security-scan
Security Scan
Trigger
Use this skill when:
- Onboarding a new repo with agent automation enabled
- Editing skills, hooks, MCP config, or client settings
- Before publishing/releasing changes that affect other projects
Mandatory Privacy Rule (No Bypass)
- For config-like files that may contain keys/tokens/passwords, do not read raw file content directly.
- Always read through Privacy Guard first:
aios privacy read --file <path>(preferred)- or
node scripts/privacy-guard.mjs read --file <path>
- If Privacy Guard reports guard-disabled for sensitive files, enable it first:
aios privacy enable
Quick Path
- Ensure strict mode is on:
aios privacy enforce-on - Run the repo verifier:
aios doctor(preferred when shell integration is installed).
More from rexleimo/rex-cli
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
3contextdb-autopilot
Use when running tasks in Codex CLI, Claude Code, Gemini CLI, or opencode and you need automatic context persistence (init/session/event/checkpoint/context-pack) plus interactive auto-routing without manual contextdb commands.
3seed2-manga-drama
当用户要把单图或创意脚本做成AI漫剧短视频时使用。提供Seed2.0风格的四阶段流程:分镜脚本、主角设定、分镜生成、视频验收,并输出可直接投喂生成模型的结构化提示词。
3debug
Evidence-first runtime debugging for application bugs, regressions, flaky behavior, and unclear failures. Use when an agent is asked to debug an issue and should avoid speculative fixes by forming hypotheses, attaching to or starting a logging session, instrumenting code, collecting runtime logs, analyzing the recorded log file, applying only proven fixes, and verifying the result before removing instrumentation, especially for browser or frontend issues where logs should go directly to the active collector endpoint instead of app-local proxy APIs.
2find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
2xhs-ops-methods
当用户要学习或执行小红书运营方法时使用。提供可复用的“定方向-定人设-写排发互-复盘增长”流程,支持多账号协作,并强调人工审核与合规发布。
2