Auto-selects best Kaizen method (Gemba Walk, Value Stream, or Muda) for target

Iterative Five Whys root cause analysis drilling from symptoms to fundamentals

Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).

Guide for setup Serena MCP server for semantic code retrieval and editing capabilities

Execute a task with sub-agent implementation and LLM-as-a-judge verification with automatic retry loop

Execute complex tasks through sequential sub-agent orchestration with intelligent model selection, meta-judge → LLM-as-a-judge verification

>

Material Design 3 and Android platform guidelines. Use when building Android apps with Jetpack Compose or XML layouts, implementing Material You, navigation, or accessibility. Triggers on tasks involving Android UI, Compose components, dynamic color, or Material Design compliance.

Apple Human Interface Guidelines for Mac. Use when building macOS apps with SwiftUI or AppKit, implementing menu bars, toolbars, window management, or keyboard shortcuts. Triggers on tasks involving Mac UI, desktop apps, or Mac Catalyst.

Apple Human Interface Guidelines for Apple TV. Use when building tvOS apps with focus-based navigation, Siri Remote input, or living room viewing experiences. Triggers on tasks involving Apple TV, tvOS, 10-foot UI, or media playback.

Build AI agents with Pydantic AI (Python) and Claude SDK (Node.js)

gh, vercel, supabase, render CLI and deployment platform setup

Dynamic multi-repo and monorepo awareness for Claude Code. Analyze workspace topology, track API contracts, and maintain cross-repo context.

Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and

Examine Linux system artifacts including auth logs, cron jobs, shell history, and system configuration to uncover

'Executes malware samples in Cuckoo Sandbox to observe runtime behavior including process creation, file system

'Auditing Kubernetes cluster RBAC configurations to identify overly permissive roles, wildcard permissions, dangerous

'Builds comprehensive identity governance and lifecycle management processes including joiner-mover-leaver automation,

'Builds a structured ransomware incident response playbook aligned with the CISA StopRansomware Guide and NIST

'Builds a structured SOC incident response playbook for ransomware attacks covering detection, containment, eradication,

Build a vulnerability exception and risk acceptance tracking system with approval workflows, compensating controls

'Responds to malware infections across enterprise endpoints by identifying the malware family, determining infection

'Executes containment strategies to stop active adversary operations and prevent lateral movement during a confirmed

'This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection

'Detecting compromised cloud credentials across AWS, Azure, and GCP by analyzing anomalous API activity, impossible

'Detecting misconfigured Azure Storage accounts including publicly accessible blob containers, missing encryption

'Detects and analyzes malicious behavior in mobile applications through behavioral analysis, permission abuse

Detect WMI event subscription persistence by analyzing Sysmon Event IDs 19, 20, and 21 for malicious EventFilter,

'Implements application whitelisting using Windows AppLocker to restrict unauthorized software execution on endpoints,

'Implementing AWS Security Hub to aggregate security findings across AWS accounts, enable compliance standards

'Implementing Cloud Security Posture Management (CSPM) to continuously monitor multi-cloud environments for misconfigurations,

'Implement secure conduit architecture for OT remote access following IEC 62443 zones and conduits model, deploying

'Implements Delinea Secret Server for privileged access management (PAM) including secret vault configuration,

Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based

Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy,

Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based

'Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection,

Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect,

Deploy Cisco Identity Services Engine for 802.1X wired and wireless authentication, MAC Authentication Bypass,

PCI DSS 4.0.1 establishes 12 requirements across 6 control objectives for organizations that store, process, or transmit cardholder data. With PCI DSS 3.2.1 retiring April 2024 and 51 new requirements

'This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes

'Implements privileged session monitoring and recording using Privileged Access Management (PAM) solutions, focusing

'This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories.

'Implements Security Orchestration, Automation, and Response (SOAR) workflows using Splunk SOAR (formerly Phantom)

'Implements an integrated incident ticketing system connecting SIEM alerts to ServiceNow, Jira, or TheHive for

'Implementing zero trust access controls for SaaS applications using CASB, SSPM, conditional access policies,

Implement Zero Trust Network Access using Zscaler Private Access (ZPA) to replace traditional VPN with identity-based,

Investigate Active Directory compromise by analyzing authentication logs, replication metadata, Group Policy

Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations,

Perform comprehensive security posture assessment of AWS accounts using ScoutSuite to enumerate resources, identify