ing

Complete guide for CloudBase cloud storage using Web SDK (@cloudbase/js-sdk) - upload, download, temporary URLs, file management, and best practices.

Salesforce Industries Common Core (OmniStudio/Vlocity) Apex callable generation and review with 120-point scoring. TRIGGER when: user creates or reviews System.Callable classes, migrates `VlocityOpenInterface` / `VlocityOpenInterface2`, or builds Industries callable extensions used by OmniStudio, Integration Procedures, or DataRaptors. DO NOT TRIGGER when: generic Apex classes/triggers (use sf-apex), building Integration Procedures (use sf-industry-commoncore-integration-procedure), authoring OmniScripts (use sf-industry-commoncore-omniscript), configuring Data Mappers (use sf-industry-commoncore-datamapper), or analyzing namespace/dependency issues (use sf-industry-commoncore-omnistudio-analyze).

使用 Salesforce CLI 切换活动的 Salesforce 组织（默认 target-org）。当用户想要更改 CLI 命令运行的目标组织时使用——…

Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on…

Guidelines for implementing JWT authentication with security best practices for token creation, validation, and storage

当用户想要设置、审计或优化分析追踪（GA4、事件、转化）时使用。当用户提到"Google Analytics"、"GA4"…时也使用。

Security vulnerability expert covering OWASP Top 10 and common security issues. Use when conducting security audits or reviewing code for vulnerabilities.

Django access control and IDOR security review. Use when reviewing Django views, DRF viewsets, ORM queries, or any Python/Django code handling user…

When the user wants to create, optimize, or audit a product listing or category page. Also use when the user mentions "product page," "product listing,"…

根据 OWASP Agentic Security Initiative (ASI) Top 10 风险检查任意 AI agent 代码库。在以下场景使用此技能： - 生产部署前评估 agent 系统安全态势 - 针对 OWASP ASI 2026 标准运行合规检查 - 将现有安全控制映射到 10 项 agentic 风险 - 生成安全审查或审计用的合规报告 - 对比 agent 框架安全特性与标准差异 - 处理类似"我的 agent 是否符合 OWASP 标准"、"检查 ASI 合规性"或"agentic 安全审计"的请求

When the user wants to build backlinks, acquire links, or improve off-page SEO. Also use when the user mentions "link building," "backlinks," "off-page SEO,"…

使用来自《Getting Real》《Rework》和《Shape Up》的 37signals 哲学，构建精简、有主见的产品。当用户提到 "Getting Real"、"Rework"…时使用。

基于 NVIDIA garak 构建的 AI 模型安全扫描器，通过 179 个安全探针对 35 个漏洞家族测试 LLM

Determine whether an app is ready to submit, then drive the current App Store release flow with asc, including validation, staging, review submission,…

Validate App Store submission readiness, submit prepared versions, and monitor review status with current asc commands. Use when shipping or troubleshooting…

This skill should be used when the user requests brand analysis, brand guidelines creation, brand audits, or establishing brand identity and consistency…

支持版本感知的 Apollo Router 配置与运行指南，适用于联邦 GraphQL 超图。可生成兼容 Router v1.x 和 v2.x 的正确 YAML 配置。适用场景：(1) 搭建 Apollo Router 运行超图，(2) 配置路由、请求头或 CORS，(3) 实现自定义插件（Rhai 脚本或协处理器），(4) 配置可观测性（链路追踪、指标、日志），(5) 排查 Router 性能或连接问题。

Expert skill for building, customizing, and embedding the FlipOff split-flap display emulator — a free, offline-capable web app that turns any browser/TV into…

Drizzle ORM schema authoring and query style for LobeHub (postgres, strict mode). Use when editing anything under `src/database/schemas/`, defining `pgTable`…

当用户提到创建支付链接、支付 paymentId / a2a_... 链接，或检查 a2a 支付状态时使用此技能。封装了 `onchainos payment…