全部能力

Master smart contract security best practices, vulnerability prevention, and secure Solidity development patterns.

Navigate privacy regulations (GDPR, CCPA), review DPAs, and handle data subject requests. Use when reviewing data processing agreements, responding to data…

Comprehensive document creation, editing, and analysis with support for tracked changes, comments, formatting preservation, and text extraction. When Claude…

Dependency audit and cleanup workflow for maintaining healthy project dependencies. Use for regular maintenance, security updates, and removing unused packages.

Use when a user asks to "proofread", "review and correct", "fix grammar", "improve readability while keeping my voice", and to proofread a document file and save an updated version.

当需要使用 gh CLI 处理 GitHub 开放 Pull Request 上的审查或 issue 评论时。

Execute systematic privilege escalation assessments on Linux systems to identify and exploit misconfigurations, vulnerable services, and security weaknesses…

Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers

Google Calendar 集成。管理通信数据、记录和工作流。当用户需要与 Google Calendar 数据交互时使用。

CRM-lite for managing GEO agency prospects and clients. Track leads through the full sales pipeline: Lead → Qualified → Proposal Sent → Won → Lost. Store audit history, notes, deal values, and generate pipeline summaries. Use when user says "prospect", "lead", "client", "pipeline", "crm", "nuovo prospect", "aggiungi cliente", or when managing the business side of GEO services.

Validate, lint, audit, or review azure-pipelines.yml — syntax, security, best practices.

Configures HTTP security headers to protect against XSS, clickjacking, and MIME sniffing attacks. Use when hardening web applications, passing security audits,…

Verify fix commits address audit findings without new bugs

SAP S4 HANA integration. Manage Organizations, Persons, Leads, Deals, Activities, Notes and more. Use when the user wants to interact with SAP S4 HANA data.

Microsoft Teams integration. Manage communication data, records, and workflows. Use when the user wants to interact with Microsoft Teams data.

Penetration testing methodology expert. OWASP, PTES, reconnaissance, scanning, exploitation, reporting. Use for security assessments.

Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security…

This skill should be used when the user wants to "create a skill", "add a skill to plugin", "write a new skill", "improve skill description", "organize skill…

Set up, configure, and troubleshoot Grafana Cloud integrations for AWS, Azure, and other cloud

Use when deciding where code should live, organising files, or auditing project structure. Checks colocation, grouping, and directory anti-patterns.