'Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches,

'Perform comprehensive ICS/OT asset discovery using Claroty xDome platform, leveraging passive monitoring, Claroty

'Automates Indicator of Compromise (IOC) enrichment by orchestrating lookups across VirusTotal, AbuseIPDB, Shodan,

'Detects lateral movement techniques including Pass-the-Hash, PsExec, WMI execution, RDP pivoting, and SMB-based

Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization,

'This skill covers performing vulnerability assessments in OT environments using the Claroty xDome platform for

'This skill covers conducting cybersecurity assessments of electric power grid infrastructure including generation

'Perform security analysis of Siemens S7comm and S7CommPlus protocols used by SIMATIC S7 PLCs to identify vulnerabilities

'This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source

SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring,

Assess SSL/TLS server configurations using the sslyze Python library to evaluate cipher suites, certificate chains,

'Performs proactive threat hunting in Elastic Security SIEM using KQL/EQL queries, detection rules, and Timeline

Build comprehensive forensic super-timelines using Plaso (log2timeline) to correlate events across file systems,

Perform comprehensive Windows forensic artifact analysis using Eric Zimmerman's open-source EZ Tools suite including

'Executes structured recovery from a ransomware incident following NIST and CISA frameworks, including environment

'This skill provides step-by-step procedures for identifying and remediating Amazon S3 bucket misconfigurations

'Reverse engineers malware binaries using NSA''s Ghidra disassembler and decompiler to understand internal logic,

'Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection,

'This skill covers implementing secure remote access to OT/ICS environments for operators, engineers, and vendors

Classify and prioritize security incidents using structured IR playbooks to determine severity, assign response

'Performs initial triage of security incidents to determine severity, scope, and required response actions using

Instructions for AI coding agents working on the React on Rails codebase.

Describes how to use abilities. Read before any conversation.

Use when design is complete and you need detailed implementation tasks for engineers with zero codebase context - creates comprehensive implementation plans with exact file paths, complete code examples, and verification steps assuming engineer has minimal domain knowledge

Use this whenever you need to create an isolated workspace.

<required>

Release workflow for the client release group. Supports two modes: **interactive** (default) and **autonomous**.

Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.

Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.

>-

Vue Router 4 patterns, navigation guards, route params, and route-component lifecycle interactions.

Apply VueUse composables where appropriate to build concise, maintainable Vue.js / Nuxt features.

Operation-aware node configuration guidance. Use when configuring nodes, understanding property dependencies, determining required fields, choosing between get_node detail levels, or learning common configuration patterns by node type. Always use this skill when setting up node parameters — it explains which fields are required for each operation, how displayOptions control field visibility, and when to use patchNodeField for surgical edits vs full node updates.

Proven workflow architectural patterns from real n8n workflows. Use when building new workflows, designing workflow structure, choosing workflow patterns, planning workflow architecture, or asking about webhook processing, HTTP API integration, database operations, AI agent workflows, batch processing, or scheduled tasks. Always consult this skill when the user asks to create, build, or design an n8n workflow, automate a process, or connect services — even if they don't explicitly mention 'patterns'. Covers webhook, API, database, AI, batch processing, and scheduled automation architectures.

Instructions for adding new message types to the safe-output messages system

Charlie Munger's multidisciplinary thinking and mental models — the framework of Berkshire Hathaway's architect, built from rationality, inversion, patience, and the lollapalooza effect.

Recommend suitable Chinese shopping platforms based on product category and shopping intent.

Use this guide when Codex should operate a Vault managed by the `LLM Knowledge Bases` MCP server.

>

Query Atlas Obscura places for weird/obscure location inspiration. Use when you need nearby curiosities by coordinates, place lookup by ID, or global place coordinates for creative prompt spice and worldbuilding.

>

Use this guide when Codex should operate a Vault managed by the `LLM Wiki Karpathy` MCP server.

1. 确认工种（如：ops/dev/qa）

Headless browser automation server for AI agents. Run locally or deploy to any cloud provider.

<!-- SPACESUIT:BEGIN AGENTS -->

- Keep OpenClaw as the source of truth.

This repository is an **AgentSkill** for OpenClaw / Clawdbot: **Freedcamp**.

This file documents how this AI Persona operates—the rules learned through practice, patterns that work, and lessons that became doctrine.

This repository has four main areas: