全部能力

Advanced Content Security Policy bypass techniques. Use when XSS or data exfiltration is blocked by CSP and you need to find policy weaknesses, trusted endpoint abuse, nonce leakage, or exfiltration channels that CSP cannot block.

Reference skill for Zoom Team Chat. Use after routing to a chat workflow when building user-scoped messaging integrations, chatbot experiences, rich cards,…

Slack integration. Manage communication data, records, and workflows. Use when the user wants to interact with Slack data.

RSA attack playbook for CTF and real-world cryptanalysis. Use when given RSA parameters (n, e, c) and need to recover plaintext by exploiting weak keys, small exponents, shared factors, or padding oracles.

Linux lateral movement playbook. Use after gaining initial access to pivot across Linux hosts via SSH hijacking, credential harvesting, internal pivoting, D-Bus exploitation, sudo token reuse, and shared filesystem abuse.

Smart contract vulnerability playbook. Use when auditing Solidity/EVM contracts for reentrancy, integer overflow, access control, delegatecall, flash loan, signature replay, and MEV-related attack patterns.

DeFi attack pattern playbook. Use when analyzing flash loan attacks, price oracle manipulation, MEV sandwich attacks, governance exploits, bridge vulnerabilities, and token standard edge cases in decentralized finance protocols.

Implement, review, or improve maps and location features in iOS/macOS apps using MapKit and CoreLocation. Use when working with Map views, annotations,…

Google Cloud Platform (GCP) development best practices for Cloud Functions, Cloud Run, Firestore, BigQuery, and Infrastructure as Code.

Senior GDPR/DSGVO expert and internal/external auditor for data protection compliance. Provides EU GDPR and German DSGVO expertise, privacy impact assessments,…

Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce…

Expert patterns for Plaid API integration including Link token

Use this skill whenever the user wants to create, read, edit, or manipulate Word documents (.docx files). Triggers include: any mention of 'Word doc', 'word…

飞书会话浏览、消息互动与群聊管理。查看聊天记录（单聊/群聊）、搜索群聊、获取消息详情、 Reaction 表情回应、Pin 置顶/取消置顶、删除消息，以及群聊信息管理（获取/更新/解散/成员）。 支持普通群和话题群（话题群自动获取线程回复）。大多数命令需要 User Token；`msg delete` 默认使用 App Token（Bot 撤回自己 24h 内消息），可选传 User Token 让群管理员撤回他人消息。 当用户请求"查看聊天记录"、"读私聊"、"p2p 聊天"、"群聊历史"、"搜索群聊"、 "查群信息/群成员"、"Reaction/表情回应"、"Pin/置顶消息"、"删除消息"、"消息详情"、 "和某人聊了什么"、"群里说了什么"、"总结群消息"、"话题回复 / thread replies"、 "合并转发里有啥"、"读合并转发"、"merge_forward 子消息"时使用。 特性：传 --user-email 或 --user-id 即可直读私聊无需反查 chat_id；消息列表自动附带 sender_names（open_id → 姓名）映射，无需额外调 member list。 即使用户只给出群名或 chat_id 想"浏览消息"而未说"聊天记录"，也应使用此技能。

Build high-performance FastAPI applications with async routes, validation, dependency injection, security, and automatic API documentation. Use when developing modern Python APIs with async support, automatic OpenAPI documentation, and high performance requirements.

macOS security bypass playbook. Use when targeting macOS endpoints and need to bypass TCC, Gatekeeper, SIP, sandbox, code signing, or entitlement-based protections during authorized red team or pentest engagements.

Active Directory ACL 滥用手册。用于利用配置错误的 AD 权限，包括 GenericAll、WriteDACL、DCSync 权限、shadow credentials、LAPS 读取、GPO 滥用以及 BloodHound 引导的攻击路径。

AI/ML 安全手册。用于评估模型供应链攻击（pickle RCE、投毒权重）、对抗样本、模型投毒、模型窃取、数据隐私攻击（成员推断、模型逆向）以及自主智能体安全风险。

针对 Active Directory 的 Kerberos 攻击手册。用于通过 AS-REP roasting、Kerberoasting、黄金/白银/钻石票据、委派滥用或 pass-the-ticket 攻击定位 AD 认证的场景。

Detect malicious patterns in AI Agent skills — 13 detectors for backdoors, credential theft, data exfiltration, and supply-chain attacks. Based on SlowMist's…