Explorar skills

Security policy for iOS apps. Enforces OWASP Top 10, Mobile Top 10, and CWE Top 25 mitigations.

Review MERN code for compliance with standards, NFRs, and security policy.

Read-only audit dispatch for the active feature on the requested axis — security (OWASP, trust boundary, secrets), perf (measure-first, N+1, CWV), or simplify (Chesterton's Fence, deletion test). Use when the user says "security review", "is this safe", "is this fast enough", "perf check", "N+1", "simplify this", "Chesterton's Fence". Not for write actions or whole-project audits.

Security policy for NEAN apps. Enforces OWASP Top 10 and CWE Top 25 mitigations.

Security output format, core refusal policy, and purpose statement shared across all platforms.

This skill should be used when the user asks to "install a package", "add a dependency", "check for vulnerabilities", "audit dependencies", or mentions "npm install", "pip install", "composer require", "yarn add", "pnpm add", "check vulnerability", "audit dependencies". Provides dependency security and version management by intercepting package installs to enforce latest versions and block vulnera

Codify security hardening into reusable Ansible roles — CrowdSec IDS, fail2ban, auditd, Tailscale VPN, Semaphore UI, scoped sudoers, systemd sandboxing, and UFW firewall management. Trigger on: "harden with Ansible", "Ansible security", "CrowdSec role", "fail2ban role", "auditd role", "Tailscale Ansible", "Semaphore role", "sudoers role", "security playbook", "fleet hardening", or any request to a

budi token/cost analytics for Claude Code — dashboard access, CLI queries, cost analysis patterns, session tracking. Trigger on: "budi", "token cost", "how much did that cost", "session cost", "spending", "token analytics", "cost dashboard", "usage stats", or any question about Claude Code token consumption or spending patterns.

Convert Claude Code skills to Cursor-compatible rules (.mdc/.md files) for sharing or use in Cursor workspaces. Does NOT modify local Claude Code setup — outputs go to a separate repo. Trigger on: "convert to cursor", "cursor rules", "port to cursor", ".mdc", "cursor format", or any request to export skills for Cursor users.

Deep code quality analysis: performance (Big-O, hot paths, resource management), security (injection, secrets, auth, input validation), testability (coverage gaps, untestable design, DI), architecture (SOLID, coupling, abstraction leaks, layering). Language-agnostic with language-specific patterns from references. Trigger on: "code quality", "performance audit", "security review", "OWASP", "SOLID"

Cross-reference all CLAUDE.md files, memory files, skill descriptions, and project registries for contradictions, stale data, and inconsistencies. Trigger on "check for contradictions", "audit configs", "config consistency", "are my configs consistent", or any request to verify configuration coherence across Project Swarm.

Run risky or destructive operations inside ephemeral Docker containers for isolation. Use when executing untrusted scripts, destructive Ansible playbooks, or operations that could damage the host.