Implement Amazon Macie to automatically discover, classify, and protect sensitive data in S3 buckets using machine

Implement the CISA Zero Trust Maturity Model v2.0 across the five pillars of identity, devices, networks, applications,

Implement Cloud Security Posture Management using AWS Security Hub, Azure Defender for Cloud, and open-source

Enforce Kubernetes network segmentation using Calico CNI network policies and global network policies to control

Deploy Breach and Attack Simulation tools to continuously validate security control effectiveness by safely emulating

'Implements eBPF-based security monitoring using Cilium Tetragon for real-time process execution tracking, network

Envelope encryption is a strategy where data is encrypted with a data encryption key (DEK), and the DEK itself

Configure SAML 2.0 single sign-on for Google Workspace with a third-party identity provider, enabling centralized

'Deploys canary files, honeypot shares, and decoy systems to detect ransomware activity at the earliest possible

Deploy SailPoint IdentityNow or IdentityIQ for identity governance and administration. Covers identity lifecycle

Implement Just-In-Time (JIT) access provisioning to eliminate standing privileges by granting temporary, time-bound

'Implementing microsegmentation using Akamai Guardicore Segmentation to map application dependencies, create

'This skill covers implementing North American Electric Reliability Corporation Critical Infrastructure Protection

'Implements 802.1X port-based network access control using RADIUS authentication, PacketFence NAC, and switch

Configure and deploy Palo Alto Networks next-generation firewalls with App-ID, User-ID, zone-based policies,

Deploy CyberArk Privileged Access Management to discover, vault, rotate, and monitor privileged credentials across

Deploy and configure Proofpoint Email Protection as a secure email gateway to detect and block phishing, malware,

Harden Kubernetes Role-Based Access Control by implementing least-privilege policies, auditing role bindings,

Implement eBPF-based runtime security observability and enforcement in Kubernetes clusters using Cilium Tetragon

Implement SAML 2.0 Single Sign-On (SSO) using Okta as the Identity Provider (IdP). This skill covers end-to-end

Deploy CyberArk Secure Cloud Access to eliminate standing privileges in hybrid and multi-cloud environments using

Implement NextDNS as a zero trust DNS filtering layer with encrypted resolution, threat intelligence blocking,

Implement HashiCorp Boundary for identity-aware zero trust infrastructure access management with dynamic credential

'Investigates phishing email incidents from initial user report through header analysis, URL/attachment detonation,

'This skill covers implementing Okta as a centralized identity provider for cloud environments, configuring SSO

'Monitors dark web forums, marketplaces, paste sites, and ransomware leak sites for mentions of organizational

'Monitors Modbus TCP traffic on SCADA and ICS networks to detect anomalous function code usage, unauthorized

The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum

'Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify

Harbor is an open-source container registry that provides security features including vulnerability scanning

Context is the complete state available to a language model at inference time — system instructions, tool definitions, retrieved documents, message history, and tool outputs. Context engineering is th

Use when experiments complete to judge what claims the results support, what they don't, and what evidence is still missing. Codex MCP evaluates results against intended claims and routes to next action (pivot, supplement, or confirm). Use after experiments finish — before writing the paper or running ablations.

Turn a refined research proposal or method idea into a detailed, claim-driven experiment roadmap. Use after `research-refine`, or when the user asks for a detailed experiment plan, ablation matrix, evaluation protocol, run order, compute budget, or paper-ready validation that supports the core problem, novelty, simplicity, and any LLM / VLM / Diffusion / RL-based contribution.

JLCPCB PCB fabrication and assembly — BOM/CPL generation, basic vs extended parts, assembly constraints, design rules, ordering workflow. Use with KiCad for JLCPCB manufacturing. Use this skill when the user mentions JLCPCB, wants to order PCBs or assembled boards, needs prototype bare PCBs and stencils, wants to know JLCPCB design rules and capabilities, or is asking about PCB manufacturing costs or turnaround times. For gerber/CPL export, stencil ordering, and BOM management, see the `bom` skill.

List, add, edit, complete, or delete Apple Reminders and reminder lists via remindctl.

Audit and harden hosts running OpenClaw for SSH, firewall, updates, exposure, cron checks, and risk posture.

iMessage/SMS CLI for listing chats, history, and sending messages via Messages.app.

Diagnose OpenClaw Android, iOS, or macOS node pairing, QR/setup code, route, auth, and connection failures.

Get current weather, rain, temperature, and forecasts for locations or travel planning.

Modular Design Principles workflow skill. Use this skill when the user needs > and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

When the user wants to plan a posting schedule, create a content calendar, or organize when and what to post. Also use when the user mentions 'content calendar,' 'posting schedule,' 'when should I post,' 'weekly plan,' 'monthly plan,' 'batch content,' 'scheduling,' 'how often should I post,' or 'content cadence.' For deciding what topics to cover, see content-strategy-sms. For writing the actual posts, see post-writer-sms.

Manage multi-agent Telegram group collaboration for OpenClaw. Use when: (1) adding a new agent/bot to the team, (2) removing an agent, (3) listing current agents, (4) diagnosing multi-agent configuration issues, (5) clearing session caches, (6) syncing workspace team info. Triggers: 'multiagent', 'add agent', 'remove agent', 'agent doctor', 'agent list', 'clear sessions', 'multi-agent'.

This document defines the Claude Code skill for troubleshooting etcd issues on two-node OpenShift clusters with fencing topology. When activated, Claude becomes an expert etcd/Pacemaker troubleshooter

Agent execution engine that composes prompts, routes models, and writes run artifacts. Use when launching subagent runs.

Implement a GitHub issue by exploring the codebase, planning, and creating a PR

<SUBAGENT-STOP>

A user may ask you to create, edit, or analyze the contents of a .docx file. A .docx file is essentially a ZIP archive containing XML files and other resources that you can read or edit. You have different tools and workflows available for different tasks.

'Upgrade oxc, run codegen, and fix any breaking changes.'

Run CVlization examples on the `ssh l1` GPU host by copying only the needed example directory plus the shared `cvlization/` package into `/tmp`, then launching the example’s Docker scripts.

When the user says **"send it"**: