全部能力

API 安全清单，用于部署前审查端点。在创建或修改 API 路由时使用，以确保正确的认证、授权和…

Apply when scoping, reviewing, or documenting cross-cutting VTEX commerce architecture across storefront, IO, headless, marketplace, payments, or any other…

Record and analyze post-trade outcomes for signals generated by edge pipeline and other skills. Track false positives, missed opportunities, and regime…

轻量级 Google Drive 集成，支持独立 OAuth 认证。无需 MCP 服务器。完整的读写访问权限。

Analyzes events through political science lens using IR theory (Realism, Liberalism, Constructivism), comparative politics, institutional analysis, and power dynamics. Provides insights on governance, security, regime change, international cooperation, and policy outcomes. Use when: Political events, international crises, elections, regime transitions, policy changes, conflicts. Evaluates: Power distributions, institutional effects, actor interests, strategic interactions, norms.

Use when the user asks to set up secret management infrastructure, integrate HashiCorp Vault, configure cloud secret stores (AWS Secrets Manager, Azure Key…

使用 JWT、OAuth 2.0、API 密钥实现安全的 API 认证。适用于认证系统、第三方集成、服务间通信或…

Comprehensive security guide for Capacitor apps using Capsec scanner. Covers 63+ security rules across secrets, storage, network, authentication, cryptography,…

Github integration. Manage project management and ticketing data, records, and workflows. Use when the user wants to interact with Github data.

Setup and manage Kernel authentication connections for any website (Gmail, GitHub, Outlook, or custom domains). Handles managed auth flows with automatic…

Push current branch changes to origin and create or update the corresponding

Creates and manages secrets in AWS Secrets Manager following security best practices. Always use this skill when creating secrets — it sets up dedicated KMS…

Review current branch for blindspots; fix now / needs spec / create issues.

Git 버전 관리 모범 관례 및 워크플로우 가이드. 다음 상황에서 사용: (1) Git 커밋 메시지 작성 시 (Conventional Commits 규칙 적용), (2) 브랜치 생성 및 관리 시 (GitHub Flow 기반), (3) PR 생성 및 병합 전략 선택 시, (4) Git…

>

Analyze emails for phishing, scam indicators, and security threats

Task-driven ACL governance through nb CLI for role lifecycle, global role mode, permission policy, user-role membership, and risk assessment. Use when users…

Automate security monitoring, threat detection, incident response, and compliance workflows

Analyzes landing pages and provides detailed CRO (Conversion Rate Optimization) recommendations. Use when user provides a landing page URL or HTML/CSS code and…

Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a skill directory or git repo URL for malicious code, (3) pre-install security gate for Claude Code plugins, OpenClaw skills, or Codex skills, (4) scanning Python scripts for dangerous patterns like os.system, eval, subprocess, network exfiltration, (5) detecting prompt injection in SKILL.md files, (6) checking dependency supply chain risks, (7) verifying file system access stays within skill boundaries. Triggers: "audit this skill", "is this skill safe", "scan skill for security", "check skill before install", "skill security check", "skill vulnerability scan".