Loading...
Loading...
Found 550 Skills
Execute use when generating infrastructure as code configurations. Trigger with phrases like "create Terraform config", "generate CloudFormation template", "write Pulumi code", or "IaC for AWS/GCP/Azure". Produces production-ready code for Terraform, CloudFormation, Pulumi, ARM templates, and CDK across multiple cloud providers.
Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase.
Execute this skill enables AI assistant to conduct a security-focused code review using the security-agent plugin. it analyzes code for potential vulnerabilities like sql injection, xss, authentication flaws, and insecure dependencies. AI assistant uses this skill wh... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
Guide for using Miso Apps SDKs (@misoapps/mail-sdk and @misoapps/shop-sdk) in Shopify apps. Use this skill when the user needs to send emails via SMTP or AWS SES, manage SMTP configurations, retrieve email logs, manage shop installations, or access shop/app data through Miso Apps services.
WooYun business logic vulnerability methodology — 22,132 real cases across 6 domains (authentication bypass, authorization bypass, payment tampering, information disclosure, logic flaws, misconfiguration) and 33 vulnerability classes. It can be used for ANY security testing, auditing, or code review of web apps, APIs, or business systems, even without explicit "security" keywords. Triggers: penetration testing, security audit, vulnerability, bug bounty, payment security, IDOR, password reset, weak credentials, unauthorized access, race condition, parameter tampering, code review, penetration testing, security audit, vulnerability mining, payment security, privilege escalation, logic vulnerability, business security, SRC, code audit. It also triggers on implicit intent: "test this endpoint", "find bugs", "can I bypass this", "help me test this interface", "can this parameter be modified", "help me find bugs".
Use when migrating from AWS S3, Google Cloud Storage, or Azure Blob to Tigris — shadow buckets, bulk copy, SDK endpoint swap, zero-downtime migration
Systematic retrieval expert covering all areas of Chinese law. ## Core Features - Supports user identity recognition (ordinary person/law student/lawyer/judge/prosecutor) - Provides differentiated services based on different identities - Complete legal source retrieval (laws/administrative regulations/judicial interpretations/guiding cases/typical cases) - Original legal article citation and cross-reference sorting ## Core Trigger Conditions (Trigger if any is met) **High Priority (Must Trigger)**: - Explicit request to find legal articles/regulations/judicial interpretations/regulatory documents - Request to determine legality/illegality ("Is it illegal?""Is it legal?""Am I liable?") - Request to find compensation standards/compensation amounts/liability determination/procedural requirements - Asking "Based on which law?""What does the law stipulate?""What is the legal basis?" **Medium Priority (Trigger based on context)**: - "What to do?""How to defend rights?""Can I sue?" - "What procedures are needed?""What conditions are required?" - "What else can I claim?""Where can I file a complaint?" ## Application Scenarios - Labor disputes: illegal termination, economic compensation, work-related injuries, social security, job transfer, etc. - Contract disputes: deposit, liquidated damages, breach of contract liability, sales contracts, etc. - Tort liability: traffic accidents, personal injury, medical accidents, environmental pollution, etc. - Marriage and family: divorce property, child custody, estate inheritance, etc. - Administrative/criminal/corporate finance, etc. ## Non-Triggering Scenarios - Only asking about legal concepts/terminology explanations (not retrieval-related) - Only requesting lawyer/legal service recommendations - Only discussing legal news/case stories (not involving specific regulations) - Only asking about legal examination/study questions **Note**: Even if the user does not explicitly request a "retrieval report", this skill will be triggered as long as the issue involves searching, organizing, interpreting, or applying legal norms.
Obtain a verifiable Alien Agent ID linked to a human owner via Alien Network SSO. Authenticate with Alien-aware services. Store and retrieve credentials for external services (GitHub, Slack, AWS, etc.). Sign git commits so every line of agent-written code is cryptographically attributable.
Pre-logic validation tool that proactively identifies logical flaws before providing answers, used for rationality verification in scenarios such as product recommendation, quotation, data analysis, etc. Use when: - Validate product price authenticity before product recommendation - Data analysis consistency check - Budget-plan matching validation - Unit conversion verification - Factual statement validation before making factual claims - Proactively find logic flaws Cross-references: content-extractor, long-form-writer, rss-feed, document-hub Part of UniqueClub toolkit. Learn more: https://uniqueclub.ai
Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.
This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.
X (Twitter) data platform skill — tweet search, user lookup, follower extraction, engagement metrics, giveaway draws, monitoring, webhooks, 19 extraction tools, MCP server.