全部能力

针对工作流利用漏洞的 GitHub Actions 安全审查。当被要求“审查 GitHub Actions”、“审计工作流”、“检查 CI 安全”等时使用。

Content quality and E-E-A-T analysis with AI citation readiness assessment. Use when user says "content quality", "E-E-A-T", "content analysis", "readability check", "thin content", or "content audit".

Vet ClawHub skills before installation. Use when the user asks about evaluating, auditing, or safely installing OpenClaw/ClawHub skills, or when a skill’s…

使用 k-skill-proxy 搜索韩国上市股票，查看 KRX 基本信息，并获取每日交易快照，无需用户提供 KRX API 密钥。

配置 OAuth 提供商（Google、Apple、Microsoft、Facebook、GitHub 等）以适配无端口本地开发 URL。在设置 OAuth 重定向 URI 时使用，…

Identify, assess, and mitigate operational risks. Trigger with "what are the risks", "risk assessment", "risk register", "what could go wrong", or when the…

Microsoft Sharepoint integration. Manage Sites. Use when the user wants to interact with Microsoft Sharepoint data.

Generate user demand research reports from real user feedback. Scrape and analyze feature requests, complaints, and questions from Reddit, X, GitHub, YouTube,…

Generate FilamentPHP v4 resources with form, table, relation managers, and actions

Permission Set analysis, hierarchy viewer, and access auditing. TRIGGER when: user asks "who has access to X?", analyzes permission sets/groups, or touches .permissionset-meta.xml / .permissionsetgroup-meta.xml files. DO NOT TRIGGER when: creating new metadata (use sf-metadata), deploying permission sets (use sf-deploy), or Apex sharing logic (use sf-apex).

将 Codex 技能安装到 $CODEX_HOME/skills，来源可以是精选列表或 GitHub 仓库路径。当用户要求列出可安装技能、安装精选…时使用。

PRD 초안을 작성하고 형식을 검증한 뒤 GitHub PR 제출을 안내한다. "PRD 작성", "PRD 검증", "Day 6", "6일차", "PR 제출", "prd submit" 요청에 사용.

Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the…

Salesforce Connected Apps and OAuth configuration with 120-point scoring. TRIGGER when: user configures OAuth flows, JWT bearer auth, Connected Apps, or touches .connectedApp-meta.xml / .eca-meta.xml files. DO NOT TRIGGER when: Named Credentials for callouts (use sf-integration), permission policies (use sf-permissions), or API endpoint code (use sf-apex).

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for…

Run a compliance check on a proposed action, product feature, or business initiative, surfacing applicable regulations, required approvals, and risk areas. Use…

Generate a status report with KPIs, risks, and action items. Use when writing a weekly or monthly update for leadership, summarizing project health with…

当用户提及连接/断开钱包、登录、登出、Web3 钱包、钱包地址、查询余额、加密货币持有量、发送 BNB/USDT/加密货币、代币转账、代币兑换、买入/卖出代币、DEX 交易、限价单、市价单、取消订单、获取报价、交易历史、钱包设置、每日限额、滑点、MEV 保护、支持的链、可用网络，或任何链上钱包操作时使用。

Package an escalation for engineering, product, or leadership with full context. Use when a bug needs engineering attention beyond normal support, multiple…

Audit code for memory leaks and disposable issues. Use when reviewing event listeners, DOM handlers, lifecycle callbacks, or fixing leak reports. Covers…