Explore skills

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control assessment, and certification support. Use when the user mentions ISO 27001, ISMS audit, Annex A controls, Statement of Applicability (SOA), gap analysis, nonconformity management, internal audit, surveillance audit, or security certification preparation. Helps review control implemen

ISO/IEC 42001:2023 AI Management System (AIMS) specialist for compliance teams running internal audits. Three decisions: (1) Where are the gaps against Clauses 4-10 and what do we close first? (2) What goes in the AI risk register and which Annex A controls treat each risk? (3) What's the 12-month internal audit plan that satisfies Clause 9.2? Use when preparing for certification, scoping internal

12 regulatory & QM agent skills and plugins for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw. ISO 13485 QMS, MDR 2017/745, FDA 510(k)/PMA, ISO 27001 ISMS, GDPR/DSGVO, risk management (ISO 14971), CAPA, document control, auditing. Python tools (stdlib-only).

Critical review (min. 5 findings). Modes: code, audit, plan. Use when: "review", "critical review", "code review", "plan review", "audit review".

Repository audit for non-website projects (CLI, libs, backend, monorepo). Use when: "project-audit", "project audit", "repo audit", "code audit".

SvelteKit & Svelte 5 Migration, Best-Practice Audit with state persistence. Use when: "sveltekit-audit", "sveltekit upgrade", "svelte migration", "svelte check", "sveltekit version", "svelte 5 runes".

Systematic website audit (stack detection, 9 phases). Use when: "audit", "website audit", "site audit", "check website".

Pre-publication audit for repositories about to go public or already public. Catches what other skills miss: secrets in git history (not just HEAD), license compliance, internal references (private URLs, internal hostnames, employee names), trademark exposure, attribution gaps, and community-readiness gaps (CONTRIBUTING, CODE_OF_CONDUCT, SECURITY.md, LICENSE headers). Use when: "open source readin

Review NEAN code for compliance with standards, NFRs, and security policy.

Expert cybersecurity skill in vulnerability analysis (OWASP Web & LLM Top 10), bug bounty reports, pentest methodology, and secure code review (Java, Angular, Node, Python). Includes Docker/Kubernetes hardening, compliance (NIST CSF 2.0, ISO 27001, CIS v8), and STRIDE threat modeling, activated for backend code/API generation or security inquiries.

This skill provides comprehensive testing and validation for Claude skills. It is used to test, validate, audit, or quality-check a skill, including identifying problems and handling edge cases.

This multi-perspective code review council involves advisors analyzing, reviewers cross-examining, and a chairman synthesizing a verdict. It is ideal for complex tasks like architecture decisions, security audits, and deep pre-merge reviews, but not for simple code generation or syntax fixes.