robot-tools

Multi-agent security vulnerability analysis with adversarial verification and ICD 203 analytic standards. Orchestrates 5 parallel finder agents, cross-model adversarial verification (Claude + Codex), and deterministic validation to analyze vulnerability reports with CWE-specific procedures, confirmation bias mitigation, and structured evidence quality assessment. Use when receiving vulnerability reports, security disclosures, bug bounty submissions, or when needing to assess and remediate security issues.

Preservation-first forensic evidence collection and analysis for Vercel security incidents (OAuth supply-chain compromise, env-var exposure, audit-log triage). Produces a frozen evidence directory, an 8-section findings report, and a rotation-worklist CSV for downstream rotation tooling. Strictly read-only. Never rotates, revokes, deletes, or redeploys. The banned-ops list is absolute. Rotation is handed off to subinium/vercel-incident-toolkit Flow C or codyhxyz/metapod-harden `/rotate-vercel-env <KEY>` using this skill's CSV as input. Use this skill when: (1) Vercel publishes a security incident and you need to assess exposure across your team / account / linked GitHub org. (2) A customer suspects env-var exposure and wants an evidence bundle plus prioritized rotation worklist by lunch Monday. (3) Audit-log triage across Vercel activity + GitHub audit log is needed without contaminating the very log under investigation. (4) Forensic handoff to a rotation tool is required — this skill produces

Vanta compliance platform operations — posture analysis, audit readiness, vulnerability management, personnel compliance, and flexible reporting. Complements the official vanta-mcp-plugin with analysis workflows, direct API access for write operations, and reporting capabilities not available in the Vanta UI. 50% compliance analysis/reporting, 30% API operations, 20% workflow orchestration. Use this skill when users need to: (1) Assess compliance posture across frameworks (gap analysis, control coverage, cross-framework overlap) (2) Prepare for audits (readiness checklist, missing evidence, policy expiry, personnel compliance) (3) Track and triage vulnerabilities with SLA awareness (approaching deadlines, missed SLAs, severity breakdown) (4) Monitor personnel compliance (overdue training, policy acceptance, deactivated personnel in scope) (5) Generate compliance reports and executive summaries (posture, readiness, vulnerability SLA, personnel, custom) (6) Perform bulk low-risk operations

Three-layer Stop hook that detects and blocks work-skipping rationalizations by Claude Code agents. Prevents agents from unilaterally deciding to skip assigned work, bypass mandatory processes, or cite unverified context constraints as justification for shortcuts. Layer 1: Deterministic regex detection of known laziness phrases (Tiers 1-2) Layer 2: Haiku-evaluated internal contradiction detection (Tier 4) Layer 3: Context-aware agent verification — auto-activates when plans/tasks exist (Tier 5) This is a passive hook — it activates automatically when the plugin is enabled. No slash command needed. The hook fires on every Stop event and only blocks when laziness patterns are detected.

Docker Sandboxes (sbx CLI) — run AI coding agents in isolated microVM environments with credential proxying, network policy enforcement, and custom templates. Covers Claude Code, Codex, Copilot, and Gemini agents. Compatible with Rancher Desktop (Docker Desktop not required). Use this skill when users need to: (1) Install, configure, or authenticate with the sbx CLI (2) Create, run, stop, or remove sandboxed agent sessions (3) Configure credentials, secrets, or API keys for sandboxed agents (4) Understand the security model (microVM, proxy, network policies) (5) Build custom sandbox templates or customize environments (6) Troubleshoot sandbox issues (clock drift, port forwarding, connectivity) (7) Use branch mode, multi-workspace, or reconnection workflows (8) Set up specific agents (Claude Code, Codex, Copilot, Gemini) in sandboxes (9) Use 1Password CLI (op) for zero-disk-footprint secret injection

Codebase flow analysis for dependency visualization, impact assessment, and health scoring. Use PROACTIVELY when users need: (1) Dependency/import analysis ("what imports this?", "dependency graph", "module relationships") (2) Blast radius/impact analysis ("if I change X", "what's affected", "impact of modifying") (3) Code health scoring ("codebase health", "health grade", "technical debt score") (4) Execution flow tracing ("trace through", "call path", "how does data flow") (5) Dead code detection ("unused exports", "safe to delete", "orphan code") (6) Comprehensive analysis ("full analysis", "analyze this codebase") NOTE: For security scanning, defer to security-sentinel. For design patterns, defer to pattern-recognition-specialist. For architecture compliance, defer to architecture-strategist.

World-expert deep technical research agent for AI-enabled software development. Use PROACTIVELY when users need: (1) Deep research on AI/ML development topics (RAG, agents, LLMs, embeddings, vector DBs, prompt engineering, fine-tuning) (2) Technical consultation on AI architectures, tool selection, or implementation approaches (3) Implementation guidance with production-ready patterns and best practices (4) Comparative analysis of AI frameworks, models, or services (5) Current state-of-the-art analysis with authoritative citations

Discover trending AI tools, news, and insights from influential developers and AI advocates on Twitter/X using Bird CLI. Use PROACTIVELY when users need: (1) AI-related tweets, tools, or discussions from Twitter (2) What influential AI developers are currently talking about (3) AI news and trends from social media (4) Developer sentiment on AI tools and frameworks (5) New AI projects being shared on Twitter This is a READ-ONLY skill - no posting, liking, or account modifications.

Prepare Claude Code skills, agents, or collections for open-source sharing on GitHub. Supports two modes: (1) Standalone repo creation, or (2) Marketplace integration into existing plugin repos. Use when: - "prepare for open source", "open source this skill" - "upload skill to github", "share this agent" - "add to marketplace", "add to robot-tools" - "create repo for skill", "package for sharing" - User has a skill directory, agent file, or collection to share

GitHub Actions security hardening, configuration best practices, and vulnerability detection. Covers workflow syntax, trigger security, permission management, secrets handling, OIDC federation, supply chain protection, self-hosted runner hardening, attack pattern recognition, and security scanning tool rules. 60% security/hardening content, 40% implementation/configuration guidance. Use this skill when users need to: (1) Harden GitHub Actions workflows against injection, supply chain, or privilege escalation attacks (2) Configure workflow permissions, secrets, OIDC, or environment protection rules securely (3) Understand dangerous workflow patterns (pull_request_target + checkout, workflow_run artifact poisoning, script injection via ${{ }}) (4) Choose or configure security scanning tools (zizmor, scorecard, actionlint, poutine, harden-runner, Raven) (5) Respond to supply chain incidents (tj-actions, reviewdog, compromised action tags) (6) Audit workflows for OWASP CI/CD risks, CIS bench

Capture and distill knowledge from URLs into structured markdown notes. Supports web articles, YouTube videos, and Twitter/X posts. Extracts content using the best available tool, synthesizes key insights via a sandboxed sub-agent, generates YAML frontmatter with auto-suggested tags, and saves to a configured directory. Optionally integrates with Obsidian for direct vault linking. Use this skill when users want to: (1) Save/capture/distill a URL to a structured note (2) Create knowledge base entries from web content (3) Capture YouTube video transcripts as notes (4) Save Twitter threads as structured summaries (5) Build an Obsidian vault or markdown knowledge base from web sources For saving/distilling a specific URL to a note, use kcap. For browsing, discovering, or searching AI tweets, use ai-twitter-radar instead.

GitHub Agentic Workflows (gh-aw) — write AI-powered automation workflows in natural-language markdown that compile to secure GitHub Actions. Supports Copilot, Claude, and Codex engines with safe-output guardrails, MCP tool integration, and sandboxed execution. Use this skill when users need to: (1) Install or set up gh-aw in a repository (2) Create, edit, or compile agentic workflow markdown files (3) Configure triggers, schedules, safe outputs, tools, or MCP servers (4) Switch AI engines (Copilot, Claude, Codex) or configure engine options (5) Troubleshoot workflow failures, compilation errors, or permission issues (6) Understand gh-aw patterns (ChatOps, DailyOps, IssueOps, etc.) (7) Configure security: permissions, network rules, sandbox, threat detection (8) Use advanced features: memory, imports, orchestration, cross-repo ops

Catalog GitHub starred repositories into a structured Obsidian vault with AI-synthesized summaries, normalized topic taxonomy, graph-optimized wikilinks, and Obsidian Bases (.base) index files for filtered views. Fetches repo metadata and READMEs via gh CLI, classifies repos into categories and normalized topics, generates individual repo notes with frontmatter, and creates hub notes for categories/topics/authors that serve as graph-view connection points. Use this skill when users want to: (1) Catalog or index their GitHub stars into Obsidian (2) Create a searchable knowledge base from starred repos (3) Organize and discover patterns in their GitHub stars (4) Export GitHub stars as structured markdown notes (5) Build a graph of starred repos by topic, language, or author For saving/distilling a specific URL to a note, use kcap instead. For browsing AI tweets, use ai-twitter-radar instead.

Validates plugin manifest consistency, README cross-references, SKILL.md frontmatter, and version sync across the robot-tools monorepo. Has two modes: - Validate mode: checks and reports pass/warn/fail (default) - Release prep mode: validates, walks through version bumping, re-validates, summarizes for commit Claude should proactively suggest release-prep mode when a development session that added or modified plugin content appears to be wrapping up.

Safe skill installation with supply chain security scanning. Wraps Cisco skill-scanner to vet skills before installation. Supports GitHub repos, skills.sh (npx), Claude marketplace plugins, and local paths. Configurable scan depth with static and behavioral analysis by default. Uses GitHub archive downloads to avoid git execution risks, with hardened git clone fallback. Security decisions are made by a deterministic wrapper script, not the LLM agent.

Investigate GitHub secret scanning alerts to trace provenance, gather context, assess risk, and produce a structured report for security professionals. Handles one or more alerts in a single investigation using only open-source tools.

Multi-stage implementation review with parallel sub-agents, severity-based autonomous fixes, and gated test verification. Runs code quality, architecture, simplicity, documentation, and security reviews in sequence with test gates between each fix stage. Security review is blocked until all other fixes are complete. Use after completing a feature, implementation phase, or release candidate. Supports scope modes: full, code-only, security, simplicity, docs.

Pre-flight verification checklist for research tasks. Use DURING research when gathering information about external systems, APIs, registries, or configurations. Prevents assumptions from becoming errors. Apply before finalizing plans or documentation.

Iterative reflection, research, and improvement skill for extracting actionable learnings from any Claude Code session. Use after longer sessions to capture process improvements, project improvements, or both. Produces agent-ready context documents for future implementation.