en un clic
pablo
pablo contient 8 skills collectées depuis pablo-health, avec une couverture métier par dépôt et des pages de détail sur le site.
Skills dans ce dépôt
Scan route handlers for PHI-touching routes that don't inject or call AuditService. Use when the user asks to audit the HIPAA audit-logging guardrail, says "run /audit-coverage-check", or adds new routes under /patients, /sessions, /appointments, /notes, /transcript, /audio, /soap, /resolve-client, /import-clients.
Weekly human-in-the-loop review of the latest automated pentest report. Pulls the newest report from pablohealth-oss GCS, summarizes findings, offers to open it, then publishes to docs/pentest/ and pablo-marketing/public/security.html via PR. Use when the user says "run /review-pentest", asks to review this week's pentest, or wants to publish the latest pentest report.
Run the owner-authorized weekly pentest on the deployed Pablo app (Cloud Run + Firebase + Cloud SQL). Use when the user asks for a pentest, security test, HIPAA review of the live deployment, or says "run /pentest".
Verify that every RLS-forced tenant table (any table with user_id, patient_id, or id column that is not in not_row_scoped) is covered by the RLS invariant suite and that no tenant table would be left unclassified (deny-all) by enable_rls_on_schema. Use when the user says "rls coverage", adds or alters a table in backend/app/db/models.py, asks about "has_patient_access" enforcement or the "fail-closed registry", or wants to check "new tenant table" safety before pushing.
Run the owner-authorized weekly pentest on the deployed Pablo app (Cloud Run + Firebase + Cloud SQL). Use when the user asks for a pentest, security test, HIPAA review of the live deployment, or says "run /pentest".
Verify every SQLAlchemy model change ships with a matching Alembic migration in the same commit. Use when the user says "run /migration-lint", is about to push a change to backend/app/db/models.py or platform_models.py, or asks why CI is complaining about model drift.
Find logger / print / structlog calls in backend/app/ that reference PHI field names. Use when the user says "run /phi-log-scan", worries a new log line might leak PHI, or is reviewing a CI failure about PHI in stdout. Intentional AuditService calls are excluded.
Structured scan for AI-slop code patterns across backend + frontend. Use when the user says "run /slop-sweep", asks to review recent diffs for AI-generated cruft, or wants to sweep the tree for banner comments / as-unknown-as casts / stacked any-suppressions / mock-data imports in production.