password-hash-generator

xss-vulnerability-scanner

gdpr-compliance-scanner

hipaa-audit-helper

network-security-scanner

security-policy-generator

soc2-compliance-checker

vulnerability-report-generator

batch-file-processor

Design the approach and execution plan by entering the canonical vibe runtime with a planning-first bias.

../../../.config/agents/rules/zod.md

OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in large language model systems - Brought to you by microsoft/hve-core.

OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core.

OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.

SCM (software configuration management) and Git — branching, merges, conflicts, worktrees, baselines, audit readiness, plus Conventional Commits and safe staging.

Configure `gh` CLI for GitHub access.

Process the Refinery merge queue - collect agent work, detect and resolve conflicts, merge in dependency order, and verify integration.

Symbolic execution analysis using Mythril for deep vulnerability detection in smart contracts. Supports configurable transaction depth, timeout settings, and proof-of-concept exploit generation.

Deep expertise in Solidity language features, patterns, and best practices for secure smart contract development. Covers ERC standards, gas optimization, upgradeable contracts, and security patterns.

Automated audit workpaper preparation skill with PBC list management

Fraud risk assessment skill based on the fraud triangle with red flag detection

Configure and manage Learning Management System operations including courses, enrollments, compliance training, and learning analytics

5S workplace organization audit skill with scoring, photo documentation, and sustainability tracking

Internal quality audit skill with planning, execution, findings documentation, and corrective action tracking

Capture, categorize, and retrieve project lessons learned for organizational learning

AP style compliance, grammar checking, and PR writing assistance

Engine emissions calibration and aftertreatment optimization expertise

MISRA C/C++ static analysis and compliance checking

HIPAA compliance validation skill for genomic data handling and audit

Medical device standards compliance verification skill for ISO 13485, ISO 14971, IEC 62304, IEC 60601, and related standards

Unique Device Identification (UDI) and labeling compliance skill for generating compliant labels and device identifiers

Alarm management skill for alarm rationalization, setpoint optimization, and ISA-18.2 compliance

Process flow diagram and P&ID generation skill with standards compliance and symbol libraries

Skill for pressure vessel design and analysis per ASME BPVC

Regulatory compliance skill for ISO nanotechnology standards verification and documentation

Safety documentation skill for generating Safety Data Sheets for nanomaterials

Develop comprehensive risk management plans for collections and cultural venues including disaster preparedness, security protocols, and insurance coordination

Simulate Joint Commission tracer methodology to assess compliance with accreditation standards across patient care processes and support systems

Deep expertise in ARM Cortex-M architecture and peripherals

Common shader effects skill for dissolve, outline, hologram, toon, water, fire effects.

GDPR compliance assessment and automation for data mapping, consent management, DSAR handling, and privacy impact assessments

Integration with security-focused static analysis tools

Google Analytics 4, tag management, and event tracking.

OAuth 2.0/OIDC flows, provider integration, and token handling.

Scan .claude/ directory for security misconfigurations, exposed secrets, unsafe permissions

Environment Triage

Systematic false positive verification for security findings. Provides structured methodology to confirm or dismiss scanner results, manual audit findings, and automated alerts. Adapted from Trail of Bits. Use when triaging security scan results or verifying audit findings.

Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.

Génère un rapport d'analyse comparative structuré et neutre entre deux enseignes de distribution (ex: BIM et Kazyon), basé sur des visites de terrain et couvrant la stratégie, l'aménagement, le merchandising, l'assortiment et le service client.

用于编写VBA宏，批量处理Excel中的超链接。支持将绝对路径转换为相对路径以解决共享问题，或根据文件夹名称批量创建指向本地文件夹的超链接，并自动校验文件存在性。