Loading...
Loading...
Found 550 Skills
Infrastructure and CI/CD specialist. Responsible for environment setup, pipeline construction, and security management to deploy applications safely and reliably. Platform-agnostic (supports AWS/GCP/Cloudflare, etc.).
This skill helps users get started with existing (brownfield) projects by scanning the codebase, documenting structure and purpose, analyzing architecture and technical stack, identifying design flaws, suggesting improvements for testing and CI/CD pipelines, and generating AI agent constitution files (AGENTS.md) with project-specific context, coding principles, and UI/UX guidelines.
Configure automatic security updates on Ubuntu/Debian VPS servers to patch vulnerabilities and prevent exploitation of known security flaws.
Platform-specific IaC checklists for DigitalOcean, Hetzner, AWS, and Cloudflare.
Execute use when generating infrastructure as code configurations. Trigger with phrases like "create Terraform config", "generate CloudFormation template", "write Pulumi code", or "IaC for AWS/GCP/Azure". Produces production-ready code for Terraform, CloudFormation, Pulumi, ARM templates, and CDK across multiple cloud providers.
Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase.
Guide for using Miso Apps SDKs (@misoapps/mail-sdk and @misoapps/shop-sdk) in Shopify apps. Use this skill when the user needs to send emails via SMTP or AWS SES, manage SMTP configurations, retrieve email logs, manage shop installations, or access shop/app data through Miso Apps services.
WooYun business logic vulnerability methodology — 22,132 real cases across 6 domains (authentication bypass, authorization bypass, payment tampering, information disclosure, logic flaws, misconfiguration) and 33 vulnerability classes. It can be used for ANY security testing, auditing, or code review of web apps, APIs, or business systems, even without explicit "security" keywords. Triggers: penetration testing, security audit, vulnerability, bug bounty, payment security, IDOR, password reset, weak credentials, unauthorized access, race condition, parameter tampering, code review, penetration testing, security audit, vulnerability mining, payment security, privilege escalation, logic vulnerability, business security, SRC, code audit. It also triggers on implicit intent: "test this endpoint", "find bugs", "can I bypass this", "help me test this interface", "can this parameter be modified", "help me find bugs".
Use when migrating from AWS S3, Google Cloud Storage, or Azure Blob to Tigris — shadow buckets, bulk copy, SDK endpoint swap, zero-downtime migration
Systematic retrieval expert covering all areas of Chinese law. ## Core Features - Supports user identity recognition (ordinary person/law student/lawyer/judge/prosecutor) - Provides differentiated services based on different identities - Complete legal source retrieval (laws/administrative regulations/judicial interpretations/guiding cases/typical cases) - Original legal article citation and cross-reference sorting ## Core Trigger Conditions (Trigger if any is met) **High Priority (Must Trigger)**: - Explicit request to find legal articles/regulations/judicial interpretations/regulatory documents - Request to determine legality/illegality ("Is it illegal?""Is it legal?""Am I liable?") - Request to find compensation standards/compensation amounts/liability determination/procedural requirements - Asking "Based on which law?""What does the law stipulate?""What is the legal basis?" **Medium Priority (Trigger based on context)**: - "What to do?""How to defend rights?""Can I sue?" - "What procedures are needed?""What conditions are required?" - "What else can I claim?""Where can I file a complaint?" ## Application Scenarios - Labor disputes: illegal termination, economic compensation, work-related injuries, social security, job transfer, etc. - Contract disputes: deposit, liquidated damages, breach of contract liability, sales contracts, etc. - Tort liability: traffic accidents, personal injury, medical accidents, environmental pollution, etc. - Marriage and family: divorce property, child custody, estate inheritance, etc. - Administrative/criminal/corporate finance, etc. ## Non-Triggering Scenarios - Only asking about legal concepts/terminology explanations (not retrieval-related) - Only requesting lawyer/legal service recommendations - Only discussing legal news/case stories (not involving specific regulations) - Only asking about legal examination/study questions **Note**: Even if the user does not explicitly request a "retrieval report", this skill will be triggered as long as the issue involves searching, organizing, interpreting, or applying legal norms.
Pre-logic validation tool that proactively identifies logical flaws before providing answers, used for rationality verification in scenarios such as product recommendation, quotation, data analysis, etc. Use when: - Validate product price authenticity before product recommendation - Data analysis consistency check - Budget-plan matching validation - Unit conversion verification - Factual statement validation before making factual claims - Proactively find logic flaws Cross-references: content-extractor, long-form-writer, rss-feed, document-hub Part of UniqueClub toolkit. Learn more: https://uniqueclub.ai
Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.