원클릭으로
kms
kms에는 Cosmian에서 수집한 skills 22개가 있으며, 저장소 수준 직업 범위와 사이트 내 skill 상세 페이지를 제공합니다.
이 저장소의 skills
Write the next version entry at the top of CHANGELOG.md by summarizing all changes since the last tagged release. Use when preparing release notes.
Audit GitHub Actions workflows for efficiency and recommend fixes to reduce CI minutes and costs. Use when asked to improve CI performance.
Fix CI failures in a loop until all GitHub workflow runs on the current branch are green. Use when CI is failing and needs automated repair.
AI-powered security scanner — OWASP Top 10, CWE Top 25, KMIP authorization, FIPS gating, memory safety, side-channel, supply chain, and 20 vulnerability families. Use when asked to review code security, audit KMIP access control, or scan for vulnerabilities.
Comprehensive cryptographic audit: FIPS 140-3, BSI TR-02102, ANSSI, NIST SP 800-series compliance, algorithm allow-list, key sizes, feature-flag gating, OpenSSL provider init, key lifecycle, multi-standard matrix, and academic cryptanalysis cross-check. Use when touching crate/crypto/, algorithm selection, or key management code.
Comprehensive security audit orchestrator: invokes /security-review, /cryptography-review, /threat-model, and /standards-review in sequence. Produces a unified go/no-go report. Use for full security audit before release or after significant changes.
Release readiness gate: runs all AI audit skills in sequence and produces a go/no-go report. Use before triggering the release workflow.
Verify code and protocol implementations against the exact text of applicable standards (FIPS, NIST SP, RFC, KMIP, PKCS, BSI, ANSSI, OWASP). Every citation is URL-verified — no hallucinated section numbers. Use when checking standards compliance or before a compliance audit.
Create an Architectural Decision Record (ADR) under documentation/docs/adr/. Use when making or documenting an architectural decision.
Run a comprehensive code quality audit on Rust code: find duplication, check design patterns, enforce Clippy zero-warnings, and review CI efficiency. Use before a PR or when you want to improve code quality.
Diátaxis documentation expert for the KMS docs site. Creates tutorials, how-to guides, reference pages, and explanations. Use when writing or updating documentation.
Validate a KMIP operation against the KMIP 2.1 spec, dispatch table, and type definitions. Use when adding or modifying a KMIP operation.
Create or update the branch CHANGELOG entry. Use when writing a changelog entry for this branch.
Auto-detect changed files via git diff and emit only the applicable AGENTS.md synchronization sub-rules as a checklist. Use after every code change.
Walk through the full KMS test vector creation workflow: directory, manifest.toml, TTLV steps, vector_runner.rs registration, README count. Use when creating test vectors.
Implement a new REST endpoint following sync rule 4.2: handler, routes/mod.rs, start_kms_server.rs with LIFO middleware, openapi.yaml, validation tests. Use when adding a new REST endpoint.
Create Playwright E2E tests for the KMS Web UI following project conventions: data-testid, Ant Design Select helpers, regex assertions, FIPS skips. Use when adding E2E tests.
React 19 + Ant Design 5 + Tailwind 4 + Vite 7 patterns for the KMS Web UI: WASM integration, FIPS guards, data-testid placement, Playwright companion. Use as a reference for UI development patterns.
Plan a multi-file Rust refactor safely: investigate, plan, confirm, implement. Use before any multi-file refactor.
KMS-specific Rust design patterns: newtype wrappers, builder config, command pattern for KMIP ops, trait-based HSM/DB abstraction, key lifecycle state machine. Use as a reference for Rust patterns in this codebase.
Find duplication in Rust code and consolidate it using Traits, Generics, shared functions, and macros. Use when asked to reduce Rust code duplication.
STRIDE-A threat model analysis for the Cosmian KMS. Two modes: full analysis or incremental update. Use when asked to perform a threat model, generate a DFD, or update threat analysis.