Loading...
Loading...
Found 28 Skills
Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations, privilege escalation risks, and deviations from security best practices.
Router skill for LLMQuant credit workflows. Use when the user needs issuer credit review, spread regime analysis, high-yield stress monitoring, default risk, debt maturity, or covenant context.
Review contracts and legal agreements (PDF, Word, images) for risks, unfair clauses, missing provisions, and key obligations using SoMark for accurate document parsing. Provides structured risk analysis with severity ratings. Requires SoMark API Key (SOMARK_API_KEY).
Comprehensive security risk analysis for Claude skills. Use when asked to analyze security risks, review security stance, audit skills for vulnerabilities, check security before deployment, or evaluate safety of skill files. Triggers include "analyze security," "security risks," "security audit," "security review," "is this skill safe," or "check for vulnerabilities."
Use when you want to improve response quality through meta-cognitive reasoning. Applies 15+ reasoning methods to reconsider and refine initial outputs.
Use this skill for project schedule management — tracking modules, milestones, and delivery phases stored in YAML. Invoke whenever the user asks about: project progress or delivery status, module status (planned/in_progress/done/deferred), weekly task breakdown, milestone countdowns, risk analysis, linking OpenSpec changes to modules, or syncing schedule data to Yunxiao. Triggers on: "planning", "schedule", "progress", "milestone", "what's this week", "what's left", "mark as done", "排期", "进度", "本周任务", "里程碑", "模块状态", "还剩多少". Do NOT trigger for: calendar reminders, weekly work reports, or Yunxiao tasks without schedule context.
Pre-mortem risk analysis expert that classifies risks as Tigers, Paper Tigers, and Elephants to surface launch-blocking issues before they happen.
Quantify realized risk from historical data using volatility estimators, drawdown analysis, and downside risk metrics. Use when the user asks about historical volatility, maximum drawdown, drawdown duration, historical VaR, downside deviation, semi-variance, or tracking error. Also trigger when users mention 'how risky has this been', 'worst decline', 'Parkinson estimator', 'Yang-Zhang', 'peak-to-trough loss', 'recovery time', 'annualized volatility', or ask how to measure past investment risk.
Build diversified portfolios using correlation analysis, efficient frontier construction, and factor-based diversification. Use when the user asks about portfolio variance, correlation effects, the efficient frontier, minimum variance portfolios, diversification ratios, or factor diversification. Also trigger when users mention 'don't put all eggs in one basket', 'how many stocks do I need', 'correlation breakdown in a crisis', 'are my holdings really diversified', 'risk contributions', or ask why diversification fails during market crashes.
Guides information security risk analysis—risk identification and scoring, risk registers, threat/vulnerability/control mapping, treatment recommendations (accept/mitigate/transfer/avoid), third-party and supply-chain risk framing, business impact analysis, KRIs, and risk committee or board narratives. Aligns with ISO 27005 and NIST RMF concepts without full compliance audits. Use for security risk assessment, risk register maintenance, inherent/residual risk scoring, FAIR-style quantitative framing, treatment decisions, third-party risk tiers, or executive risk reporting—not SOC alert triage (soc-analyst), pentest execution (penetration-tester, web-pentester, network-pentester), control implementation (information-security-engineer, cloud-security-engineer), GRC program and audit prep (compliance-specialist), audit evidence automation (compliance-engineer, cloud-compliance-specialist), AI model risk programs (ai-risk-governance), or adversary simulation (red-team-specialist).
Identify failure modes before they occur using structured risk analysis
Senior Project Manager for enterprise software, SaaS, and digital transformation projects. Specializes in portfolio management, quantitative risk analysis, resource optimization, stakeholder alignment, and executive reporting. Uses advanced methodologies including EMV analysis, Monte Carlo simulation, WSJF prioritization, and multi-dimensional health scoring.