Loading...
Loading...
Found 1,284 Skills
Security vetting for AI agent skills. Use before installing any skill from ClawHub, GitHub, or other sources.
The project's all-seeing guide. Sentinel MUST activate before Claude takes any action that modifies, creates, or deletes anything in the project. It understands the codebase, architecture, brand, design system, business model, deployment pipeline, testing strategy, and every convention. Trigger on: action requests (build, fix, add, change, update, refactor, implement, create, remove, delete, migrate, deploy, integrate, improve, configure, install, bump, upgrade, debug, troubleshoot, move, rename); casual requests (can you, I need to, let's, go ahead and, help me, we need to); status reports (X is broken/failing, there's a bug); project questions (how does X work here, where would I add, walk me through); planning (scope this, break this down, write a spec). Do NOT trigger on general knowledge, blog posts, interview prep, or tech comparisons for other projects. Key test: does this need THIS project's context? If yes, trigger. Sentinel guides Claude, it does not execute. No task is too small.
DingTalk Address Book and Contact Query. Use this skill when the user mentions terms like "DingTalk address book", "find employee", "search user", "check user info", "get user details", "user phone number", "employee name", "employee ID", "check department", "search department", "department members", "department list", "department details", "sub-department", "parent department", "department path", "total number of employees", "address book search", "userId to unionId", "unionId to userId", "dingtalk contact", "dingtalk directory", "find user", "get user info", "department members". Supported operations: search users/departments by keyword, get complete user information (name/phone/employee ID/department/position/unionId), get department member list, get department tree structure, query user's department path, count total number of employees, and all other address book operations.
Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated user can access or modify resources belonging to other users by manipulating object identifiers in API requests. The tester intercepts API calls, identifies object ID parameters (numeric IDs, UUIDs, slugs), and systematically replaces them with IDs belonging to other users to determine if the server enforces per-object authorization. This is OWASP API Security Top 10 2023 risk API1. Activates for requests involving BOLA testing, IDOR in APIs, object-level authorization testing, or API access control bypass.
Help other designers develop judgment without imposing your style. Use when mentoring designers, running design education, or building team-wide quality standards.
Use when implementing game animations, player feedback, character movement, or interactive entertainment in Unity, Unreal, or other game engines.
DingTalk Todo Management. Use this skill when the user mentions terms like "DingTalk Todo", "todo task", "create todo", "add todo", "view todo", "complete todo", "mark as complete", "delete todo", "todo list", "my todos", "set deadline", "assign todo", "dingtalk todo", "todo task", "task management". Supported operations include: creating todos (with description/deadline/priority/participants), getting details, querying lists (filtered by completion status), updating todos, marking as complete, deleting todos, and all other todo-related operations.
Expert knowledge for Azure Analysis Services development including troubleshooting. Use when testing server connections, debugging gateway or firewall blocks, or checking connection strings and ports, and other Azure Analysis Services related development tasks. Not for Azure Synapse Analytics (use azure-synapse-analytics), Azure SQL Database (use azure-sql-database), Azure SQL Managed Instance (use azure-sql-managed-instance), SQL Server on Azure Virtual Machines (use azure-sql-virtual-machines).
Expert knowledge for Azure External Attack Surface Management development including limits & quotas, configuration, and integrations & coding patterns. Use when querying EASM assets, setting policy rules, exporting to Log Analytics or Data Explorer, or estimating billing, and other Azure External Attack Surface Management related development tasks. Not for Azure Defender For Cloud (use azure-defender-for-cloud), Azure Security (use azure-security), Azure Sentinel (use azure-sentinel), Azure Firewall (use azure-firewall).
Expert knowledge for Azure AI Immersive Reader development including best practices, limits & quotas, security, configuration, and integrations & coding patterns. Use when tuning read-aloud/translation, storing user prefs, Entra auth setup, JS SDK integration, or language support, and other Azure AI Immersive Reader related development tasks. Not for Azure AI Language (use azure-language-service), Azure AI Speech (use azure-speech), Azure Translator (use azure-translator), Azure AI services (use microsoft-foundry-tools).
Expert knowledge for Azure Payment Hsm development including troubleshooting, best practices, decision making, architecture & design patterns, security, and configuration. Use when designing Payment HSM VNets/FastPath, payShield Manager access, HA/DR topologies, SKUs, or traffic inspection, and other Azure Payment Hsm related development tasks. Not for Azure Dedicated HSM (use azure-dedicated-hsm), Azure Key Vault (use azure-key-vault), Azure Cloud Hsm (use azure-cloud-hsm), Azure Security (use azure-security).
Expert guidance for planning and executing cloud adoption using Azure Cloud Adoption Framework. Covers strategy, planning, readiness & landing zones, adoption patterns, governance, security, operations & management, organization & teams, and adoption scenarios. Use when designing Azure landing zones, AVS/AKS, SAP/Oracle migrations, AVD/VDI, or AI/analytics platforms, and other Azure Cloud Adoption Framework related development tasks.