Guide for adult content payment processor selection, merchant account application, compliance, webhook integration, and fallback strategies (CCBill, SegPay, AllSecure, Epoch,…
보안 강화(Security Hardening) 컨벤션 참조 스킬. 입력 검증, SQL injection 방지, XSS 방지, 암호화, 권한 관리 등 프로덕션 배포 전 필수 보안 조치를 제공한다.
Unified APM and monitoring surface. Polls Datadog, New Relic, and OpenTelemetry backends for active alerts, error traces, and entity health.
OPNsense configuration via Terraform. Trigger for interfaces, firewall, NAT, DHCP/DNS, aliases.
Ship parcels via any configured carrier — MyParcel, Sendcloud, DHL Parcel NL, PostNL, DPD, UPS, FedEx.
Post-setup credential manager. Shows current integration status (configured/missing/expired) and lets you update individual credentials without re-running the full setup wizard.
Perform a security audit based on OWASP. Use when the user wants to verify security, look for vulnerabilities, or before a production deployment.
Researches malware analysis, CVEs, attribution reports, and hacker community sources. Use when the album subject involves cybersecurity incidents or threat actors.
Audit de sécurité complet pour les projets Supabase. Lance un pentest automatisé qui vérifie RLS, buckets, auth, keys exposées, et génère un rapport avec remediation.
Completely remove claude-ops plugin, all stored credentials, cached files, shell exports, and MCP registrations. Confirms each step before deletion.
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference.
AI Media Generator — generování produktových fotek a B-roll videí přes fal.ai. Expert-level prompting pro food/beverage/FMCG produkty.
Analyze feature requirements, dependencies, and security considerations. Use when starting feature implementation from GitHub issues to understand scope, technical feasibility,…
Expert-level security auditing, compliance, code review, and vulnerability assessment
Authentication and authorization including JWT, OAuth2, OIDC, sessions, RBAC, and security analysis. Activate for login, auth flows, security audits, threat modeling, access…
AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config
Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
Pedantic backend pre-commit and atomic commit Skill for Django/Optimo-style repos. Enforces local AGENTS.md / CLAUDE.md, pre-commit hooks, .security/* helpers, and Monty’s backend…
Red vs Blue team security competition orchestrator. Runs long-running overnight battles with 1000s of interactions, scoring, and insight generation.
Amazon Bedrock Automated Reasoning for mathematical verification of AI responses against formal policy rules with up to 99% accuracy.
Amazon Bedrock Prompt Management for creating, versioning, and managing prompt templates with variables, multi-variant A/B testing, and flow integration.
Expert-level blockchain, Web3, smart contracts, DeFi, and cryptocurrency development
OrchestKit security wrapper for browser automation. Adds URL blocklisting, rate limiting, robots.txt enforcement, and ethical scraping guardrails on top of the upstream…
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit…
Diagnoses and fixes HTTPS/SSL certificate issues in the network infrastructure by checking API tokens, validating Caddy configuration, and testing certificates.
AI-powered analysis of cancer metabolic reprogramming including Warburg effect, glutamine addiction, lipid metabolism, and metabolic vulnerabilities for therapeutic targeting.
AI-powered analysis of chromosomal instability (CIN) signatures for cancer prognosis, immunotherapy response prediction, and therapeutic vulnerability identification.
Validate and analyze AWS CloudFormation templates for security and best practices
Fetches cryptocurrency market data, prices, technical analysis, news, and trends using the CoinMarketCap MCP.
Universal coding principles: DRY, security by default, null guards, and YAGNI. Trigger: When writing or reviewing code in any language or technology.
Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis.
Expert-level CodeQL for static analysis, vulnerability detection, and security code scanning
Automated evidence collection across compliance frameworks from cloud providers, identity systems, and security tools
System bottleneck identification and exploitation skill with throughput analysis and five focusing steps implementation
Container image and Kubernetes security scanning for CVEs, misconfigurations, and compliance
Gets secure, one-time-use payment credentials (cards, tokens) from a Link wallet so agents can complete purchases on behalf of users.
Cryptographic implementation analysis and validation for encryption algorithms, key sizes, and certificate management
Performs comprehensive due diligence on a cryptocurrency using CoinMarketCap MCP data. Use when users ask about a specific coin beyond just its price.
Medical device cybersecurity risk assessment skill per FDA premarket and postmarket guidance
Validates permission inheritance between parent and child agents. Ensures child permissions are equal to or more restrictive than parent.
Runtime enforcement of file system boundaries and tool access restrictions. Blocks unauthorized operations and logs violations.
Evaluates whether a programming language dependency should be used by analyzing maintenance activity, security posture, community health, documentation quality, dependency…
Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius,…
TOS-compliant Discord notification monitor. Watches YOUR Discord server for security content forwarded by researchers, matches keywords, and pushes to paper-writer/dogpile via…
Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by…
Deploy payloads and shell commands fleet-wide using reliable tasking. Execute scripts, collect data, or run commands across all endpoints with automatic handling of offline…
Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence for each bug.
GCP security configuration scanning and hardening using Security Command Center, Forseti, and ScoutSuite
Retroactively verify threat mitigations for a completed phase
Containerized security auditing and ethical hacking tools. All operations run in isolated Docker containers for safety.
HIPAA security and privacy compliance automation for ePHI protection, safeguards assessment, and audit preparation
Infrastructure as Code security scanning and policy enforcement for Terraform, CloudFormation, Kubernetes, and Pulumi
Creates repository following Clean Architecture with Protocol in domain layer and Implementation in infrastructure layer.
Internet.nl batch API voor het geautomatiseerd testen van meerdere domeinen op internetstandaarden. Authenticatie, batch requests, polling, resultaten JSON, dashboard-integratie.
Mailstandaarden getest door internet.nl: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), DMARC (Domain-based Message Authentication), STARTTLS, DANE (DNS-based…
Stap-voor-stap implementatiegidsen uit de internet.nl toolbox-wiki. Configuratie van DNSSEC, HTTPS/TLS, DMARC, DKIM, SPF, DANE en IPv6 op veelgebruikte platformen (BIND, NSD,…
Webstandaarden getest door internet.nl: HTTPS, TLS 1.2/1.3, HSTS, DNSSEC voor websites, IPv6 dual-stack, RPKI route origin validation, security headers (CSP, X-Frame-Options,…
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production.
Create investigations from security events, detections, or LCQL queries. Performs HOLISTIC investigations - not just process trees, but initial access hunting, org-wide scope…
Expert-level Istio service mesh management, traffic control, security, and observability for Kubernetes