- 📁 references/
- 📄 mcp-tool-descriptions-draft.md
- 📄 SKILL.md
Find official portals, APIs, and download paths for authoritative primary data sources (governments, international organizations, research institutions, etc.). Use when users need to know "where to find this data from an official source", "which source is more authoritative", or "how to cite primary data". Covers 1000+ global data sources with authority comparison and site navigation guidance.
Reviews Azure API Management configurations for security vulnerabilities, OWASP API Security Top 10 compliance, VNet Internal mode validation, Private Link verification, and Azure Security Benchmark alignment. Use when performing security audits, pre-deployment validation, or compliance reviews.
- 📄 SKILL.md
- 📄 svg-widgets.yaml
Use this skill when asked to audit, assess, or report on AI agent security posture across Copilot Studio and Microsoft 365 Copilot agents. Triggers on keywords like "AI agent posture", "agent security audit", "Copilot Studio agents", "agent inventory", "agent authentication", "unauthenticated agents", "agent tools", "MCP tools on agents", "agent knowledge sources", "XPIA risk", "agent sprawl", "AI agent risk", "agent governance", or when investigating AI agent configurations, access policies, tool permissions, or credential exposure. This skill queries the AIAgentsInfo table in Advanced Hunting to produce a comprehensive security posture assessment covering agent inventory, authentication gaps, access control misconfigurations, MCP tool proliferation, knowledge source exposure, XPIA email exfiltration risk, hard-coded credential detection, HTTP request risks, creator governance, and agent sprawl analysis. Supports inline chat and markdown file output.
Add new GitHub skill repositories to the ASM curated index, audit discovered skills, update the website catalog, and create a PR. Use whenever someone shares GitHub URLs of skill repos to add, says "add this repo to the index", "update the skill catalog", "index these skills", "add new skill source", "new skill repo", or wants to onboard a new skill collection into ASM — even if they just paste a GitHub link without explanation.
- 📁 .github/
- 📁 references/
- 📁 tests/
- 📄 README.md
- 📄 SKILL.md
Use when building email features, emails going to spam, high bounce rates, setting up SPF/DKIM/DMARC authentication, implementing email capture, ensuring compliance (CAN-SPAM, GDPR, CASL), handling webhooks, retry logic, or deciding transactional vs marketing.
Role-based access control (RBAC) with permissions and policies. Use for admin dashboards, enterprise access, multi-tenant apps, fine-grained authorization, or encountering permission hierarchies, role inheritance, policy conflicts.
Use when viewing, updating, or auditing the Accountability Chart — seats, owners, and roles
- 📁 agents/
- 📁 references/
- 📁 scripts/
- 📄 SKILL.md
Operate Alchemy Prices API reads through UXC with a curated OpenAPI schema, path-templated API-key auth, and read-first guardrails.
Use when reviewing code for security vulnerabilities, implementing authentication/authorization, handling user input, or discussing web application security. Covers OWASP Top 10:2025, ASVS 5.0, and Agentic AI security (2026).
Fast vault Q&A — quick lookups, decision history, blocker status, doc search. Uses QMD hybrid search when available, falls back to vault grep. Use for "/ask what did we decide about auth?" or "/ask who's blocked?".
Token-efficient smart contract security auditing via Behavioral State Analysis (BSA). Scopes analysis to contract type, runs only relevant threat engines, and uses tiered output depth. Use for auditing smart contracts, security reviews, or DeFi threat modeling.
Use when accessing Alchemy APIs for RPC calls, token balances, NFT metadata, asset transfers, transaction simulation, or Alchemy-specific features. Also use when the user mentions "SIWE", "SIWS", "x402", "MPP", "mppx", or "agentic gateway" — this skill covers wallet-based auth flows for Alchemy's x402 and MPP protocols on EVM (Ethereum, Base, Polygon) and SVM (Solana).
