agent

Guides the design and structuring of workflow-based Claude Code skills with multi-step phases, decision trees, subagent delegation, and progressive disclosure. Use when creating skills that involve sequential pipelines, routing patterns, safety gates, task tracking, phased execution, or any multi-step workflow. Also applies when reviewing or refactoring existing workflow skills for quality.

面向 ECC 的证据优先自动化清单与重叠审计工作流。当用户希望了解哪些作业、钩子、连接器、MCP 服务器或包装器……时使用。

Implement secure coding practices following OWASP Top 10. Use when preventing security vulnerabilities, implementing authentication, securing APIs, or…

证据优先的 ECC 工具消耗与账单审计工作流。在调查 PR 激增创建、配额绕过、高级模型泄漏、重复作业或……时使用。

针对工作流利用漏洞的 GitHub Actions 安全审查。当被要求“审查 GitHub Actions”、“审计工作流”、“检查 CI 安全”等时使用。

具有钱包或交易权限的自主交易代理的安全模式。涵盖提示注入、消费限额、发送前模拟、熔断……

PHP 8.x modern patterns, PSR standards, and SOLID principles. Use when reviewing PHP code, checking type safety, auditing code quality, or ensuring PHP best…

Audit and harden hosts running OpenClaw for SSH, firewall, updates, exposure, cron checks, and risk posture.

Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when someone asks to annotate units in a…

当用户要求“润色代码”、“简化并审查”、“清理并审查代码”、“全面代码润色”、“简化后审查”……时，应使用此技能。

当用户提及连接/断开钱包、登录、登出、Web3 钱包、钱包地址、查询余额、加密货币持有量、发送 BNB/USDT/加密货币、代币转账、代币兑换、买入/卖出代币、DEX 交易、限价单、市价单、取消订单、获取报价、交易历史、钱包设置、每日限额、滑点、MEV 保护、支持的链、可用网络，或任何链上钱包操作时使用。

academic-research-writer — 一个可安装的 AI agent skill，由 endigo/claude-skills 发布。

Security audit guidelines for web applications and REST APIs based on OWASP Top 10 and web security best practices. Use when checking code for vulnerabilities,…

INVOKE THIS SKILL for LLM-as-judge evaluation workflows on Arize: creating/updating evaluators, running evaluations on spans or experiments, tasks,…

INVOKE THIS SKILL when downloading, exporting, or inspecting Arize traces and spans, or when a user wants to look at what their LLM app is doing using existing…

Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on…

Security vulnerability expert covering OWASP Top 10 and common security issues. Use when conducting security audits or reviewing code for vulnerabilities.

根据 OWASP Agentic Security Initiative (ASI) Top 10 风险检查任意 AI agent 代码库。在以下场景使用此技能： - 生产部署前评估 agent 系统安全态势 - 针对 OWASP ASI 2026 标准运行合规检查 - 将现有安全控制映射到 10 项 agentic 风险 - 生成安全审查或审计用的合规报告 - 对比 agent 框架安全特性与标准差异 - 处理类似"我的 agent 是否符合 OWASP 标准"、"检查 ASI 合规性"或"agentic 安全审计"的请求

Agent memory management — cloud backup, restore, and local vector search of .md memory files

当用户提到创建支付链接、支付 paymentId / a2a_... 链接，或检查 a2a 支付状态时使用此技能。封装了 `onchainos payment…