanning. Activate when users mention "update dependencies", "security audit", "npm audit", "vulnerability scan", or "dependency…
Apply Windsurf security best practices for workspace isolation, data privacy, and secret protection. Use when securing sensitive code from AI indexing, configuring telemetry, or…
Execute comprehensive network traffic analysis using Wireshark to capture, filter, and examine network packets for security investigations, performance optimization, and…
Analyse de trafic réseau avec Wireshark incluant capture, filtres, protocoles et diagnostic réseau. Se déclenche avec "Wireshark", "capture réseau", "analyse de trafic" — from…
Structured web scraping for AI coders: explore, then exploit with shipped templates, runner, and hooks.
Drafts a Written Information Security Program compliant with Massachusetts 201 CMR 17.00 and supplementary frameworks (GDPR, CCPA, HIPAA, GLBA, PCI-DSS).
Wispr Flow security basics for voice-to-text API integration. Use when integrating Wispr Flow dictation, WebSocket streaming, or building voice-powered applications.
Runs ethics-compliant deposition witness-prep workflows for US civil litigation. Use when preparing party, fact, expert, or 30(b)(6) witnesses for deposition, including mock…
General mathematics skill and subsystem for OpenScientist. Use for every type of mathematical work: problem solving, proof generation, proof critique, disproof, theorem…
Internal Witsoc proof-artifact generation subskill. Use inside the Witsoc subsystem to create, repair, structurally check, verifier-context-build, receipt-track, and optionally…
Use when the user asks to audit what's wrong with a project, "make it right", "看看项目出了什么问题", "为什么用户的需求还没上线", "为什么没提交App Store", "为什么没新build", or wants a holistic…
Gebruik deze skill wanneer de gebruiker de huidige (geschatte) waarde van een woning wil berekenen op basis van aankoopprijs, aankoopjaar, aankoopkwartaal en provincie.
WordPress and WooCommerce development guidelines with PHP best practices, security standards, and extensibility patterns
Access and filter SecLists wordlists for authorized security testing. Password lists, username lists, fuzzing payloads, web shells.
WordOps is an open-source CLI tool that installs and manages a complete high-performance WordPress server stack with Nginx, PHP, MariaDB, and Redis in a few keystrokes.
Complete WordPress development workflow covering theme development, plugin creation, WooCommerce integration, performance optimization, and security hardening.
WordPress development best practices - coding standards, custom post types, security, performance, hooks/filters, and template hierarchy.
Use when user needs WordPress development, theme or plugin creation, site optimization, security hardening, multisite management, or scaling WordPress from small sites to…
Build secure WordPress plugins with hooks, database interactions, Settings API, custom post types, and REST API.
WordPress plugin development workflow covering plugin architecture, hooks, admin interfaces, REST API, security best practices, and WordPress 7.0 features: Real-Time…
Develops custom WordPress themes and plugins, creates and registers Gutenberg blocks and block patterns, configures WooCommerce stores, implements WordPress REST API endp — from…
Use when the user asks about WordPress codebases (plugins, themes, block themes, Gutenberg blocks, WP core checkouts) and you need to quickly classify the repo and route to the…
WordPress server optimization — Nginx config, PHP 8.3-FPM tuning, Redis object caching, WP Rocket, security hardening, staging, multisite
Red-Team-Check für jedes Ergebnis: Normenstand, Quellen, fehlende Tatsachen, Gegenargumente, technische Annahmen, Datenschutz und Haftungsfolgen.
Use for cold-start, time-boxed, multi-axis audits of unfamiliar codebases — take-home assessments, post-acquisition or due-diligence reviews, inherited-service onboarding,…
Dublin/GEAS Start: Workflow-Skill für Migrationsrecht; prüft Eurodac, Zuständigkeit, Fristen, Vulnerabilität und Eilantrag; mit Statusmatrix, Fristenrettung, Staatenbezug,…
Führt junge Anwältinnen und Anwälte durch den ersten Robotikfall: Aktenaufnahme, Normenlandkarte, Rückfragen, Quellencheck, Memo und Red-Team.
Prüft besondere Mensch-Roboter-Interaktion: Nähe, Vertrauen, Manipulation, psychische Belastung, vulnerable Nutzer und klare Grenzen. — from Klotzkette/claude-fuer-deutsches-recht
Erzeugt präzise Rückfragen an Technik, QM, Datenschutz, IT-Security, Vertrieb und Service, damit das Recht nicht im Nebel prüft. — from Klotzkette/claude-fuer-deutsches-recht
Sammelt FOSS, SBOM, Lizenzen, Security Advisories, Maintainer-Risiken und regulatorische Verantwortungsfragen. — from Klotzkette/claude-fuer-deutsches-recht
Prüft die eigene Lösung aus Sicht der Gegenseite und findet schwache Anspruchsvoraussetzungen, Einwendungen und Beweisprobleme.
Red-Team Miet/WEG: Workflow-Skill für Miet- und WEG-Recht; findet Fristenfehler, falsche Normen, Beweislücken und unklare Anträge; mit Kaltstart, Fristencheck, Belegmatrix,…
Red-Team Migration: Workflow-Skill für Migrationsrecht; findet Fristenfehler, fehlende Belege, falsche Normen und riskante Aussagen; mit Statusmatrix, Fristenrettung,…
Red-Team Qualitygate im Plugin aktenaufbereiter-strafrecht: prüft das Ergebnis auf Halluzinationen, Fristenfehler, Zuständigkeit, Quellen, Beweise und Ton.
Comprehensive security assessment and remediation. Use for security reviews, compliance checks, vulnerability assessments.
Führt Produktteam durch Security-by-Design: Bedrohungsmodell, Updatekanal, SBOM, Schwachstellenprozess, Logging und Notfallplan. — from Klotzkette/claude-fuer-deutsches-recht
Vulnerabilität/Atteste: Workflow-Skill für Migrationsrecht; prüft Trauma, Krankheit, Minderjährige, Schwangerschaft, Attestqualität; mit Statusmatrix, Fristenrettung,…
Workhuman security basics for employee recognition and rewards API. Use when integrating Workhuman Social Recognition, or building recognition workflows with HRIS systems.
Use when developing WordPress plugins: architecture and hooks, activation/deactivation/uninstall, admin UI and Settings API, data storage, cron/tasks, security…
Security guidelines for WordPress plugin development: sanitization, validation, escaping, nonces, capabilities, SQL injection prevention, XSS protection, and CSRF mitigation.
WordPress theme and plugin review skill. Detects whether a target path is a theme or plugin, runs security and standards checks, scores the findings, and writes a markdown report.
WordPress security hardening — nonce verification, wp_nonce_field, check_admin_referer, sanitize_text_field, sanitize_email, esc_html, esc_attr, esc_url, wp_kses, SQL injection…
WpIG und ZAG Pruefung: Wertpapierinstitutsgesetz und Zahlungsdiensteaufsichtsgesetz Voraussetzungen fuer Lizenz, Anwendungsbereich, Schnittstellen zu PSD3-Entwurf,…
WPScan is an open-source WordPress security scanner that detects vulnerabilities in plugins, themes, and core installations.
Validate, seal, and submit your Diplomacy orders for the current phase. Use when it is time to commit your moves.
Use to land your review as a durable artifact — the attack surface reviewed, findings at file:line (or "none"), the P-grade and minimal fix, and a clear GO / NO-GO — including on…
Authors a new `backend/services/Client.js` stub for a cred-blocked third-party integration. Use when a vendor API (RFU Zikr Cabs, Haramain Rail, Booking.com, AdsGPT,…
Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns.
CLI para organizar PDFs y libros con metadata generada por IA, búsqueda full-text (SQLite FTS5) y backups a iCloud o S3.
Wycheproof provides test vectors for validating cryptographic implementations. Use when testing crypto code for known attacks and edge cases.
Diagnose and resolve common issues with the WYRE MCP Gateway — missing vendor tools, OAuth failures, "Failed to update tool access" errors, expired credentials, and the request…
Extract tweet content from x.com URLs without credentials using browser automation. Use when user asks to \"extract tweet\", \"download x.com link\", \"get tweet content\", or…
Draft, validate, split into threads, open X/Twitter composer links, and use the dry-run-first MCP workflow for live X posting when local credentials are explicitly configured.
Generates an x-ray.md pre-audit report covering overview, enhanced threat model (protocol-type profiling, git-weighted attack surfaces, temporal risk analysis, composability…
Internal xlfg specialist lens. Security second opinion — authN/Z, validation, secrets, injection. Load from review when the change touches boundaries or trust.
Send and receive encrypted messages to external agents and users via XMTP. Use when asked to message someone outside your team by ENS name or wallet address.
Use when preparing for a security audit, performing reconnaissance on a new codebase, or creating a protocol overview.
使用 xray 进行 Web 漏洞自动化扫描。当需要对 Web 应用进行全面漏洞扫描(XSS/SQLi/命令注入/SSRF/XXE/路径穿越/文件上传/弱口令等)时使用。xray 是长亭科技出品的综合性 Web 安全评估工具,支持主动扫描、被动代理扫描、基础爬虫扫描三种模式,内置丰富的检测插件和社区 POC。任何涉及 xray 漏洞扫描、Web…