The library

aktenstruktur-und-dokumentenintake · When organizing German legal personnel files and identifying missing documentation in administrative disputes.

massenbenachrichtigung · Coordinating large-scale user communication

druckmittel-falsche · When assessing whether a threat of criminal charges constitutes unlawful coercion under German law.

bietet-fehlerkatalog · Preventing practice-damaging errors in client-facing legal responses before sending.

mitnutzung-gebaeude-netze · Scoping shared telecom infrastructure access without double-digging.

contract-review · Non-invasive contract review with structured risk encoding (reviewer name = severity) for stakeholders.

anwaltliche-ki-nutzung-quellencheck-brao · Assessing BRAO rules for lawyers using AI tools.

docusign-automation · Automate document preparation, signing, and tracking workflows without manual DocuSign UI.

brand-protection-shopify · DTC brand holders who need automated monitoring of Shopify stores and social ads without hiring legal counsel.

brand-protection-tiktok · Fast-moving DTC brands needing continuous TikTok surveillance for unauthorized resellers and counterfeit ads.

brand-protection-walmart · Brands selling via Walmart marketplace who need continuous unauthorized-seller and counterfeit detection.

resemble-detect · Batch media authenticity verification when real-world consequences demand AI detection scores.

fortbildung · Notary regulatory defense where continuing ed credits + practice alignment must be proven bulletproof.

feedoracle-compliance · Audit workflows requiring verifiable compliance evidence

legal-citation-automator · Batch footnote repairs in Word documents when citation text is already verified and DOCX compatibility matters.

legal-citation-comprehensive · Complex legal citation diagnosis across multiple source types when the handbook rule index is available locally.

eilrechtsschutz-paragraf-80-vwgo · Advising on German administrative law emergency relief when norm anchors, case law, and evidence gaps are explicitly tracked.

rechtsabteilung-vga-geschaeftsfuehrer · German legal compliance checks on manager/board compensation with AO § 6a and EStG § 8(3) focus, providing legal-memo output ready for Rechtsabteilung.

gsd:secure-phase · Retroactively auditing threat mitigations before shipping a production phase

soc2 · When initializing SOC 2 compliance framework and understanding your current control status.

mortgage-compliance · Protecting lenders from regulatory violations by rejecting non-compliant interactions before they reach borrowers

security-guardrails · Defending lending agents from adversarial manipulation while preserving legitimate borrower interactions

red-team-bundler · Preparing code for adversarial testing without exposing sensitive data.

output-waehlen · German real-estate insolvency: ensuring ZVG court filings address the correct party with right legal form and tight deadlines.

explain-equity-terms · Activate for ANY equity, legal, or term sheet question related to startup investing or fundraising. Triggers include: "what is a SAFE", "explain this term sheet", "what does pro-rata mean", "what is liquidation preference", "explain anti-dilution", "ISO vs NSO", "what is a 83(b) election", "what is carried interest", "explain drag-along", "what is a valuation cap", "what does MFN mean", "explain convertible note vs SAFE", "what is a down round", "explain vesting cliff", "what does fully diluted mean", "term sheet question", "equity question", "what does this clause mean". Also triggers when a user pastes legal text from a term sheet, SAFE, or subscription agreement and asks what it means. Works on claude.ai and Claude Code.

unterlagen-luecken · Lücken- und Beschaffungsliste für Gesellschaftsgründung: trennt fehlende Tatsachen von fehlenden Belegen (Gesellschaftsvertrag, Notarurkunde, Liste Gesellschafter), nennt pro Lücke Beweisthema, Beschaffungsweg (Handelsregister AG), Frist und Ersatznachweis.

scv-scan · Unknown (see artifact 4931)

offensive-active-directory · When you need to map Active Directory attack paths and identify privilege escalation vectors in an authorized pentest.

notaire · handling complex property and inheritance transactions

audit-skill · reviewing pull requests for production readiness

esg-impact-venture · Impact investing when ESG screening accelerates deal qualification over manual review.

fusion-vereine · German association mergers need Vereinsrecht-specific compliance mapping.

strassenentwaesserung · German legal practice when street-drainage rights/obligations require statutory analysis.

enterprise-vpn-attack · Perimeter testing when SSL VPN appliances are initial-access points.

evidence-hygiene · Bug-bounty submissions when cookie leakage and unauthorized PII exposure risks matter.

hunt-api-misconfig · API security testing when parameter-binding and object-serialization flaws enable escalation.

hunt-aspnet · Legacy ASP.NET pentesting when ViewState, machineKey, and trace endpoint disclosure matter.

hunt-ato · Authentication testing when multiple ATO paths (password-reset, email-change, JWT, MFA-bypass) require systematic coverage.

eu-ebene-und-better-regulation · German legal practice when proposed rules require EU compliance justification.

hunt-auth-bypass · SSO security testing when SAML signature stripping and parser-differential attacks apply.

hunt-brute-force · Use for hunt missing/weak rate limiting — login brute force, otp/2fa brute force (10^6 keyspace), password-reset-token brute, credential stuffing, username/email enumeration via error-string / status-code / timing differences, weak password policy, missing captcha, ip-based rate-limit bypass via x-forwarded-for and friends, redos. distinguishes hard lockout vs soft ip-throttle vs captcha-injection vs silent shadow-throttling (avoids false-negative 'no rate limit' conclusions). medium to critical depending on what the brute reaches (otp→ato = critical).

hunt-business-logic · Use for hunting skill for business logic vulnerabilities. built from 12 public bug bounty reports. covers coupon-race-stacking (instacart, stripe, reverb), negative-quantity-in-cart price tampering (upserve, eternal/zomato), decimal/fraction price-field overflow (shipt), client-side checkout amount trust on paypal redirect (wordpress.org), price-per-unit mass-assignment (krisp), and archived-price swap / cart-toctou (stripe). use when hunting business logic — heavy emphasis on financial-impact-demonstrated cases.

hunt-cache-poison · Use for hunting skill for cache poison vulnerabilities. built from 10 public bug bounty reports including x-forwarded-host poisoning, x-http-method-override / gcs cache, reflected→stored xss via cache, classic omer-gil web cache deception, cloudflare cache deception armor bypass, session-token cache deception, akamai hop-by-hop smuggling → server-side edge poisoning, and kettle's 2024 path-normalization wcd against cloudflare/fastly/gcp. use when hunting cache poisoning, web cache deception, cdn-fronted apps.

hunt-cloud-misconfig · Use for hunt cloud / infrastructure misconfigurations. aws: public s3 buckets (s3:getobject anonymous), permissive bucket policies (putobjectacl public-write), exposed cloudfront origin, public lambda function url, public rds snapshot, iam credentials in js bundles, aws metadata accessible via ssrf. gcp: public gcs buckets, exposed cloud run services, leaked service account json. azure: public blob containers, exposed function app. (kubernetes/docker exposure is owned by hunt-k8s; ci/cd pipeline attacks by hunt-cicd; post-credential iam escalation by cloud-iam-deep.) detection: targeted dorking, certificate transparency, js bundle secret extraction, port scan for known service ports. validate: actual data read / write / rce. use when hunting cloud-native storage and compute misconfig (s3/gcs/blob, imds-via-ssrf, serverless, public managed services).

hunt-cors · Use for hunt cors misconfiguration — origin-reflection with credentials, null-origin trust, subdomain-regex bypass (unanchored vs unescaped-dot vs prefix-only), pre-flight (options) gating bypass, postmessage origin checks. high only when an attacker-controlled origin can perform a credentialed cross-origin read of sensitive data and you have proven it in a browser. use when testing api endpoints, spas, or any app emitting access-control-* headers.

baut-beweislast-benennt-bereits-excel · Use for prüft, ob die anlage eine konkrete darlegung trägt oder nur einen pauschalen anlagenverweis kaschiert; trennt tatsachenvortrag, beweisangebot und bloße hintergrundunterlage im anlagen zu schriftsätzen. liefert priorisierten output mit norm-pinpoints, risikoampel und nächstem arbeitsschritt.

rechtsabteilung-pe-closing-continuation-fund · PE teams needing audit-ready closing documentation with live German legal norm verification instead of templated checklists.

smart-device-agb-redlinen-beschwerde · German consumer advocates needing to verify statutory deadlines and evidence requirements in smart-device complaints.

benutzungsschonfrist-und-rechtserhaltende-benutzung · Preparing evidence bundles to defend luxury/fashion trademarks against non-use revocation.

hunt-saml · Discovering saml vulnerabilities when generic scanners miss domain-specific chains.