بنقرة واحدة
website
Build fast, accessible, and SEO-friendly websites with modern best practices.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Build fast, accessible, and SEO-friendly websites with modern best practices.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Use when the user wants to design, redesign, shape, critique, audit, polish, clarify, distill, harden, optimize, adapt, animate, colorize, extract, or otherwise improve a frontend interface. Covers websites, landing pages, dashboards, product UI, app shells, components, forms, settings, onboarding, and empty states. Handles UX review, visual hierarchy, information architecture, cognitive load, accessibility, performance, responsive behavior, theming, anti-patterns, typography, fonts, spacing, layout, alignment, color, motion, micro-interactions, UX copy, error states, edge cases, i18n, and reusable design systems or tokens. Also use for bland designs that need to become bolder or more delightful, loud designs that should become quieter, live browser iteration on UI elements, or ambitious visual effects that should feel technically extraordinary. Not for backend-only or non-UI tasks.
Audit AI agent configurations for security risks — excessive permissions, prompt injection surfaces, data exfiltration paths, and missing guardrails. Use when reviewing CLAUDE.md files, MCP configs, agent orchestration code, or any AI agent setup.
Assess agentic AI applications against the OWASP Top 10 for Agentic Applications 2026. Use when reviewing autonomous AI agents, multi-agent systems, or agentic workflows for security risks including goal hijacking, tool misuse, privilege abuse, and rogue agent behavior.
Comprehensive API security review against OWASP API Security Top 10 (2023). Use when reviewing OpenAPI/Swagger specs, auditing REST/GraphQL/gRPC implementations, testing authentication mechanisms, or checking API gateway configurations. Covers BOLA/IDOR, broken auth, mass assignment, rate limiting, SSRF, and more with real-world attack scenarios.
Security-focused code review mapped to OWASP Top 10 and ASVS. Use when reviewing pull requests, auditing files or modules for vulnerabilities, or performing pre-merge security gate checks. Covers injection, auth, authorization, cryptography, data exposure, misconfiguration, and deserialization.
Security review of Infrastructure-as-Code (Terraform, Kubernetes, CloudFormation). Use when reviewing IaC files for misconfigurations, overpermissioning, exposed resources, missing encryption, secrets in code, and supply chain risks. Covers CIS benchmarks and cloud security best practices.
| name | website |
| description | Build fast, accessible, and SEO-friendly websites with modern best practices. |
<head>, defer the restasync or defer, audit regularlyfont-display: swap and preload critical fontsmin-width media queries — easier to scale up than strip downviewport meta tag is required: <meta name="viewport" content="width=device-width, initial-scale=1"><img> needs alt text — empty alt="" for decorative images, descriptive text for meaningful ones<label> elements — placeholders alone are not accessible<h1> per page only — it's the page title, not a styling tool<nav>, <main>, <article>, <aside>, <footer> — they communicate structure to browsers and assistive tech<button> for actions, <a> for navigation — don't use divs with click handlersrel="noopener" — prevents security vulnerability with target="_blank"!important — it breaks cascade and makes debugging painful. Fix specificity insteadrem, em, %) over fixed px for text — respects user font size preferences<html lang="en"> breaks screen reader pronunciationhttp:// links break on HTTPS sites — use protocol-relative // or always https://@media print for pages users might print (receipts, articles)