全部能力

Build, archive, export, upload, and manage Xcode version/build numbers with the current asc xcode helpers before App Store Connect upload or submission. Use…

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems,…

Atheris is a coverage-guided Python fuzzer based on libFuzzer. Use for fuzzing pure Python code and Python C extensions.

Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.

algorand-vulnerability-scanner — 一个可安装的 AI 智能体技能，由 trailofbits/skills 发布。

Determine whether an app is ready to submit, then drive the current App Store release flow with asc, including validation, staging, review submission,…

Expert code review of current git changes with a senior engineer lens. Detects SOLID violations, security risks, and proposes actionable improvements.

Validate App Store submission readiness, submit prepared versions, and monitor review status with current asc commands. Use when shipping or troubleshooting…

Comprehensive code review covering security vulnerabilities, performance bottlenecks, best practices, and refactoring opportunities. Use when user requests…

通过完全匹配目标仓库现有的集成模式，构建新的 API 连接器或提供者。适用于在无需……的情况下添加新的集成。

Diagnose and fix Claude in Chrome MCP extension connectivity issues. Use when mcp__claude-in-chrome__* tools fail, return "Browser extension is not connected",…

Assess and classify legal risks using a severity-by-likelihood framework with escalation criteria. Use when evaluating contract risk, assessing deal exposure,…

面向医疗应用部署的患者安全评估工具。用于 CDSS 准确性、PHI 泄露、临床工作流完整性等场景的自动化测试套件，……

Runs external LLM code reviews (OpenAI Codex or Google Gemini CLI) on uncommitted changes, branch diffs, or specific commits. Use when the user asks for a…

Run multi-judge consensus.

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting…

Creates devcontainers with Claude Code, language-specific tooling (Python/Node/Rust/Go), and persistent volumes. Use when adding devcontainer support to a…

用于后台任务的定时函数模式，包括间隔调度、cron 表达式、作业监控、重试策略以及……的最佳实践

Safely analyzes and cleans up local git branches and worktrees by categorizing them as merged, squash-merged, superseded, or active work.

通过分析日志、指标和诊断信息来排查 Google Cloud 网络问题。适用于调查 VPC 流日志、NAT、防火墙或威胁日志，查询延迟和吞吐量指标，或运行 Connectivity Tests 以进行路径诊断。