Proactively hunt for adversary abuse of legitimate system binaries (LOLBins) to execute malicious payloads while

'Implementing Microsoft Defender for Cloud to enable cloud security posture management, workload protection across

'Deploys remote browser isolation (RBI) as a core component of a Zero Trust architecture. Implements isolation

'Implementing AWS CloudTrail log analysis for security monitoring, threat detection, and forensic investigation

'Implements cloud workload protection using boto3 and google-cloud APIs for runtime security monitoring, process

Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware

'Implementing and auditing GCP VPC firewall rules to enforce network segmentation, restrict ingress and egress

Design and implement network segmentation using firewall security zones, VLANs, ACLs, and microsegmentation policies

'This skill covers deploying HashiCorp Vault for centralized secrets management across cloud environments, including

Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment

'Implements security monitoring using Datadog Cloud SIEM, Cloud Security Management (CSM), and Workload Protection

Implement a structured threat intelligence lifecycle encompassing planning, collection, processing, analysis,

'Investigates insider threat indicators including data exfiltration attempts, unauthorized access patterns, policy

'Performs automated static analysis of Android applications using Mobile Security Framework (MobSF) to identify

Deploy and operate CAPEv2 sandbox for automated malware analysis with behavioral monitoring, payload extraction,

Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords

'Performs firmware image extraction and analysis using binwalk to identify embedded filesystems, compressed archives,

Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration,

Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise

Acquire and analyze mobile device data using Cellebrite UFED and open-source tools to extract communications,

Capture and analyze network traffic using Wireshark and tshark to reconstruct network events, extract artifacts,

Automate credential rotation for service accounts across Active Directory, cloud platforms, and application databases

'Reverse engineers iOS applications using Frida dynamic instrumentation to understand internal logic, extract

'This skill covers integrating Aqua Security''s Trivy scanner into CI/CD pipelines for comprehensive container

'This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce

'This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application

'Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image

'This skill covers security hardening for serverless compute platforms including AWS Lambda, Azure Functions,

IMMEDIATELY USE THIS SKILL when creating or develop anything and before writing code or implementation plans - refines rough ideas into fully-formed designs through structured Socratic questioning, alternative exploration, and incremental validation

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.

MUST be used for Vue.js tasks. Strongly recommends Composition API with `<script setup>` and TypeScript as the standard approach. Covers Vue 3, SSR, Volar, vue-tsc. Load for any Vue, .vue files, Vue Router, Pinia, or Vite with Vue work. ALWAYS use Composition API unless the project explicitly requires Options API.

<!--

This exported skill uses `AGENTS.md` only as a local repo-root marker for bundled helper scripts.

This file documents how this AI Persona operates—the rules learned through practice, patterns that work, and lessons that became doctrine.

从PDF报价单中提取产品信息（型号、数量、价格、币种、图片）。当用户需要从PDF报价单或产品目录中提取结构化产品数据时使用，特别适用于电商产品列表或价格表。

Multi-platform Order Profit Calculator — upload order exports from any e-commerce platform or ERP, get instant profit reports by order, store, SKU, and platform.

InvoiceGuard · Invoice Compliance Guardian — AI-driven invoice deduplication, verification, and compliance report generation. Handles: invoice upload/scan recognition, duplicate detection (AI deduplication), official tax authority verification (Golden Tax Phase 4), compliance report generation (Cai Hui Ban [2023] No.18), and batch invoice processing. Trigger: invoice, duplicate, reimbursement, compliance, fake invoice, verification, OFD, PDF invoice.

Chinese Calendar with Lunar-Solar Conversion

Interact with X.com (Twitter) via Tavily web search and extraction. Search tweets, extract content from linked URLs, monitor accounts and topics. Requires Tavily API key (free tier works).

根据用户粘贴的录音转写文本，提炼企业内部培训总纲（模块→课时→要点→案例→练习→作业），并支持按 lesson 逐步扩写为细致培训文档。

MicroPython on-device algorithms — PID controller, moving average, Kalman filter, state machine, task scheduler, data logger.

Complete Open WebUI API integration for managing LLM models, chat completions, Ollama proxy operations, file uploads, knowledge bases (RAG), image generation, audio processing, and pipelines. Use this skill when interacting with Open WebUI instances via REST API - listing models, chatting with LLMs, uploading files for RAG, managing knowledge collections, or executing Ollama commands through the Open WebUI proxy. Requires OPENWEBUI_URL and OPENWEBUI_TOKEN environment variables or explicit parameters.

Research trending topics, ideas, and conversations on X (Twitter) using twitterapi.io.

Download images and videos from X (Twitter) posts to ~/Downloads. Use when user shares an X/Twitter link and wants to save media, or says '下载', 'download', '保存图片', '保存视频', or provides a x.com/twitter.com URL with intent to download media.

>

content-parser

AI-assisted disk space scanner and cleaner. Finds reclaimable space (node_modules, build caches, package caches, downloads, Docker, Xcode, logs) and intelligently cleans safe items with strict guardrails.

Build high-quality collaborative worlds in Doppel. Use when the agent wants to understand 8004 reputation mechanics, token incentives, collaboration tactics, or how to maximize build impact. Covers streaks, theme adherence, and the rep-to-token pipeline.

AI恋爱模拟器 - 让你的 Agent 成为懂你的灵魂伴侣 💕

Manage LinkedIn outreach leads from Google Sheets — search by name, read live conversation threads, update status, and send contextual follow-up messages. Use after linkedin-dm to move leads through the pipeline (Sent → Replied → Call Scheduled → Demo Done → Closed).