全部能力

Execute comprehensive SQL injection vulnerability assessments on web applications to identify database security flaws, demonstrate exploitation techniques, and…

Sanitize OpenClaw agent output before display. Strips leaked credentials, PII, internal paths, and sensitive

Access and analyze comprehensive drug information from the DrugBank database including drug properties, interactions, targets, pathways, chemical structures,…

Supabase development guidelines for database, authentication, real-time subscriptions, and Edge Functions.

SLS 日志查询技能的极简冒烟测试。验证 SDK 认证和单次有界查询。

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across…

Load all open issues from GitHub and save them as markdown files

Notion integration. Manage project management and document management data, records, and workflows. Use when the user wants to interact with Notion data.

Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).

Search the FPF knowledge base and display hypothesis details with assurance information

通过 OpenAPI 管理阿里云 RDS Supabase（RDS AI Service 2025-05-07）。用于创建、启动/停止/重启实例、重置密码等操作。

Dune Sim API for real-time blockchain wallet and token lookups across EVM and SVM chains. Use when user asks about wallet balances, token prices, NFT holdings,…

>-

Creates and manages secrets in AWS Secrets Manager following security best practices. Always use this skill when creating secrets — it sets up dedicated KMS…

A general skill for performing security reviews and auditing codebases for vulnerabilities. ALWAYS run this at the end of each task.

Query and analyze business data in NocoBase via MCP. Use when users want current counts, grouped breakdowns, owner/source distributions, or business summaries…

Use when conducting security assessments — OWASP Top 10 / API / LLM, CWE Top 25, CVSS scoring — auditing PHP/TYPO3 (v14.3 LTS: #109585, HashService removal,…

构建灵活的 API 过滤与排序系统，支持查询参数解析、验证与安全防护。适用于实现搜索端点、构建数据…

Build Python APIs with FastAPI, Pydantic v2, and SQLAlchemy 2.0 async. Covers project structure, JWT auth, validation, and database integration with uv package manager. Prevents 7 documented errors. Use when: creating Python APIs, implementing JWT auth, or troubleshooting 422 validation, CORS, async blocking, form data, background tasks, or OpenAPI schema errors.

Orchestration hub for Microsoft Graph API across Microsoft 365 services. Use for Graph API integrations, querying Microsoft 365 data, and building applications…