全部能力

Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security…

⚠️ AUTHORIZED USE ONLY > This skill is for educational purposes or authorized security assessments only. > You must have explicit, written permission from the…

通过 gws CLI 管理 Google Workspace。安装、认证并自动化 Gmail、Drive、Sheets、Calendar、Docs、Chat 和 Tasks。执行安全...

Automatically fix broken OpenCLI adapters when commands fail. Load this skill when an opencli command fails — it guides you through diagnosing the failure via…

Implement proven methodologies and tool workflows from top security researchers for effective reconnaissance, vulnerability discovery, and bug bounty hunting.…

Identify and exploit HTML injection vulnerabilities that allow attackers to inject malicious HTML content into web applications. This vulnerability enables…

Comprehensive dependency health auditing for JavaScript/TypeScript projects. Run npm audit, detect outdated packages, check for security advisories, and verify license compliance. Prioritises vulnerabilities by severity and provides actionable fix recommendations. Use when: auditing project dependencies, checking for vulnerabilities, updating packages, preparing for release, or investigating "npm audit" warnings. Keywords: audit, vulnerabilities, outdated, security, npm audit, pnpm audit, CVE, GHSA, license.

Use when interacting with Jira issues - searching, creating, updating, moving, transitioning, commenting, logging work, downloading attachments, managing…

Use boss-cli for ALL BOSS 直聘 operations — searching jobs, viewing recommendations, managing applications, chatting with recruiters, and batch greeting. Invoke…

Tools for creating, auditing, and maintaining Claude Code skills. Includes /create-skill for scaffolding, /review-skill for quality checks, and /audit commands for bulk verification. Use when: building new skills, maintaining skill quality, or forking claude-skills repo.

Performs STRIDE threat modeling, DREAD risk scoring, secret detection, and secure architecture design. Use when conducting threat models, reviewing code for security vulnerabilities, designing defense-in-depth architectures, or scanning for hardcoded secrets and credentials.

Use this skill when the user asks "who has access", "audit permissions", "check user roles", "list API keys", "review access controls", "rotate API keys", "create API key", "delete expired keys", "send data keys", "IP allowlist", "IP access restrictions", "check IP whitelist", "add user", "deactivate user", "manage team groups", "user permissions", "role-based access", "manage scopes", "system roles", "API key admin", "team member keys", "group membership", or wants to audit, manage, or configure access controls for a Coralogix account.

Use for installing, upgrading, authenticating, and using Atlassian Command Line Interface (ACLI, `acli`) for Atlassian Cloud. Triggers include Jira CLI tasks…

Printing Press CLI for Ahrefs. SEO and competitive intelligence API for backlinks, keywords, rank tracking, site audit, and SERP data.

PR triage: audit open PRs, deep review selected ones, draft and post review comments. Args: "all" to review all, PR numbers to focus (e.g. "42 57"), "en"/"fr" for language, no arg = audit only in French.

Issue triage: audit open issues, categorize, detect duplicates, cross-ref PRs, risk assessment, post comments. Args: "all" for deep analysis of all, issue numbers to focus (e.g. "42 57"), "en"/"fr" for language, no arg = audit only in French.

Query Garmin Connect fitness and health data including activities, athlete stats, sleep, heart rate, stress, and body battery. Use when the user asks about…

飞书云盘增强命令组。分块上传大文件（>20MB 自动 3 段式）、流式下载、 文档异步导出（markdown 快捷路径 / sheet+bitable csv / sub-id / 有界轮询 + resume）、 文档异步导入、文件/文件夹移动（folder 自动轮询）、富文本评论（text/mention_user/link + wiki URL 解析 + 局部评论）、通用异步任务查询、本地 ↔ 云盘单向镜像 （pull/push/status，SHA-256 内容 diff + --delete-* --yes 双确认）、 v2 doc_wiki/search 扁平 filter 搜索（folder-tokens / space-ids / creator-ids / only-title）。 当用户请求"上传大文件"、"下载云盘文件"、"导出为 pdf/markdown/xlsx"、"导入 docx 到云文档"、"移动文件夹"、"添加文档评论"、"@某人评论文档"、"从 wiki 链接评论"、 "查询异步任务状态"、"drive 任务 resume"、"分块上传"、"云盘镜像"、"目录同步"、 "本地与云盘对照"、"SHA 比对"、"按文件夹搜文档"、"feishu drive"、"lark drive"时使用。 本 skill 与老的 file/media/comment 命令组并存，提供更强能力（User Token 支持、 异步 resume、富文本评论），基础场景仍可用 file/media。

Manage Gitea via CLI. Use when user mentions "tea", "gitea cli", or needs terminal-based Gitea operations.

ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.