Loading...
Loading...
Found 1,487 Skills
This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.
Use this skill when planning corporate tax strategy, claiming R&D credits, managing transfer pricing, or ensuring tax compliance. Triggers on corporate tax, R&D tax credits, transfer pricing, tax compliance, sales tax, VAT, international tax, and any task requiring tax planning or compliance strategy.
TranscribeMe platform help — human+AI hybrid transcription service with 99% accuracy guarantee on human-reviewed tiers, HIPAA compliance, and REST API. Use when uploading audio for human-edited transcription, choosing between Machine Express and human-reviewed tiers, integrating TranscribeMe API into a transcript pipeline, comparing TranscribeMe vs Rev vs GoTranscript vs Sonix for accuracy-critical transcription, troubleshooting slow turnaround or inconsistent punctuation, setting up HIPAA-compliant medical or legal transcription, or debugging chunked upload or OAuth token issues. Do NOT use for live meeting recording or real-time transcription (TranscribeMe is upload-only — use /sales-note-taker for live meeting tools).
Audits the security posture of a CockroachDB cluster (Cloud or self-hosted) across network, authentication, authorization, encryption, audit logging, and backup dimensions. Use when assessing cluster security readiness, preparing for compliance reviews, or investigating security configuration gaps.
Validates practitioner credentials and license status against the NPI registry. Cross-references specialties, credentials, and practice addresses against official records. Returns Verified / Partially Verified / Unverified / Flagged per practitioner with mismatch details and source URLs. Triggers: "verify these doctors", "check provider credentials", "validate licenses", "verify NPI numbers", "cross-check credentials against NPI", "compliance audit on providers", "are these practitioners still licensed", "validate my provider list". Accepts CSV, Google Sheet URL, or pasted data. Do NOT use for extracting providers from practice URLs — use healthcare-providers-extract instead. Do NOT use for filling data gaps — use healthcare-providers-enrich instead. Do NOT use for discovering practices — use market-finder or local-places instead. Do NOT use for general extraction — use nimble-web-expert instead.
Enables a multi-region AWS CloudTrail trail with S3 log storage, CloudWatch Logs integration, and CloudWatch Logs Insights queries for security monitoring and compliance auditing. Use when setting up centralized API activity logging across all AWS regions.
Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIPAA/GDPR), security architecture strategy, incident response leadership, and board-level security reporting. Use when building security programs, justifying security budget, selecting compliance frameworks, managing incidents, assessing vendor risk, or when user mentions CISO, security strategy, compliance roadmap, zero trust, or board security reporting.
Guide the understanding and management of trade settlement and clearing processes. Use when designing settlement workflows for T+1 compliance, understanding DTC/NSCC/FICC clearing infrastructure, analyzing continuous net settlement (CNS) netting obligations, setting up institutional trade processing (affirmation, confirmation, allocation, matching), investigating settlement fails and designing fail reduction programs, implementing buy-in procedures under Reg SHO Rule 204, assessing corporate action impact on pending settlements, evaluating DVP/RVP mechanics for institutional deliveries, handling when-issued or as-of trades, or managing settlement bank relationships and intraday liquidity. Also covers FX funding gaps for cross-border T+1 settlement.
Track subcontractor payments, lien waivers, and compliance. Manage payment schedules and documentation.
Strategic advisory for digital health and healthtech founders covering HIPAA scope, FDA SaMD vs non-SaMD classification, EHR integration patterns, payor/provider/employer GTM, and value-based care models. Complements the RA/QM compliance domain with software-side strategic guidance. Use when scoping a healthtech idea, classifying PHI, picking a GTM, or when the user mentions HIPAA, PHI, FDA SaMD, EHR integration, telehealth, or digital therapeutics.
Scores completed OKR sets at cycle close with KR-level scoring per the canonical OKR type enum (committed | aspirational | learning | operational_health | compliance_or_safety), committed-vs-aspirational interpretation, evidence quality assessment, learning synthesis, and next-cycle recommendations. Refuses to retroactively change targets or shrink committed scope, average away guardrail KRs, treat 0.7 as success for committed or compliance_or_safety KRs, equate effort with impact, or use scores for individual performance. Hands off to iterate-lessons-log, iterate-retrospective, define-hypothesis, measure-dashboard-requirements, measure-instrumentation-spec, and foundation-okr-writer.
Guides corporate legal support—entity structure, board and stockholder governance, corporate resolutions and minutes, equity and cap table mechanics, corporate policies, intercompany arrangements, and corporate closing checklists for financings or M&A. Use when drafting board materials, reviewing governance documents, entity formation or subsidiary setup, stockholder consents, option plan mechanics, D&O considerations at checklist level, or corporate approval packages—not for B2B MSAs and vendor/customer redlines (commercial-counsel), SOC/ISO evidence (compliance-engineer), tax/accounting treatment (senior-revenue-accountant), or employee HRIS and lifecycle operations (people-operations-specialist). For live deal execution—diligence coordination, closing matrix, signing, funds flow—use transaction-manager. For deal thesis, valuation, and negotiation mandate, use transaction-principal. Output is drafting assistance; human counsel must approve binding actions.