code-abyss

Analyzes code changes, detects documentation drift, and evaluates change impact scope. Use when reviewing diffs, checking doc sync, or running pre-commit analysis. Automatically triggered after design-level changes or refactoring.

Scans code for security vulnerabilities, detects dangerous patterns, and ensures security decisions are documented. Use when running security scans, auditing code, or checking for OWASP issues, injection risks, or sensitive data leaks. Automatically triggered on new modules, security-related changes, or post-refactor.

Processes Excel spreadsheet files (.xlsx, .xlsm, .csv). Creates workbooks, builds formulas, preserves formatting, analyzes tabular data, and validates financial models with zero-formula-error delivery. Use when working with spreadsheet files or tabular data analysis. Do NOT use for Word documents, PDFs, presentations, or database pipelines.

Frontend UI design system selector and implementation guide covering Glassmorphism, Liquid Glass (Apple-style), Neubrutalism, and Claymorphism. Use when building UI components, choosing a visual aesthetic, implementing design tokens, or auditing accessibility/contrast on themed surfaces. Provides per-style tokens, component patterns, dark mode, and a11y constraints.

安全架构与治理：威胁建模 (STRIDE/PASTA/LINDDUN)、零信任身份架构、IAM/SSO/MFA/PAM、合规框架 (SOC2/PCI/HIPAA/GDPR)、DLP、隐私工程、安全控制设计。Use when designing security architecture, threat modeling new systems, implementing zero-trust identity, designing IAM/SSO/PAM, building compliance evidence chains, or planning privacy-by-design.

DevOps knowledge reference covering Git workflows, testing strategies, DevSecOps, release pipeline orchestration (release.yml, multi-arch images, cosign integration), CI/CD pipelines, database management, observability, and performance optimization. Use when working with Git, CI/CD, release pipelines, ghcr image publishing, testing, monitoring, or infrastructure automation.

AI agent and LLM system engineering reference covering single-agent dev (ReAct, tool calling, plan-execute), multi-agent coordination (swarm, role decomposition, file locking), LLM security (prompt injection, jailbreak defense, output filtering), RAG architecture (chunking, hybrid retrieval, rerank), and prompt engineering / evaluation (RAGAS, LLM-as-Judge). Use when building AI agents, designing RAG pipelines, orchestrating multi-agent workflows, hardening LLM apps, or writing prompts.

Checks code quality metrics including complexity, duplication, naming conventions, and function length. Use when running quality gates, reviewing code smells, or checking lint rules. Automatically triggered on complex modules or post-refactor.

Processes PowerPoint presentation files (.pptx). Creates slides, rewrites templates, converts HTML to presentations, validates thumbnails, swaps layouts, and performs deep OOXML editing. Use when working with presentation files or slide decks. Do NOT use for Word documents, spreadsheets, or PDF files.

Distills AI agent personality patterns from conversation into a Tech Persona Card v1.0, validates the schema and voice consistency, and routes contributions through the existing submission portal. Use when the user wants to crystallize a recurring voice/tone, fork an existing persona, or share one with the community.

Distills repeated workflows into reusable skills, improves existing skills, and gates them through a three-tier publish funnel (local → project → community). Use when the agent or user notices a pattern worth crystallizing, when an existing skill is incomplete, or when something deserves community contribution. Default deny on dangerous tools and side effects.

Application security defense knowledge for builders, not pentesters. Covers Web/API/GraphQL hardening (XSS/SQLi/SSRF/IDOR/BOLA/Mass Assignment/deserialization/upload/path traversal), authentication/authorization (OAuth 2.0/OIDC/JWT/Session/Cookie/SAML/SSO), and LLM application security (prompt injection, jailbreak, RAG poisoning, agent privilege escalation, output filtering). Use when designing or reviewing application-layer defenses, fixing CVE-class bugs in your own code, hardening auth flows, or threat-modeling LLM-powered features. Do NOT use for offensive testing (see securing-systems/pentest), incident response (see securing-systems/blue-team), or infra-layer hardening (see provisioning-infrastructure).

Architecture knowledge reference covering API design, security architecture, cloud-native patterns, caching strategies, message queues, and data security. Use when designing system architecture, APIs, or cloud-native infrastructure.

AI-automated hardware product pipeline: from requirements to manufacturable Gerber + compiled firmware + cross-platform app. Orchestrates system design, ESP-IDF firmware, KiCad PCB, UniApp client, and release packaging in a zero-human-touch flow.

蓝队与紫队工程：检测规则编写、SIEM/EDR 调优、事件响应、数字取证、威胁狩猎、ATT&CK 映射、紫队演练闭环。Use when writing Sigma/YARA detection rules, tuning SIEM noise, responding to security incidents, conducting forensic analysis, hunting threats, or running purple team exercises.

Mobile development knowledge reference covering iOS (SwiftUI), Android (Jetpack Compose), React Native, and Flutter. Use when building mobile apps, working with cross-platform frameworks, or implementing native UI patterns.

Software development knowledge reference covering Python, Go, Rust, TypeScript, Java, C++, and Shell. Use when writing code, debugging, or following language-specific best practices.

Data engineering knowledge reference covering Airflow, Dagster, Kafka Streams, Flink, dbt, and data quality patterns. Use when building data pipelines, ETL workflows, stream processing, or data quality checks.

Generates README.md and DESIGN.md scaffolds by analyzing module structure. Use when creating documentation templates for new modules. Automatically triggered at module creation.

Code relationship graph and temporal intelligence via abyss CLI. Provides caller tracing, impact analysis, hotspot detection, and file-level context gathering. Agent automatically runs abyss before modifying code to check impact. Works with any agent that has shell access.

KiCad EDA orchestration via kicad-mcp MCP server. Routes 17 tools for schematic creation, PCB layout, autorouting, DRC, and Gerber export. Enforces serialized PCB ops, library-first lookup, and autoroute-only routing.

Multi-agent adversarial-verification orchestration for high-confidence conclusions. Fan-out finders, then verify every finding through a three-prism panel (exploitability / correctness / refutation) that defaults to disbelief, gate fixes behind load-bearing proof tests that catch agents who falsely claim "done/fixed", and roll out behind a build-first exit-code guard. Use when a fan-out task must produce trustworthy results — security audit, code review, research synthesis, migration — and a single agent's self-report cannot be trusted. Composes with securing-systems (what to look for) and shipping-changes (change closed loop); orchestration engine is the Workflow tool.

Processes Word document files (.docx). Creates, edits, annotates, tracks revisions, analyzes OOXML structure, and preserves formatting for contracts, policies, academic papers, and business documents. Use when working with .docx files or Word documents. Do NOT use for PDFs, spreadsheets, presentations, or plain text files.

Processes PDF files. Extracts text and tables, fills forms, merges and splits documents, batch-processes files, converts to images, and generates PDFs programmatically. Use when working with .pdf files. Do NOT use for Word documents, spreadsheets, or presentations.