agent-spec-builder
Build a Prompt Hardener agent_spec.yaml from an existing codebase (from-code) or through an interactive interview (from-questions). Use when the user wants to create, generate, or scaffold an agent spec, or when they mention agent_spec.yaml creation. Generates agent_spec.yaml, evidence.md, and open_questions.md with confidence tracking and evidence trails.
Io.Github.Debu Sinha/Excalidraw
Security-hardened Excalidraw MCP server with auth, rate limiting, and 14 tools
opquast-digital-quality
Apply the Opquast Digital Quality Framework (245 rules, 14 categories) when building, reviewing, or auditing websites and web applications. Use for web development quality assurance, accessibility compliance, security hardening, privacy implementation, e-commerce best practices, and holistic digital quality checks.
config-hardener
Audit and harden your OpenClaw configuration. Checks AGENTS.md, gateway settings, sandbox config, and permission policies for security weaknesses.
1password-hardened
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Io.Github.VouchlyAI/Pincer
Secure grip for your agent's secrets - security-hardened MCP gateway with proxy token architecture
check-codesign
Check macOS code signature, hardened runtime, entitlements, and notarization of audio plugin bundles (.vst3, .component, .clap, .app/.appex). Use when user says "check code signing", "check codesign", "check signature", "verify signing", "check notarization", "why won't plugin load", "hardened runtime", "check entitlements", or a plugin fails to load in a signed DAW.
Io.Github.Pantheon Security/Notebooklm Mcp Secure
Security-hardened NotebookLM MCP with post-quantum encryption
cb-security-hardening
Enforces Circuit Breaker security hardening conventions across backend, frontend, Docker, and nginx. Use when modifying authentication logic, security headers, Docker configuration, credential handling, session management, URL validation, WebSocket auth, or any code in core/security.py, core/rbac.py, middleware/security_headers.py, url_validation.py, docker-compose.yml, nginx.mono.conf, entrypoint-mono.sh, or supervisord.mono.conf.
integrating-jupiter
Comprehensive guidance for integrating Jupiter APIs (Ultra Swap, Lend, Perps, Trigger, Recurring, Tokens, Price, Portfolio, Prediction Markets, Send, Studio, Lock, Routing). Use for endpoint selection, integration flows, error handling, and production hardening.
Kastell
Server security audit (413 checks), hardening, and fleet management across 4 cloud providers.