适用于安全审计、认证流程、漏洞检测和合规检查的安全技能,服务 AI 辅助开发场景。
这个技能目录把可安装的 AI Agent 技能集中在一起,方便你按搜索、分类、主题和官方来源快速筛选,并直接安装到 Claude Code、Cursor、Windsurf 等环境。
ENFORCEMENT tool that detects when Skills automation is duplicated in agent definitions, lessons learned, or process docs. Prevents single source of truth nightmare by finding bash commands, step-by-step procedures, or process descriptions that replicate Skills. BLOCKING AUTHORITY - workflow cannot complete with violations.
Expert Data Protection Officer (Datenschutzbeauftragter) with deep knowledge of EU GDPR (DSGVO), German BDSG, and ISO 27701:2025/2019 (PIMS). Specializes in smart integration with existing ISMS infrastructure using Data Reuse principles. Automatically activated when user asks about data protection, privacy, GDPR/DSGVO, BDSG, personal data, DPIA/DSFA, consent, data subject rights, ISO 27701, PIMS, or data breaches.
Expert iOS App Store submission and approval system. 9 specialized agents providing senior App Review Team-level expertise across compliance, design, privacy, monetization, metadata, technical requirements, timing, rejection recovery, and learning. Triggers on keywords like app store, iOS submission, apple review, app rejection, aso, privacy manifest, privacy labels, ATT, iap, in-app purchase, subscription, storekit, review guidelines, HIG, testflight, app store connect.
Create single-file commands with dynamic content injection (@path and !command). Use when building commands that need filesystem access, git state, runtime context, or argument handling with $1 placeholders. Includes @file injection, !shell execution, <injected_content> wrappers, and single-file structure patterns. Not for skills (use skill-development) or audit workflows.
Rules and best practices for building a Next.js starter app with Supabase (auth, profiles, RLS, declarative schemas, setup script). Use when working on Next.js + Supabase integration, authentication, migrations, or this starter app codebase.
Skill for integrating Better Auth - the comprehensive TypeScript authentication framework.
Synchronizes socket-btm with upstream Node.js by updating the submodule to latest tag, updating `.node-version`, regenerating patches, validating build and tests. Use when updating to new Node.js releases, applying security patches, or maintaining upstream synchronization.
Skill for integrating Better Auth - the comprehensive TypeScript authentication framework.
Guide for performing secure web searches with privacy protection, source verification, and information validation. Use when the user wants to search the web securely, verify sources, fact-check information, or mentions secure search, privacy, source validation, or web research.
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit code on the current branch.
Use when creating HTML email templates with React components - welcome emails, password resets, notifications, order confirmations, newsletters, or transactional emails.
Edit blog posts and book reviews. Use `/copyedit grammar` for spelling/grammar only, or `/copyedit polish` for fuller editing. Preserves the authors voice and style.