n8n-validation-expert
Interpret validation errors and guide fixing them. Use when encountering validation errors, validation warnings, false positives, operator structure issues, or need help understanding validation results. Also use when asking about validation profiles, error types, or the validation loop process.
implementing-file-integrity-monitoring-with-aide
Configure AIDE (Advanced Intrusion Detection Environment) for file integrity monitoring including baseline creation, scheduled integrity checks, change detection, and alerting
performing-false-positive-reduction-in-siem
Perform systematic SIEM false positive reduction through rule tuning, threshold adjustment, correlation refinement, and threat intelligence enrichment to combat alert fatigue.
prioritizing-vulnerabilities-with-cvss-scoring
The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum of Incident Response and Security Teams) for assessing vulnerability severity. CVSS v4.0 (r
pierre-guard
Guard against breaking the @pierre/diffs integration in Plannotator's code review UI. Use this skill whenever modifying DiffViewer.tsx, upgrading the @pierre/diffs package, changing unsafeCSS injection, adding new props to FileDiff, or touching shadow DOM selectors or CSS variables that cross into Pierre's shadow boundary. Also trigger when someone asks "will this break the diff viewer", "is this safe to change", or when reviewing PRs that touch the review-editor package.
hefestoai-auditor
Static code analysis tool. Detects security vulnerabilities, code smells, and complexity issues across 17 languages. All analysis runs locally — no code leaves your machine.
review
Pre-landing PR review. Analyzes diff against the base branch for SQL safety, race conditions, LLM trust boundaries, conditional side effects, and structural issues that tests don't catch. Use when: "review this PR", "code review", "pre-landing review", "check my diff", "review my changes".
claude-code-cli
Delegate coding tasks to Claude Code CLI via background process. Use when: building features, reviewing PRs, refactoring codebases, or iterative coding that needs file exploration. Supports interactive PTY mode for confirmations/permissions and headless pipe mode for automation. NOT for: simple one-liner fixes (just edit), reading code (use read tool), or any work in ~/.openclaw/ workspace.
hooks-eval
Evaluate hook security, performance, and SDK compliance. Use for audits
security-sentinel
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
pr-comment-fix
按 GitCode PR 检视意见修改代码。需 GITCODE_TOKEN。Use when 用户要修改 PR 检视意见。
openclaw-json-editing
Advanced JSON editing for OpenClaw configuration files, tools, and data structures. Handles JSON5 configs, schema validation, merge patching, env var substitution, and type-safe modifications.
superpowers-receiving-code-review
Use when receiving code review feedback - requires technical verification before implementing suggestions, with reasoned pushback when feedback is technically questionable; no performative agreement
skill-creator-plus
创建、编辑、优化或审查 OpenClaw AgentSkills 技能。提供完整的工作流程指引:技能结构设计、frontmatter 规范、_meta.json 格式、ClawHub scanner 规则、渐进式披露设计、validation checklist 及发布流程。适用于从零创建新技能或改进现有技能。输出:SKILL.md + _meta.json。
superpowers-verification
Use when about to claim any work is complete, fixed, passing, or successful - requires running fresh verification commands and reading actual output before making any success claims; evidence before assertions always
lean-claude-code-harness
Use when building, auditing, or simplifying an AI coding-agent harness, especially when the current runtime has unclear config precedence, weak tool permissions, hidden product-only behavior, or poor transcriptability.
code-quality-guard
Professional pre-deployment code review and quality enforcement. Ensures imports are valid, tags are closed, and logic follows best practices before announcing a build is live.
aws-wechat-article-review
审核公众号文章,检查敏感词、错别字、合规性和写作规范,输出修改清单。当用户提到「审稿」「审核」「检查一下」「校对」「合规」「敏感词」「错别字」「帮我看看」「写完了」「检查下有没有问题」「能不能发」时使用。
vynn-backtester
Run trading strategy backtests with natural language — powered by Vynn
double-check
在修改任何文件后(包括删除功能),自动进行两次独立验证(测试/编译/运行检查/文档或配置检查),确保无误才结束。本技能应默认应用于所有文件修改任务。 / After any file changes (including feature removal), automatically perform two independent verifications (tests/compilation/runtime checks/docs or config checks) to ensure correctness. This skill should be applied by default to any file modification task.