Explore skills

Comprehensive skill for Solidity smart contract security auditing and vulnerability analysis, leveraging methodologies from leading Web3 security firms like Trail of Bits, OpenZeppelin, and Consensys Diligence.

Review an authorized pull request diff for security regressions. Use when changes modify trust boundaries, auth logic, data-access scope, file handling, logging, headers, or secrets.

Perform a rapid defensive triage on an authorized code area when time is limited. Use to find the most plausible high-impact issues fast, then recommend the next best review target.

Perform a rapid defensive triage on an authorized code area when time is limited. Use to find the most plausible high-impact issues fast, then recommend the next best review target.

Runs a comprehensive 11-section health check on local OpenClaw installations, diagnosing configuration errors, session bloat, model drift, and other issues. It generates a structured report with CRITICAL/WARNING/INFO findings and offers interactive one-click fixes.

A black/grey-market intelligence analysis assistant based on JDArmy/BREAK for risk-control, anti-abuse, anti-fraud, trust & safety, and business security teams. It supports analysis of various fraud and abuse cases, from credential stuffing to content manipulation.

Use when generating Java code for web applications, APIs, or enterprise systems. It prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java.

Next.js App Router Best-Practice Audit with state persistence. Use when: "nextjs-audit", "nextjs upgrade", "next check", "nextjs version", "app router".

When the user wants to implement, audit, or validate structured data (schema markup) on their website. Use when the user mentions 'structured data,' 'schema.org,' 'JSON-LD,' 'rich results,' 'rich snippets,' 'schema markup,' 'FAQ schema,' 'Product schema,' 'HowTo schema,' or 'structured data errors in Search Console.' Also use when someone asks why their content isn't showing rich results or wants

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.

ISO 13485 internal audit expertise for medical device QMS. Covers audit planning, execution, nonconformity classification, and CAPA verification. Use for internal audit planning, audit execution, finding classification, external audit preparation, or audit program management.

ISO/IEC 42001:2023 AI Management System (AIMS) specialist for compliance teams running internal audits. Three decisions: (1) Where are the gaps against Clauses 4-10 and what do we close first? (2) What goes in the AI risk register and which Annex A controls treat each risk? (3) What's the 12-month internal audit plan that satisfies Clause 9.2? Use when preparing for certification, scoping internal