Loading...
Loading...
Found 92 Skills
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
Intelligent Bid Document Writing Expert, specializing in preparing bid documents in the fields of engineering consulting, architectural design, and municipal engineering. This skill is activated when users mention terms such as: bid document, tender, bidding, bid proposal, technical bid, commercial bid, bid response, bidding plan, bid document, bid proposal, tender, proposal writing, bid document preparation, bid writing, tender document analysis, scoring standard optimization.
프로젝트의 모든 verify 스킬을 순차 실행하여 통합 검증 보고서를 생성합니다. 기능 구현 후, PR 전, 코드 리뷰 시 사용.
Automatically generate product documentation that complies with Doom framework specifications, supporting PRD transformation, architectural analysis, and multi-type document generation.
Reviews and grades an agent skill directory (SKILL.md plus supporting resources) for specification compliance, clarity, token efficiency, safety, robustness, and portability. Use when a user wants a rubric-based critique with a weighted score/grade and concrete, minimal patch suggestions.
Use this skill when you need blockchain forensics for wallet addresses. User cases: investigating wallet funding sources, screening sanctions compliance, detecting money laundering patterns, identifying bot automation, assessing wallet trustworthiness, evaluating counterparty risk, or gate-checking wallets in automated systems.
Full-repo SAP Converged Cloud Go compliance audit. Reviews every package against established review standards — focusing on over-engineering, error message quality, dead code, interface contracts, copy-paste structs, and pattern consistency with keppel. Dispatches parallel agents by package group, each reading ALL sapcc rules. Produces code-level findings with actual before/after diffs. Invoked via "/sapcc-audit" or through /do.
Expert ISO 27001 compliance assistant for security and compliance teams. Use this skill whenever a user asks about ISO 27001 or ISO/IEC 27001, including any of the following: gap analysis, auditing, compliance assessments, control checklists, policy writing, document generation, Statement of Applicability (SoA), risk assessment, risk registers, risk treatment plans, Annex A controls, ISMS implementation, clause requirements, certification readiness, transitioning from 2013 to 2022, control implementation guidance, incident response policies, access control policies, supplier security, or any information security management system (ISMS) topic. Trigger even if the user doesn't say "skill" — any ISO 27001 or ISMS question should use this skill.
Audits a codebase or business process for regulatory compliance across GDPR, HIPAA, SOC2, CCPA, and PCI-DSS. Scans for PII handling, data retention, encryption, access controls, audit logging, consent management, and data transfer issues. Generates a structured compliance report with findings, gap analysis, remediation steps, and evidence requirements.
Validates practitioner credentials and license status against the NPI registry. Cross-references specialties, credentials, and practice addresses against official records. Returns Verified / Partially Verified / Unverified / Flagged per practitioner with mismatch details and source URLs. Triggers: "verify these doctors", "check provider credentials", "validate licenses", "verify NPI numbers", "cross-check credentials against NPI", "compliance audit on providers", "are these practitioners still licensed", "validate my provider list". Accepts CSV, Google Sheet URL, or pasted data. Do NOT use for extracting providers from practice URLs — use healthcare-providers-extract instead. Do NOT use for filling data gaps — use healthcare-providers-enrich instead. Do NOT use for discovering practices — use market-finder or local-places instead. Do NOT use for general extraction — use nimble-web-expert instead.
Use when you need comprehensive security scanning across applications, infrastructure, and dependencies with LLM-based analysis
Enables a multi-region AWS CloudTrail trail with S3 log storage, CloudWatch Logs integration, and CloudWatch Logs Insights queries for security monitoring and compliance auditing. Use when setting up centralized API activity logging across all AWS regions.