全部能力

Expert in secure backend coding practices specializing in input validation, authentication, and API security. Use PROACTIVELY for backend security…

Configures ESLint and Prettier for consistent code quality with TypeScript, React, and modern best practices. Use when users request "ESLint setup", "Prettier…

A comprehensive collection of battle-tested prompts inspired by [awesome-chatgpt-prompts](https://github.com/f/awesome-chatgpt-prompts) and community best…

SOLID principles, design patterns, DRY, KISS, and clean code fundamentals. Use when reviewing architecture, checking code quality, refactoring, or discussing…

Guide AI agents through Electron app development with React including security patterns, type-safe IPC, React integration, packaging with code signing, and…

Expert at handling file uploads and cloud storage. Covers S3,

扫描 .NET 代码中约 50 种性能反模式，涵盖 async、内存、字符串、集合、LINQ、正则表达式、序列化和 I/O，并采用分层严重级别分类。适用于分析 .NET 代码优化机会、审查热点路径或审计高分配模式。

Biome - Fast all-in-one toolchain for web projects (linter + formatter in Rust, 100x faster than ESLint)

Multi-agent orchestration patterns. Use when multiple independent tasks can run with different domain expertise or when comprehensive analysis requires…

用于构建 Web 服务。关键词：web server、HTTP、REST API、GraphQL、WebSocket、axum、actix、warp、rocket、tower、hyper、reqwest、middleware、router 等。

Provides AWS CDK TypeScript patterns for defining, validating, and deploying AWS infrastructure as code. Use when creating CDK apps, stacks, and reusable…

Generate sample security events, attack scenarios, and synthetic alerts for Elastic Security. Use when demoing, populating dashboards, testing detection rules, or setting up a POC.

Elite CI/CD pipeline engineer specializing in GitHub Actions, GitLab CI, Jenkins automation, secure deployment strategies, and supply chain security. Expert in…

Entry P1 category router for reconnaissance and methodology. Use when mapping scope, discovering assets, fingerprinting technology, building endpoint inventory, and choosing the first high-value security testing path.

根据 Apple 的 App Store 审核指南评估代码。在审核 iOS、macOS、tvOS、watchOS 或 visionOS 应用代码（Swift、Objective-C 等）时使用此技能。

API 安全的 P1 分类入口路由。用于在任何更深层的 API 主题技能之前，在 API 侦察、授权、令牌滥用和隐藏参数工作流之间进行选择。

设计、审计并改进分析追踪系统，以产出可靠、可用于决策的数据。

CORS misconfiguration testing playbook. Use when analyzing cross-origin trust, credentialed browser reads, origin reflection, preflight policy bugs, and browser-based access to authenticated APIs.

Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns.

Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.