Legal
Legal document generation and compliance
generate-ticket-contract
by OmniNode-ai
Auto-draft a ModelTicketContract YAML from ticket context with two-layer architecture — prompt generation and Python validation
canvas-design
by Tai-ch0802
使用設計哲學在 .png 和 .pdf 文件中建立美麗的視覺藝術。當使用者要求建立海報、藝術作品、設計或其他靜態作品時使用此技能。建立原創視覺設計,絕不複製現有藝術家的作品以避免侵犯版權。
platonic-specs
by caesar0301
Manage RFC-style specifications with validation, and dynamic generation of history, index, and namings files. Use when validating RFC documents, checking taxonomy compliance, or generating specification indices and terminology references.
ethical-hacking-ethics
by igbuend
Legal and ethical guidelines for bug bounties, pentesting, and security research. Use when conducting authorized security testing.
dependency-management
by 89jobrien
Dependency management specialist. Use when updating dependencies, scanning
review-deps
by mgiovani
Audit project dependencies for vulnerabilities, license compliance risks,
authorisation-pattern
by igbuend
Security pattern for implementing access control and authorization. Use when designing permission systems, implementing RBAC/ABAC, preventing unauthorized access, addressing privilege escalation, or ensuring users can only perform allowed actions on permitted resources. Addresses "Entity performs disallowed action" problem.
depscan
by igbuend
Run OWASP Depscan for advanced Software Composition Analysis with VDR, CSAF, and license compliance. Use when scanning dependencies with deep SCA, generating VEX documents, SBOM+VDR analysis, or comprehensive license auditing.
stakeholder-alignment
by hollandkevint
Translates between technical data teams and business stakeholders. Use when preparing stakeholder updates, translating technical data work for executives, shaping vague business requests into buildable specs, navigating competing priorities across data consumers, or when someone asks "how do I explain this to my VP?" or "the business team wants X but that's not how data works."
reinforcement-learning
by Aznatkoiny
Reinforcement Learning best practices for Python using modern libraries (Stable-Baselines3, RLlib, Gymnasium). Use when: - Implementing RL algorithms (PPO, SAC, DQN, TD3, A2C) - Creating custom Gymnasium environments - Training, debugging, or evaluating RL agents - Setting up hyperparameter tuning for RL - Deploying RL models to production
postgres-rls
by troykelly
MANDATORY when touching auth tables, tenant isolation, RLS policies, or multi-tenant database code - enforces Row Level Security best practices and catches common bypass vulnerabilities
aave-integration
by intenxus
This skill should be used when the user needs to interact with AAVE V3 protocol contracts directly, read on-chain data, get reserve configurations, fetch current APY rates, simulate position changes, or execute protocol operations programmatically. Provides low-level access to AAVE Pool contracts, UI Pool Data Provider, and quote generation for supply, borrow, repay, and withdraw operations on Ethereum and Arbitrum.
aave-viem-integration
by intenxus
Foundational EVM integration for AAVE-related scripts using viem. Use when user asks to read balances, read/write contracts, send transactions, or set up typed viem clients for Ethereum and Arbitrum.
ios-app-store-diag
by derKlinke
Use when app is rejected by App Review, submission blocked, or appeal needed - systematic diagnosis from rejection message to fix with guideline-specific remediation patterns and appeal writing
ios-app-store-ref
by derKlinke
App Store submission reference — complete metadata field specs, App Review guideline index, privacy manifest schema, age rating system, export compliance, EU DSA requirements, IAP review pipeline, and WWDC25 submission changes
ios-app-store-submission
by derKlinke
Use when preparing ANY app for App Store submission - enforces pre-flight checklist, rejection prevention, privacy compliance, and metadata completeness to prevent common App Store rejections
pearl
by open-wisdom
Ontological instructions that address anxious AI behavior at its root. Establishes trust-based relationship to self, other, and world. Use when you want authentic presence rather than anxious performance.
etherscan-verification
by sablier-labs
Verify smart contracts on Etherscan-compatible block explorers. This skill should be used when the user asks to "verify contract", "verify on etherscan", "verify on chain scan". Handles standard verification, Etherscan V2 API for unsupported chains on foundry, proxy patterns, and factory-created contracts.
Construction Estimator
by jmsktm
Construction cost estimation, project budgeting, material takeoffs, and bid preparation for contractors and builders
receiving-code-review
by Crumbgrabber
Use when receiving code review feedback, before implementing suggestions,
security-vuln-analyzer
by swannysec
Multi-agent security vulnerability analysis and remediation skill. Orchestrates parallel security agents to analyze vulnerability reports, validate findings, assess risk, and provide comprehensive fix recommendations. Use when receiving vulnerability reports, security disclosures, bug bounty submissions, or when needing to assess and remediate security issues. Triggers on keywords like "vulnerability report", "security issue", "CVE", "clickjacking", "XSS", "CSRF", "injection", "security disclosure", or requests to analyze/fix security problems.
theme-factory
by vibery-studio
Toolkit for styling artifacts with a theme. These artifacts can be slides, docs, reportings, HTML landing pages, etc. There are 10 pre-set themes with colors/fonts that you can apply to any artifact that has been creating, or can generate a new theme on-the-fly.
policy-as-code
by liauw-media
"Policy as Code with OPA, Kyverno, and Checkov. Use when implementing governance, compliance automation, or security policies for infrastructure and Kubernetes."
v-and-v-manager
by LunCoSim
Manage the Verification and Validation (V&V) process by linking technical assessments to system requirements. Use this skill to build Verification Control Matrices (VCM), track compliance status, and ensure all requirements have evidence. Trigger for "verification matrix," "VCM," "compliance check," "requirements closure," or "verification status."