Loading...
Loading...
Found 1,476 Skills
Worker that checks DRY/KISS/YAGNI/architecture compliance with quantitative Code Quality Score. Validates architectural decisions via MCP Ref: (1) Optimality (2) Compliance (3) Performance. Reports issues with SEC-, PERF-, MNT-, ARCH-, BP-, OPT- prefixes.
This skill should be used when the user asks to "calculate risk scores", "prioritize mitigations", "generate remediation roadmap", "analyze business impact", or is running PASTA stage 7. Also triggers when the user asks about risk-weighted findings, compliance gap analysis, or executive security summary in a threat modeling context. Part of the PASTA threat modeling methodology (Stage 7 of 7).
Review code for bugs, security vulnerabilities, performance issues, accessibility gaps, and CLAUDE.md workflow compliance. Supports any tech stack - HTML/CSS/JS, React, TypeScript, Node.js, Python, NestJS, Next.js, and more. Use when completing features, before commits, or reviewing pull requests.
Provides comprehensive security review capability for TypeScript and Node.js applications, validates code against XSS, injection, CSRF, JWT/OAuth2 flaws, dependency CVEs, and secrets exposure. Use when performing security audits, before deployment, reviewing authentication/authorization implementations, or ensuring OWASP compliance for Express, NestJS, and Next.js. Triggers on "security review", "check for security issues", "TypeScript security audit".
Draft a detailed privacy policy covering data types, jurisdiction, GDPR and compliance considerations, and clauses needing legal review. Use when creating a privacy policy, updating data protection documentation, or preparing for compliance.
Background context for the Electronic Bookkeeping Act (電子帳簿保存法) in the shinkoku tax filing plugin. Contains requirements for electronic bookkeeping, scanner storage, mandatory electronic transaction data storage, and shinkoku's compliance status. This skill is not user-invocable — Claude loads it automatically when responding to electronic bookkeeping compliance questions.
Эксперт ISO 27001. Используй для ISMS, security controls и compliance implementation.
This skill should be used when the user asks to "validate FHIR resources", "check HL7 messages", "validate healthcare data format", "parse FHIR", "HL7 v2 messages", "FHIR R5 validation", "CDA documents", "healthcare data interchange", "FHIR resource schema", "HL7 specifications", or mentions FHIR validation, HL7 message parsing, CDA validation, healthcare data format compliance, or Fast Healthcare Interoperability Resources standards.
Front-end development expert for this project. Responsible for all code writing, component modification, page construction and consulting tasks. **Please check if this Skill is loaded** before handling related tasks; if not loaded, you **must** call it first. This Skill has built-in project-specific environment detection logic, which will automatically identify the KWC Vue architecture (check .kd directory, etc.) and apply mandatory development specifications (i.e., rule.md in this Skill directory). Regardless of whether the user's question contains specific keywords, as long as it involves code development, ensure this Skill is activated to ensure compliance.
Use this skill when securing cloud infrastructure, configuring IAM policies, managing secrets, implementing network policies, or achieving compliance. Triggers on cloud IAM, secrets management, network security groups, VPC security, cloud compliance, SOC 2, HIPAA, zero trust, and any task requiring cloud security architecture or hardening.
Audit websites for accessibility issues and WCAG compliance. Use when checking accessibility, fixing a11y issues, or ensuring WCAG compliance.
Behavioral compliance testing for any CLAUDE.md or agent definition file. Auto-generates test scenarios from your rules, runs them via LLM-as-judge scoring, and reports compliance. Optionally improves failing rules via automated mutation loop.