Explorar skills
4.610 skills encontradas
Alerta por categoria
Receba novas skills de Segurança toda segunda
make-harness
Usado para configurar, instalar, auditar, atualizar, reparar ou sincronizar um 'AI harness' local do projeto para o repositório atual. A ferramenta inspeciona o repositório, realiza uma breve entrevista para definir padrões e guardrails, e então cria ou atualiza os arquivos AGENTS.md, CLAUDE.md, GEMINI.md, PROJECT_HARNESS.md, harness-contract.json e harness-runtime.json.
security-auditor
脅威モデル・認可・データフロー・設計リスクの観点からセキュリティ監査を行う。新機能の設計時、外部接点を変更するとき、認証・認可・データ扱いに触れるときに使う。
timing-analysis
Market timing and entry window assessment for bootstrapped founders. Evaluates whether the moment is right — strategic inflection points, adoption stage, buyer behavior shifts, regulatory catalysts, incumbent vulnerability windows, and bootstrapper timing fit. Use when user runs `/timing-analysis`, asks about "why now", "market timing", "is it too late", "is it too early", "entry window", "inflect
prompt-audit
Audit a prompt the user is about to send to Claude (or another coding AI) for completeness and effectiveness. Use this skill whenever the user shares a prompt and asks for feedback — phrases like "is this prompt good", "audit my prompt", "review this prompt", "will Claude understand this", "improve this prompt", "is this enough context". Also trigger proactively when you notice the user is about t
test-coverage
Run the test-coverage-mapper reducer subagent over the per-node enrichment sidecars + actual test files in the target repo. Verifies sidecar-claimed test files exist; surfaces uncovered behaviours as TEST-GAP-NNN candidates ranked by node criticality (anchored on concepts.yaml's security/performance aggregates); cross-references with `doc-gaps.md` for double-jeopardy findings (undocumented AND unt
context-to-capability-framework
Explain or apply a general operating model that turns messy requests and unfamiliar domains into reusable, adopted capabilities through clarification, context engineering, reuse, composition, hardening, and adoption.
security-audit
Audit code for security vulnerabilities. Use when the user says "security-audit", "security check", "is this secure", "audit for vulnerabilities", or before any public deployment. Covers OWASP Top 10 and common API/backend attack surfaces.
util-review
Review Claude Code skills, hooks, CLAUDE.md files, scripts, or workflow configurations for design flaws, unclosed loops, stale references, side effects, security risks, and portability issues. Use when: 'review this skill', 'audit this hook', '/util-review', 'check this config', or when evaluating any supplementary Claude Code artifact for quality and correctness.
a11y-audit-agent-skill
Skill de auditoria de acessibilidade para aplicativos web que combina varredura automatizada, verificação manual e relatórios WCAG prontos para remediação.
AIUC-1 Assessor
Assess AI agent systems for readiness against the AIUC-1 security, safety, and reliability standard. Produces gap analyses, evidence checklists, and prioritized remediation plans.
neobank-positioning-engine-skill
Analisa o posicionamento de neobancos de criptomoedas em relação aos concorrentes, encontra território inexplorado e gera uma estrutura de mensagens. Use quando um neobanco precisa se diferenciar ou ao auditar o posicionamento de um prospect.
nuget-package-management
Manage NuGet packages using Central Package Management (CPM) and dotnet CLI. Never edit .csproj or Directory.Packages.props XML directly - use dotnet add/remove/list commands. Use shared version variables for related packages. Covers workspaces, security audits, and version management.