搜索结果
全部能力
找到 1056 个相关结果 / 安全审计
软件工程 / 诊断修复
system-architect
system-architect
Designs system architecture, selects tech stacks, defines components and interfaces, addresses non-functional requirements. Trigger words - architecture,…
软件工程 / 诊断修复
maestro
maestro
Use when you need to act as an Elite Software Architect (Maestro) to manage complex repositories. It enforces a "Why over How" philosophy, maintains a…
软件工程 / 诊断修复
http-parameter-pollution
http-parameter-pollution
HTTP Parameter Pollution (HPP): duplicate query/body keys parsed differently by servers, proxies, WAFs, and app frameworks. Use when filters and application layers disagree on which value wins, enabling bypass, SSRF second URL, logic abuse, or CSRF token confusion.
软件工程 / 诊断修复
安卓渗透测试技巧
android-pentesting-tricks
Android渗透测试手册。用于在授权移动安全评估期间测试Android应用的SSL pinning绕过、导出组件滥用、WebView漏洞、intent重定向、root检测绕过、tapjacking和备份提取。
软件工程 / 诊断修复
loki-mode
loki-mode
Multi-agent autonomous startup system for Claude Code. Triggers on "Loki Mode". Orchestrates 100+ specialized agents across engineering, QA, DevOps, security,…
软件工程 / 诊断修复
pagespeed-insights
pagespeed-insights
Audit web pages for performance optimization following PageSpeed Insights guidelines. Use when analyzing page performance, optimizing web applications,…
软件工程 / 部署发布
firebase-ai-logic
firebase-ai-logic
Official skill for integrating Firebase AI Logic (Gemini API) into web applications. Covers setup, multimodal inference, structured output, and security.
软件工程 / 诊断修复
senior-fullstack
senior-fullstack
Fullstack development toolkit with project scaffolding for Next.js, FastAPI, MERN, and Django stacks, code quality analysis with security and complexity…
软件工程 / 诊断修复
ai-sdk-core
ai-sdk-core
使用 Vercel AI SDK v6 稳定版构建后端 AI。涵盖 Output API(替代 generateObject/streamObject)、语音合成、转录、嵌入、MCP 工具及安全指南。包含 v4→v5 迁移和 15 种错误解决方案及变通方法。适用场景:实现 AI SDK v5/v6、版本迁移、排查 AI_APICallError、Workers 启动问题、Output API 错误、Gemini 缓存问题、Anthropic 工具错误、MCP 工具或流恢复失败。
软件工程 / 部署发布
github-actions
github-actions
GitHub Actions 워크플로우 생성, 보안 및 버전 관리 스킬. 다음 상황에서 사용: (1) 새 워크플로우 파일(.yml) 작성 시, (2) 기존 워크플로우 수정 시, (3) 액션 버전 검토 또는 업데이트 시, (4) CI/CD 보안 감사 시, (5) 'actions/',…
软件工程 / 部署发布
kubernetes-pentesting
kubernetes-pentesting
Kubernetes penetration testing playbook. Use when targeting Kubernetes clusters via API server, RBAC enumeration, service account abuse, etcd access, Kubelet API, pod escape, cloud-specific metadata, admission webhook bypass, and registry secrets.
软件工程 / 诊断修复
quant-analyst
quant-analyst
Build financial models, backtest trading strategies, and analyze market data. Implements risk metrics, portfolio optimization, and statistical arbitrage.
软件工程 / 诊断修复
ios-pentesting-tricks
ios-pentesting-tricks
iOS pentesting playbook. Use when testing iOS applications for keychain extraction, URL scheme hijacking, Universal Links exploitation, runtime manipulation, binary protection analysis, data storage issues, and transport security bypass during authorized mobile security assessments.
软件工程 / 诊断修复
marketing-demand-acquisition
marketing-demand-acquisition
Multi-channel demand generation, paid media optimization, SEO strategy, and partnership programs for Series A+ startups. Includes CAC calculator, channel…
软件工程 / 诊断修复
onboarding-ux
onboarding-ux
Audit and generate in-app user guidance — onboarding flows, empty states, tooltips, feature tours, contextual help, defaults, and inline hints. Browses the app…
软件工程 / 诊断修复
memory-md-management
memory-md-management
Provides comprehensive memory file management capabilities including auditing, quality assessment, and targeted improvements for files such as CLAUDE.md. Use…
软件工程 / 部署发布
linux-security-bypass
linux-security-bypass
Linux security mechanism bypass playbook. Use when facing restricted bash/rbash, read-only or noexec filesystems, AppArmor, SELinux, seccomp filters, or audit logging that must be evaded during post-exploitation.
软件工程 / 部署发布
YouTube广告
ads-youtube
YouTube Ads 专项分析,涵盖广告系列类型、创意质量、受众定位和效果衡量。评估可跳过视频广告、…
软件工程 / 部署发布
container-escape-techniques
container-escape-techniques
Container escape playbook. Use when operating inside a Docker container, LXC, or Kubernetes pod and need to escape to the host via privileged mode, capabilities, Docker socket, cgroup abuse, namespace tricks, or runtime vulnerabilities.
软件工程 / 部署发布
linux-privilege-escalation
linux-privilege-escalation
Linux privilege escalation playbook. Use when you have low-privilege shell access and need to escalate to root via SUID/SGID binaries, capabilities, cron abuse, kernel exploits, misconfigurations, or credential harvesting on Linux systems.