搜索结果
全部能力
找到 17783 个相关结果
通用助手 / 编排推荐
flux-best-practices
flux-best-practices
Comprehensive guide for BFL FLUX image generation models. Covers prompting, T2I, I2I, structured JSON, hex colors, typography, multi-reference editing, and…
软件工程 / 诊断修复
funding-digest
funding-digest
Generate a polished one-page PowerPoint slide summarizing key takeaways from recent funding rounds and notable capital markets activity across a user's watched…
设计与产品 / 审核评估
dingtalk-ai-table
dingtalk-ai-table
钉钉 AI 表格(多维表)操作技能。使用 mcporter CLI 连接钉钉官方新版 AI 表格 MCP server,基于 baseId / tableId / fieldId / recordId 体系执行 Base、Table、Field、Record 的查询与增删改。适用于创建 AI…
安全与治理 / 审核评估
open-redirect
open-redirect
Open redirect playbook. Use when URL parameters, form actions, or JavaScript sinks control navigation targets and may redirect users to attacker-controlled destinations.
软件工程 / 部署发布
swap-curve-strategy
swap-curve-strategy
Analyze the interest rate swap curve by pricing swaps at multiple tenors, overlaying government and inflation curves, and identifying curve trade…
设计与产品 / 审核评估
domain-fintech
domain-fintech
Use when building fintech apps. Keywords: fintech, trading, decimal, currency, financial, money, transaction, ledger, payment, exchange rate, precision,…
软件工程 / 诊断修复
lua
lua
Lua development guidelines covering tables, metatables, error handling, game development, and performance optimization.
通用助手 / 编排推荐
mapbox-mcp-devkit-patterns
mapbox-mcp-devkit-patterns
Integration patterns for Mapbox MCP DevKit Server in AI coding assistants. Covers setup, style management, token management, validation workflows, and…
软件工程 / 诊断修复
安卓渗透测试技巧
android-pentesting-tricks
Android渗透测试手册。用于在授权移动安全评估期间测试Android应用的SSL pinning绕过、导出组件滥用、WebView漏洞、intent重定向、root检测绕过、tapjacking和备份提取。
软件工程 / 诊断修复
graphql-and-hidden-parameters
graphql-and-hidden-parameters
GraphQL and hidden parameter testing playbook. Use when exploring introspection, batching, undocumented fields, hidden parameters, schema abuse, and GraphQL authorization gaps.
软件工程 / 诊断修复
authjs-skills
authjs-skills
Auth.js v5 setup for Next.js authentication including Google OAuth, credentials provider, environment configuration, and core API integration
设计与产品 / 审核评估
crlf-injection
crlf-injection
CRLF injection playbook. Use when user input reaches HTTP response headers, Location redirects, Set-Cookie values, or log files where carriage-return/line-feed characters can split or inject content.
办公运营 / 自动执行
csv-formula-injection
csv-formula-injection
CSV/spreadsheet formula injection (DDE, Excel/LibreOffice, Google Sheets IMPORT*). Use when exports, imports, or user fields feed spreadsheets or reporting tools.
软件工程 / 诊断修复
freeunlimited-websearch
freeunlimited-websearch
Free unlimited web search using DuckDuckGo. No API key required.
数据与分析 / 分析洞察
dt-dql-essentials
dt-dql-essentials
Core DQL syntax rules, common pitfalls, and query patterns. Load this skill when you need to write, build, or fix a DQL query — it prevents syntax errors and guides correct usage. Covers fetch commands, data models, field namespaces, time alignment, entity patterns, metric discovery, and smartscape topology navigation. Trigger: "write a DQL query", "build me a query", "DQL syntax", "how do I query logs/spans/metrics in Dynatrace", "create a timeseries", "fix my DQL", "fetch logs", "smartscapeNodes", "query optimization". Do NOT use for explaining an existing query or answering Dynatrace product questions — those do not require query-construction guidance.
软件工程 / 诊断修复
rev-frida
rev-frida
Generate Frida hook scripts using modern Frida API. Activate when the user wants to write Frida scripts, hook functions at runtime, trace calls or arguments or…
软件工程 / 诊断修复
senior-qa
senior-qa
Generates unit tests, integration tests, and E2E tests for React/Next.js applications. Scans components to create Jest + React Testing Library test stubs,…
软件工程 / 诊断修复
opencode-mirror
opencode-mirror
Maintain the local OpenCode mirror for self-reference
软件工程 / 诊断修复
saml-sso-assertion-attacks
saml-sso-assertion-attacks
SAML SSO assertion attack playbook. Use when testing signature validation, assertion wrapping, audience restrictions, ACS handling, XML trust boundaries, and enterprise SSO flaws.
安全与治理 / 审核评估
deserialization-insecure
deserialization-insecure
Insecure deserialization playbook. Use when Java, PHP, or Python applications deserialize untrusted data via ObjectInputStream, unserialize, pickle, or similar mechanisms that may lead to RCE, file access, or privilege escalation.