Explorar skills

This skill should be used when reviewing Firebase code against security model and best practices. Triggers on "review firebase", "check firebase", "validate", "audit firebase", "security review", "look at firebase code". Validates configuration, rules, architecture, and security.

Security audit for Android projects. Checks OWASP-oriented client-side risks, manifest exposure, hardcoded secrets, WebView handling, storage posture, and build obfuscation evidence. Triggers on: "security", "OWASP", "permissions", "encryption", "WebView", "certificate pinning".

Architecture assessment for Android projects. Evaluates Jetpack Compose adoption, UDF pattern (ViewModel + StateFlow), dependency injection, type-safe navigation, repository pattern, and module structure. Triggers on: "architecture", "compose adoption", "module structure", "dependency injection".

Use when the user requests a code review focused on engineering correctness, code quality, and technical rigor. On-demand Linus Torvalds persona review evaluating abstractions, error handling, security, logging/observability, performance, and whether the code is actually good. Trigger this skill whenever the user asks for a "linus review", "linus style", "engineering review", "correctness review",

Realiza auditorías de seguridad en cambios de código, diffs o ramas para encontrar vulnerabilidades explotables de alta confianza. Utilícelo para tareas como 'auditar seguridad', 'revisar vulnerabilidades' o 'escanear en busca de problemas de seguridad'.

Accessibility preflight for Android projects. Uses static source evidence to flag likely issues in semantics, labels, and touch-target setup while clearly separating low-confidence heuristics from verified findings.

Android project audit and preflight skill. Builds a shared audit_context.json from static project evidence, then uses specialist agents to interpret that evidence with explicit confidence and deterministic gate caps. Supports Kotlin/Compose and XML/Java repos, including library-only projects. Triggers on: "android audit", "android assessment", "android review", "android project health".

Pre-landing PR review - gstack staff-engineer code review army. CARL TRIGGERS: review the code, audit this branch, check this PR, find bugs, code review, review my changes. SOURCE: garrytan/gstack/review, integrated as gs-review on 2026-05-29.

Audita el juego en busca de vulnerabilidades de seguridad, como manipulación de partidas guardadas, vectores de trampas, exploits de red, exposición de datos y brechas de validación de entrada. Produce un informe de seguridad priorizado con orientación de remediación, recomendado antes de cualquier lanzamiento público o multijugador.

Google Play preflight from source evidence. Evaluates target SDK posture, foreground service declarations, permission surface, and obvious policy red flags without claiming full Play Console compliance. Triggers on: "play store", "target SDK", "data safety", "foreground service", "play policy".

Chief Security Officer security audit - OWASP Top 10 plus STRIDE threat modeling. CARL TRIGGERS: security audit, OWASP audit, STRIDE, vulnerability check, security review, threat model, pen test mindset. SOURCE: garrytan/gstack/cso, integrated as gs-cso on 2026-05-29.

Strategic Android improvement roadmap. 4-phase plan with app-type specific templates for social, ecommerce, fintech, health/fitness, productivity apps. Triggers on: "android plan", "android strategy", "android roadmap", "improvement plan".