MCP App StoreMCP App Store
from megacode75
Run privacy-preserving RLM-driven security audits on large .NET repositories, producing prioritized findings and actionable remediation guidance.
Run a tool-driven, RLM (Reinforcement/Repository-Linked Model) security audit for large legacy .NET codebases. This skill orchestrates audit.py to scan repositories without loading entire codebases into the model context, producing a human-readable security_audit_report.md and machine artifacts (metadata and manifest) with file/line evidence and concrete fixes. It includes tuning knobs for planner iterations, token/output bounds, tool payload limits, and runtime timeouts so audits scale to massive repositories.
Use this skill when you need a privacy-conscious automated security review of a large repository (legacy .NET) where: you cannot or do not want to feed full repo into an LLM, you need prioritized findings with file/line evidence, or you must tune runtime/iteration limits to avoid stalls and truncation. Ideal for baseline audits, triage runs, and regression checks after dependency or build changes.
Best used by agents with shell/CLI and tool orchestration capabilities (Codex/Copilot-style or OpenClaw agents that can run audit scripts and manage local model endpoints).
This skill provides instructions for running an RLM-driven security audit tool (audit.py) against large .NET repositories. The SKILL.md is well-structured with clear execution steps, tuning parameters for legacy repos, and troubleshooting guidance. No bundled scripts were present to test. The skill references an external GitHub repo for the actual audit tool but doesn't include checksums or verification steps for downloading it.
Clean skill with no security concerns. Architecture is simple — monolithic SKILL.md without scripts/ or references/ directories. Useful for its niche but requires specific infrastructure setup before use.
TradeOS
Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r
Kickbox Automation (Composio / Rube MCP)
Automate Kickbox workflows via the Composio Kickbox toolkit on a Rube MCP server: discover tools, manage connections, and execute schema-compliant tool calls.
Java 25 & Spring Boot 4 Code Reviewer
Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an
ArcKit — French Public Procurement (fr-marche-public)
Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d
ArcKit Architecture Conformance
Run a systematic architecture conformance assessment that compares ADRs and principles against HLD/DLD artifacts to surface drift, violations, and technical deb
Speak Security Basics
Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy
Python Tooling (uv + Ruff)
Tools and patterns for managing Python environments, installing packages, and linting/formatting code using uv and Ruff for fast, reproducible workflows.
Apollo Security Basics
Practical security best-practices for integrating with the Apollo.io API: safe key storage, PII redaction, minimal permissions, rotation, and automated audit ch