Run a health check on an existing project: dependency audit, security scan, test runner detection, CI/CD evaluation, and missing configuration analysis.
Guide for adult content payment processor selection, merchant account application, compliance, webhook integration, and fallback strategies (CCBill, SegPay, AllSecure, Epoch,…
Adversarial smart contract security audit. Auto-selects 5-7 specialist agents based on contract features (from a roster of 12).
보안 강화(Security Hardening) 컨벤션 참조 스킬. 입력 검증, SQL injection 방지, XSS 방지, 암호화, 권한 관리 등 프로덕션 배포 전 필수 보안 조치를 제공한다.
Audit CVE/vulnerability source coverage for a technology stack. Maps each component (container, library, base image, runtime) to authoritative CVE feeds, flags gaps, and produces…
Act as a research ethics committee — stress-test a protocol the way an IRB / REC / HREC would. Reviews informed consent, risk-benefit balance, vulnerable populations, data…
Audits an Infrahub repository against best practices and rules, producing a structured compliance report.
Implements NewebPay MPG checkout integration including AES256 encryption, form submission, and payment callback handling.
Audit which integration credentials are configured. Scans shell env, ops preferences.json, Doppler, macOS Keychain, and Dashlane to report a configured-vs-missing table per…
Unified APM and monitoring surface. Polls Datadog, New Relic, and OpenTelemetry backends for active alerts, error traces, and entity health.
OPNsense configuration via Terraform. Trigger for interfaces, firewall, NAT, DHCP/DNS, aliases.
Ship parcels via any configured carrier — MyParcel, Sendcloud, DHL Parcel NL, PostNL, DPD, UPS, FedEx.
Detects and syncs Doppler→GitHub secrets drift. Compares last-updated timestamps between Doppler and GH repo secrets; flags stale GH secrets (>24h behind Doppler); confirms with…
Post-setup credential manager. Shows current integration status (configured/missing/expired) and lets you update individual credentials without re-running the full setup wizard.
Implements PAYUNi UPP checkout integration including AES256 encryption, form submission, and payment callback handling.
Implements PAYUNi webhook handling including signature verification, replay attack prevention, and payment status updates.
Perform a security audit based on OWASP. Use when the user wants to verify security, look for vulnerabilities, or before a production deployment.
Bandit 보안 검사 설정 및 관리 스킬. pyproject.toml에 Bandit 설정을 구성하고 보안 취약점을 탐지한다. OWASP, CWE 기반의 보안 검사 환경을 구축한다.
Researches malware analysis, CVEs, attribution reports, and hacker community sources. Use when the album subject involves cybersecurity incidents or threat actors.
Use when wiring a repo to maintained DETERMINISTIC scanner gates (SAST, dependency-CVE/SBOM, secret-history, IaC/container, mutation, fuzz) that produce ground-truth observables —…
Review a pull request — correctness, security, readability, test coverage, blast radius.
Audit de sécurité complet pour les projets Supabase. Lance un pentest automatisé qui vérifie RLS, buckets, auth, keys exposées, et génère un rapport avec remediation.
Completely remove claude-ops plugin, all stored credentials, cached files, shell exports, and MCP registrations. Confirms each step before deletion.
This skill should be used when the user asks to "design security architecture", "model
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference.
AI Media Generator — generování produktových fotek a B-roll videí přes fal.ai. Expert-level prompting pro food/beverage/FMCG produkty.
Analyze feature requirements, dependencies, and security considerations. Use when starting feature implementation from GitHub issues to understand scope, technical feasibility,…
Analyze a target's TLS configuration — negotiated protocol version, cipher suite, certificate chain, expiry, and downgrade vectors.
Validates SQLite-WAL database configuration and migration discipline for <
>. Checks WAL mode, foreign-key enforcement, migration tracking, and migration file…
Expert-level security auditing, compliance, code review, and vulnerability assessment
Audit a target's CORS posture — Access-Control-Allow-Origin handling, reflected-origin bypass, credentials+wildcard mismatch, preflight OPTIONS behavior, Vary header correctness.
Authentication and authorization including JWT, OAuth2, OIDC, sessions, RBAC, and security analysis. Activate for login, auth flows, security audits, threat modeling, access…
AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config
Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
Pedantic backend pre-commit and atomic commit Skill for Django/Optimo-style repos. Enforces local AGENTS.md / CLAUDE.md, pre-commit hooks, .security/* helpers, and Monty’s backend…
Red vs Blue team security competition orchestrator. Runs long-running overnight battles with 1000s of interactions, scoring, and insight generation.
Amazon Bedrock Automated Reasoning for mathematical verification of AI responses against formal policy rules with up to 99% accuracy.
Amazon Bedrock Prompt Management for creating, versioning, and managing prompt templates with variables, multi-variant A/B testing, and flow integration.
Expert-level blockchain, Web3, smart contracts, DeFi, and cryptocurrency development
OrchestKit security wrapper for browser automation. Adds URL blocklisting, rate limiting, robots.txt enforcement, and ethical scraping guardrails on top of the upstream…
Skill komprehensif untuk Bug Bounty Hunting berbasis AI — mencakup recon, web vuln classes, exploit chaining, finding validation, report writing, LLM/AI attacks, dan Web3 audit.
GLAW Investigations Bureau — the Case Commander. An FBI-style multi-agent investigative department that runs Field, Cyber, OSINT, HUMINT, Financial-Crimes, Legal-Intelligence,…
GLAW Investigations Bureau — the Cyber Intelligence Agent. The digital-evidence specialist: triages malware artifacts (read-only), plans defensible forensic imaging and hashing…
GLAW Investigations Bureau — the Special Agent (Field Investigator). The boots-on-the-ground collector: plans lawful interviews and interrogations, builds chain-of-custody for…
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit…
Diagnoses and fixes HTTPS/SSL certificate issues in the network infrastructure by checking API tokens, validating Caddy configuration, and testing certificates.
AI-powered analysis of cancer metabolic reprogramming including Warburg effect, glutamine addiction, lipid metabolism, and metabolic vulnerabilities for therapeutic targeting.
Production-ready channel server implementations — CI webhook receiver, mobile approval relay, Discord/Telegram bridge, and local fakechat dev profile.
코드 보안 취약점을 탐지한다. bandit을 사용하여 일반적인 보안 이슈를 검사한다.
Audit a target's HTTP security headers — CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, and the Cross-Origin trio (COOP, COEP, CORP).
AI-powered analysis of chromosomal instability (CIN) signatures for cancer prognosis, immunotherapy response prediction, and therapeutic vulnerability identification.
Use when interacting with the CLAWILD autonomous crypto intelligence agent on Moltbook
Helpt bij het beoordelen en implementeren van cloudoplossingen voor de Nederlandse overheid conform het rijksbrede cloudbeleid, BIO cloud-controls, SLM en de strategische…
Analyseert cloud-architecturen op digitale soevereiniteitsrisico's, met focus op de Amerikaanse CLOUD Act, FISA 702, en extraterritoriale jurisdictie.
Validate and analyze AWS CloudFormation templates for security and best practices
Fetches cryptocurrency market data, prices, technical analysis, news, and trends using the CoinMarketCap MCP.
Universal coding principles: DRY, security by default, null guards, and YAGNI. Trigger: When writing or reviewing code in any language or technology.
Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis.
Expert-level CodeQL for static analysis, vulnerability detection, and security code scanning
Комбайн — непрерывный конвейер: ОЧЕРЕДЬ → ВЫПОЛНЕНИЕ → ПРОВЕРКА → ПУБЛИКАЦИЯ → ЗАКРЫТИЕ. НЕ останавливается между шагами.