Loading...
Loading...
Found 2,246 Skills
Multi-cloud security assessment skill for AWS, Azure, and GCP. This skill should be used when performing cloud security audits, scanning for misconfigurations, testing IAM policies, auditing storage permissions, and identifying privilege escalation paths. Triggers on requests to audit cloud security, scan AWS/Azure/GCP, check cloud misconfigurations, or perform cloud penetration testing.
Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.
Java code quality with Checkstyle, SpotBugs, PMD, and SonarJava. Covers static analysis, code style, and best practices. USE WHEN: user works with "Java", "Spring Boot", "Maven", "Gradle", asks about "Checkstyle", "SpotBugs", "PMD", "Java code smells", "Java best practices" DO NOT USE FOR: SonarQube generic - use `sonarqube` skill, testing - use Spring Boot test skills, security - use `java-security` skill
Gate DEX market data skill. Uses AK/SK authentication to call Gate DEX OpenAPI, providing token and market quote read-only queries. Use when users mention quotes, prices, token information, rankings, security audits.
Local-first, security-first control center for OpenClaw agents — visibility dashboard with readonly defaults, token attribution, collaboration tracing, and safe write operations.
Expert knowledge for Azure Resource Manager development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when authoring Bicep/ARM templates, using template specs, deployment stacks, CI/CD pipelines, or ARM REST/CLI, and other Azure Resource Manager related development tasks. Not for Azure Policy (use azure-policy), Azure Resource Graph (use azure-resource-graph), Azure Portal (use azure-portal), Azure Blueprints (use azure-blueprints).
Expert knowledge for Azure Information Protection development including best practices, decision making, configuration, and deployment. Use when choosing Azure RMS vs AD RMS, migrating keys/policies, configuring RMS connector/MSIPC, or monitoring RMS logs, and other Azure Information Protection related development tasks. Not for Azure Key Vault (use azure-key-vault), Azure Security (use azure-security), Azure Defender For Cloud (use azure-defender-for-cloud), Azure Sentinel (use azure-sentinel).
Use when deploying to production, handling sensitive data, or the workflow needs safety constraints, input validation, and security boundaries.
Performs security audits and vulnerability assessments on Ruby on Rails application code. Use when reviewing Rails code for security risks, assessing authentication or authorization, auditing parameter handling, redirects, file uploads, secrets management, or checking for XSS, CSRF, SSRF, SQL injection, and other common vulnerabilities.
129 practical Oracle Database and Oracle Container Registry reference guides covering SQL/PL/SQL development, performance tuning (AWR, ASH, explain plan, indexes, wait events, memory), security (TDE, VPD, auditing, network), administration (RMAN, Data Guard, undo/redo, users), monitoring, architecture (RAC, CDB/PDB, Exadata, In-Memory, OCI), DevOps (Liquibase, Flyway, utPLSQL, EBR), migrations from Postgres/MySQL/SQL Server/MongoDB/Snowflake/Redshift/DB2, PL/SQL development (packages, cursors, collections, unit testing, debugging), Oracle features (AQ, DBMS_SCHEDULER, materialized views, APEX), SQLcl (basics, scripting, Liquibase, MCP server, CI/CD), ORDS (architecture, authentication, AutoREST, REST API design, PL/SQL gateway), and Oracle Container Registry images. Use for any Oracle DB question, ORA- errors, DBMS_ packages, v$ views, Oracle tooling, ORDS REST APIs, SQLcl commands, or Oracle container images. Always consult this skill before answering Oracle-specific questions.
Compliance expert for SOC 2, GDPR, HIPAA, PCI-DSS, and security frameworks
FastAPI patterns for async APIs, dependency injection, Pydantic request and response models, OpenAPI docs, tests, security, and production readiness.