kissrosecicd-hub/kirospec-basic
.agents/skills/kirospec-basic/SKILL.md
Create and maintain .kiro specifications from local scripts without external folder dependency.
$ install --global
skillsauthnpx skillsauth add kissrosecicd-hub/agents-evolution kirospec-basicInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 11:02 AM4.8s8 files scanned
SKILL.md
- name:
- kirospec-basic
- description:
- Create and maintain .kiro specifications from local scripts without external folder dependency.
- enabled:
- true
kirospec-basic
Назначение:
- использовать локальные правила SPEC в переносимом навыке;
- создавать и поддерживать
.kiro/specs/<spec-name>/без внешней зависимости; - использовать каноничные шаблоны
design/requirements/tasks.
Когда включать:
- пользователь просит
SPEC, спецификацию, либо правкиdesign.md,requirements.md,tasks.md; - пользователь просит зафиксировать решение до начала кода.
Что делает skill:
- Валидирует
SPEC_NAMEиз окружения. - Создает каркас спецификации через локальный
spec-init.sh. - Проверяет наличие:
design.mdrequirements.mdtasks.md
Быстрый запуск:
SPEC_NAME="payments-webhook" \
SPEC_ROOT="." \
bash scripts/spec-init.sh "${SPEC_NAME}"
Локальные скрипты:
- create:
bash scripts/spec-init.sh <spec-name> - create (PowerShell):
pwsh -File scripts/spec-init.ps1 <spec-name> - undo:
bash scripts/spec-init-undo.sh <spec-name>
Reference:
- правила/процесс:
references/SPEC_GUIDELINES.md - пример design:
references/ExampleDesign.md - пример requirements:
references/ExampleRequirements.md - пример tasks:
references/ExampleTasks.md
Правила:
- не перезаписывать существующие файлы без явного
--force; - работать через относительный root проекта или
--root; - вести SPEC-контент на русском, если не запрошено иначе.
Related Skills
kissrosecicd-hub/v2raya-linux-basic
tools
VerifiedTrustedCommunity
KISS reference skill for v2rayA on Arch/Ubuntu/Fedora with TUN, RoutingA, DoH DNS and Outline key import.
26SKILL.mdUpdated Apr 16, 2026
kissrosecicd-hub/supply-chain-risk-auditor
testing
VerifiedTrustedCommunity
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.
26SKILL.mdUpdated Apr 16, 2026
kissrosecicd-hub/semgrep
development
VerifiedTrustedCommunity
Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Automatically detects and uses Semgrep Pro for cross-file taint analysis when available. Use when asked to scan code for vulnerabilities, run a security audit with Semgrep, find bugs, or perform static analysis. Spawns parallel workers for multi-language codebases.
26SKILL.mdUpdated Apr 16, 2026
kissrosecicd-hub/sharp-edges
development
VerifiedTrustedCommunity
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.
26SKILL.mdUpdated Apr 16, 2026