Loading...
Loading...
Found 207 Skills
[BETA] Stress-test an existing implementation plan and selectively strengthen weak sections with targeted research. Use when a plan needs more confidence around decisions, sequencing, system-wide impact, risks, or verification. Best for Standard or Deep plans, or high-risk topics such as auth, payments, migrations, external APIs, and security. For structural or clarity improvements, prefer document-review instead.
/em -challenge — Pre-Mortem Plan Analysis
Know the boundaries of your expertise and operate within them. Use when evaluating opportunities, making decisions outside your domain, or assessing when to defer to experts.
Portfolio management. Display of held securities, trade records, structural analysis. Input data foundation for stress testing.
Visualize planned changes before implementation. Use when reviewing plans, comparing before/after architecture, assessing risk, or analyzing execution order and impact.
ML supply chain security scanner. Scans model files, scores risk (0-100), maps to 5 global compliance frameworks (ISM-2072, EU AI Act, OWASP LLM, MITRE ATLAS, NIST AI RMF), and provides remediation steps. Zero-config, auto-installs scanners. Use when the user asks to scan a model, check if a model is safe, audit ML security posture, check compliance, inspect pickle/safetensors/pytorch files, or mentions model supply chain security. Also trigger on ISM-2072, EU AI Act, OWASP LLM06, model risk score, "is this model safe", "scan my models", "check compliance".
Security Check - Security review for skills before installation. Triggers: Before installing new skills, regular review of installed skills, or when security issues with a skill are suspected. Security Checks: - Dangerous Commands: rm -rf, sudo, curl|bash, etc. - Network Requests: Potential data leakage risks - File Writes: Writing to sensitive locations - Credentials: Risk of API key/password leakage - Resource Exhaustion: Infinite loops - Privilege Escalation: Privilege escalation attempts - External Dependencies: Suspicious dependencies Commands: - /安检 <skill-path> - Review skill security - /安检 scan <path> - Deep scan - /安检 list - List risks of installed skills - /安检 fix <skill> - Fix security issues - /security <skill-path> - English command Actions: - Auto-fix: Remove or replace dangerous code - Disable: Disable dangerous features - User Confirm: User chooses whether to proceed - Block: Block installation for severe risks Capabilities: Static code analysis, dangerous pattern recognition, risk assessment, auto-fix, user interactive decision making.
Construct comprehensive Investment Policy Statements governing return objectives, risk tolerance, and portfolio constraints. Use when the user asks about building an IPS, setting return objectives, assessing risk tolerance, defining investment constraints, or establishing rebalancing and benchmark policies. Also trigger when users mention 'investment plan', 'policy portfolio', 'risk capacity vs willingness', 'spending rate for an endowment', 'foundation payout', 'manager selection criteria', or ask how to document their investment strategy.
Evaluate and manage suppliers using weighted scorecards across quality, delivery, price, and service dimensions. Use this skill when the user needs to assess supplier performance, compare vendors for selection, design a supplier rating system, or manage supplier development — even if they say 'which supplier should we choose', 'rate our vendors', 'this supplier keeps delivering late', or 'build a vendor evaluation system'.
Conduct FMEA to systematically identify, prioritize, and mitigate potential failure modes. Use this skill when the user needs to assess product or process risks, prioritize corrective actions, or build a risk register — even if they say 'failure mode analysis', 'risk assessment', 'what could go wrong', or 'RPN calculation'.
Educational map of behavioral risk screening—volume, velocity, and transit-style heuristics at address and transaction level. Use when the user asks about suspicious pattern detection, structuring-like activity, rapid fund movement, or AML-style behavior rules—not for tuning systems to evade monitoring or for legal conclusions.
Build products customers actually want. Apply Marty Cagan's Silicon Valley-tested framework to discover solutions that are valuable, usable, feasible, and viable. Use when: **New product development** when validating what to build; **Feature prioritization** to ensure you're solving real problems; **Pivot decisions** when current direction isn't working; **Team alignment** on what problems to solve; **Risk reduction** before committing development resources