Explorar skills

Security audit for Android projects. Checks OWASP-oriented client-side risks, manifest exposure, hardcoded secrets, WebView handling, storage posture, and build obfuscation evidence. Triggers on: "security", "OWASP", "permissions", "encryption", "WebView", "certificate pinning".

Build system and dependency hygiene review for Android projects. Focuses on module-aware Gradle evidence, KAPT/KSP migration risk, release shrink config, repository hygiene, and dependency verification. Triggers on: "build system", "gradle", "dependencies", "version catalog", "KAPT", "KSP".

El Onboarding Brownfield audita los artefactos de proyecto existentes para verificar la conformidad con el formato de la plantilla, clasifica las brechas por impacto y produce un plan de migración numerado. Úselo al unirse a un proyecto en curso o al actualizar desde una versión de plantilla anterior, asegurando que los artefactos existentes funcionarán con la plantilla.

Android 15/16 compatibility preflight. Evaluates target SDK posture, edge-to-edge signals, predictive back migration risk, large-screen behavior, and 16 KB page-size readiness with explicit version awareness. Triggers on: "compatibility", "android 16", "edge-to-edge", "predictive back", "large screen".

Use when administering a Synapse / Matrix homeserver — list or snapshot all rooms, rate room health (public, unencrypted, orphaned), render a Graphviz map of the room/space tree, force-join users, promote room admins, harden rooms (add-to-space + restrict + encrypt), deactivate Matrix users (with GDPR erase), find biggest rooms by DB size, audit where a user is admin or member, replay join/leave t

Full Android audit orchestration. Builds audit-context.json, dispatches specialist agents against that shared evidence, then applies canonical gate and cap logic. Triggers on: "audit", "full android check", "analyze my android project", "project health check".

Realiza auditorías de seguridad en cambios de código, diffs o ramas para encontrar vulnerabilidades explotables de alta confianza. Utilícelo para tareas como 'auditar seguridad', 'revisar vulnerabilidades' o 'escanear en busca de problemas de seguridad'.

Audita juegos en busca de vulnerabilidades de seguridad como manipulación de partidas guardadas, vectores de trampas, exploits de red y exposición de datos, ofreciendo un informe priorizado con guía de remediación. Se recomienda antes de cualquier lanzamiento público o multijugador.

Strategic Android improvement roadmap. 4-phase plan with app-type specific templates for social, ecommerce, fintech, health/fitness, productivity apps. Triggers on: "android plan", "android strategy", "android roadmap", "improvement plan".

Review an authorized application for business-logic vulnerabilities, workflow abuse, approval bypasses, replay conditions, quota circumvention, plan enforcement bugs, and state-transition errors. Use for billing, invites, approvals, refunds, admin actions, and multi-step workflows.

Flujo de trabajo de corrección de emergencia que omite los procesos normales de sprint con un registro de auditoría completo. Crea una rama de hotfix, rastrea las aprobaciones y asegura que la corrección se retroporte correctamente.

Conduct authorized defensive security audits of codebases and web applications. Use for broad appsec review across OWASP, authz, business logic, SSRF, XSS, CSRF, injection, file upload, secrets, logging, and tenant isolation. Produces structured findings with severity, confidence, evidence, and safe remediation guidance.