Loading...
Loading...
Found 232 Skills
Enterprise risk management expertise for ERM frameworks, risk assessment, business continuity, insurance strategy, third-party risk, and reputational risk. Use when assessing risks, building continuity plans, or managing organizational risk exposure.
This skill should be used when the user asks to "GRC", "governance", "risk", "compliance", "audit", "policy", "control", "risk assessment", "SOX", "GDPR", or any ServiceNow GRC development.
Analyze an influencer's recent content and return a brand safety report flagging political controversy, offensive language, sensitive topics, or past scandal indicators. This skill should be used when screening a creator for brand safety, vetting influencer content for risks, checking if a creator is brand-safe, auditing an influencer's content history for red flags, running a brand safety check on a creator, evaluating creator risk before a partnership, flagging controversial creator content, reviewing an influencer for offensive language or sensitive topics, or doing a pre-campaign safety review. For holistic creator evaluation including performance metrics, see creator-vetting-scorecard. For writing campaign briefs with content guidelines and safety clauses, see campaign-brief-generator.
Evaluate pricing changes using financial impact analysis - ARPU/ARPA, conversion, churn risk, NRR, and payback. Recommends go/no-go on pricing decisions.
This skill should be used when the user asks to "check for non-repudiation privacy risks", "analyze excessive audit logging", "find privacy issues related to accountability", "check for forced identity linking", or mentions "non-repudiation" in a privacy context. Maps to LINDDUN category N. This is the INVERSE of STRIDE repudiation -- here too much proof is the threat.
Runs real-time safety analysis for instructions involving destructive operations, permission changes, irreversible actions, prompt injection, or compliance-sensitive operations. Evaluates risk level, destructiveness, and reversibility via backend API. Use when asked for safety check, risk assessment, security audit, destructive check, instruction audit, or Modeio safety scan. Also use proactively before executing any instruction that deletes data, modifies permissions, drops or truncates tables, deploys to production, or alters system state irreversibly. Also supports pre-install Skill Safety Assessment for third-party skill repositories via a static prompt contract.
[Architecture] Full solution architecture: backend + frontend patterns, design patterns, library ecosystem, CI/CD, deployment, monitoring, testing, code quality, dependency risk. Compare top 3 approaches per concern with recommendation.
Query and analyze Alibaba Cloud public network exposure, identify unnecessary exposed assets and ports, assess exposure risks, and generate remediation recommendations. Triggers when user mentions public network exposure, exposed assets, exposed ports, public IP security, port scan results, attack surface analysis, internet reachability, high-risk port detection. Also triggers when user asks about "which IPs/ports are exposed to the internet", "public asset inventory", "security baseline check", even without explicitly saying "exposure".
Generates a comprehensive client health overview across all accounts. Reads CRM data, support tickets, usage metrics, billing, and engagement logs. Calculates health scores, trend direction, and RAG status per client. Outputs a sorted risk report with recommended actions.
When the user wants to assess supplier risks, monitor supplier health, or develop risk mitigation strategies. Also use when the user mentions "supplier risk assessment," "supply chain risk," "business continuity," "supplier monitoring," "supply disruption," "risk scoring," "supplier financial health," or "contingency planning." For initial supplier selection, see supplier-selection. For overall supply chain risk, see risk-mitigation.
Orchestrates multi-advisor council debates on high-impact architecture, technology, or product decisions. Dispatches 3-5 domain archetype subagents (pragmatic-engineer, architect-advisor, security-advocate, product-mind, devils-advocate, the-thinker) through opening statements, tensions, position evolution, and synthesis phases. Preserves dissent and delivers actionable recommendations with captured risks. Use when evaluating trade-offs, stress-testing a PRD or tech spec, resolving dilemmas with multiple viable options, or when a decision needs diverse expert perspectives. Don't use for simple yes/no questions, factual lookups, creative brainstorming without tradeoffs, or tasks where a single expert perspective suffices.
Annie Duke's Decision Quality framework applied to a business decision. Spawns a team of specialist agents — Resulting Auditor, Calibrator, Pre-Mortem Analyst, Quit Strategist, Process Architect — who each apply a distinct lens from Duke's framework to evaluate whether a decision is sound regardless of outcome. The lead synthesizes into a stacking analysis: which biases are operating, which process flaws exist, and the honest Duke verdict. Use when the user says "duke this", "is this a good bet", "should I quit", "evaluate this decision", or faces any high-stakes choice under uncertainty and wants rigorous decision-process analysis. Works as a standalone analysis or after /office-hours.