Loading...
Loading...
Found 1,064 Skills
Implement governance and policy guardrails for Sentry. Use when enforcing organizational standards, compliance rules, or standardizing Sentry usage across teams. Trigger with phrases like "sentry governance", "sentry standards", "sentry policy", "enforce sentry configuration".
Review React/TypeScript code for bugs, security vulnerabilities, performance issues, accessibility gaps, and CLAUDE.md workflow compliance. Enforces TypeScript strict mode, GPU-accelerated animations, WCAG AA accessibility, bundle size limits, and surgical simplicity. Use when completing features, before commits, or reviewing pull requests.
Database security auditor specialized in Row Level Security (RLS) enforcement, Zero-Trust database architecture, and forensic audit trails. Covers Supabase RLS policies, Postgres security, Convex auth guards, PGAudit configuration, JIT access controls, and database-specific compliance validation. Use when auditing database access policies, implementing RLS in Supabase or Postgres, configuring Convex auth guards, setting up audit logging, reviewing database security, or validating database-level compliance requirements.
Application security covering threat modeling (STRIDE), OWASP Top 10 (2025), OWASP API Security Top 10 (2023), secure coding review, authentication/authorization patterns, input validation, encryption, security headers, supply chain security, compliance (GDPR/HIPAA/SOC2/PCI-DSS), and security monitoring. Use when reviewing code for vulnerabilities, implementing auth patterns, securing APIs, configuring security headers, hardening supply chain, preventing injection attacks, or preparing for compliance audits.
Audit Flux CD GitOps repositories for structure, security, API compliance, and best practices. Use this skill whenever the user asks to audit, analyze, review, validate, or check a GitOps repository. Also use it when users mention Flux repo structure, GitOps best practices, manifest validation, deprecated APIs, security review, or repository organization — even if they don't explicitly say "audit".
Dependency management and auditing — evaluating new dependencies, security vulnerability scanning, update strategies, and license compliance. Use when adding or auditing dependencies.
Полный цикл разработки доработок 1С — от анализа до реализации с БСП compliance. 9 фаз: оценка, discovery, исследование, уточнение, проектирование, ревью плана, реализация, ревью кода, итоги.
Use when auditing websites for Japanese accessibility compliance, checking JIS X 8341-3 conformance, or advising on Japan's Act for Eliminating Discrimination against Persons with Disabilities.
This skill should be used when the user asks to "calculate risk scores", "prioritize mitigations", "generate remediation roadmap", "analyze business impact", or is running PASTA stage 7. Also triggers when the user asks about risk-weighted findings, compliance gap analysis, or executive security summary in a threat modeling context. Part of the PASTA threat modeling methodology (Stage 7 of 7).
Track data lineage and provenance from source to consumption. Use when auditing data flows, debugging data quality issues, ensuring compliance (GDPR, SOX), or understanding data dependencies. Covers lineage tracking, impact analysis, data catalogs, and metadata management.
Execute use when you need to work with security and compliance. This skill provides security scanning and vulnerability detection with comprehensive guidance and automation. Trigger with phrases like "scan for vulnerabilities", "implement security controls", or "audit security".
Generates a cross-referenced U.S. nonprofit annual filing package for state charity-bureau registration. Produces Full Compliance Package, Form-Field Mode, or Executive Briefing with source citations, disclosure cross-checks, and filing instructions. Trigger when the user drafts annual report submissions, renewal packets, penalty-of-perjury certifications, or charity bureau filings. Also trigger on Form RRF-1, CHAR500, BCO-10, nonprofit annual report, charity registration renewal, or fundraiser disclosure attachments.