Uses Snyk REST API v1 to scan project dependencies for known CVEs and license compliance issues. Integrates with Snyk Test endpoint for real-time SBOM analysis and generates…
Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing.
Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks.
Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks.
Triage and prioritize vulnerabilities using CISA's Stakeholder-Specific Vulnerability Categorization (SSVC) decision
Runs Aqua Security Trivy against container images, filesystem paths, and Terraform/CloudFormation templates.
Scans Docker and OCI container images with Aqua Trivy for CVEs in OS packages and language dependencies. Outputs filterable vulnerability tables with CVSS scores and fix versions.
Wraps the Trivy CLI for comprehensive container image vulnerability scanning. Outputs results in SARIF format for GitHub Code Scanning API integration and generates OCI artifact…
Automates Aqua Security Trivy scans against Docker images and OCI artifacts to detect CVEs, misconfigurations, and license violations.
Trivy is Aqua Security’s scanner for vulnerabilities, misconfigurations, secrets, SBOMs, and license issues.
Scans container images, IaC templates, and SBOM artifacts using Aqua Trivy CLI. Generates CycloneDX and SPDX reports with CVE severity filtering for CI/CD gates.
Use at the start of any session — establishes the cognitive contract that pandastack skills must be checked BEFORE any response or action, including clarifying questions.
Complete security architecture overhaul for claude-flow v3. Addresses critical CVEs (CVE-1, CVE-2, CVE-3) and implements secure-by-default patterns.
Deployment validation pipeline — 4 fasi (static, security, smoke, score). Valida un deploy Vercel (preview o production) con TypeScript, ESLint, Jest coverage su file toccati,…
API de Variações de Produtos da Tray. Utilize quando o desenvolvedor precisar gerenciar variantes de produtos (SKUs) como diferentes tamanhos, cores ou modelos.
Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security…
Vendasta integration. Manage data, records, and automate workflows. Use when the user wants to interact with Vendasta data.
Visao 360 de produto - agrega dados de cadastro, estoque, custo, faturamento, carteira e producao em uma consulta unificada.
Analyze volunteer management platforms for skill-based matching algorithms, shift scheduling optimization, availability tracking, and retention analysis.
Analyse et évalue les vulnérabilités d'un système ou d'une application. À utiliser pour comprendre et prioriser les vulnérabilités.
Vulnerability Report Generator - Auto-activating skill for Security Advanced. Triggers on: vulnerability report generator, vulnerability report generator Part of the Security…
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
Automated SAST + dependency vulnerability scan. Runs Semgrep (code vulnerabilities) and pip-audit (CVE-matched dependencies) and writes a structured JSON report.
Gebruik deze skill wanneer de gebruiker de huidige (geschatte) waarde van een woning wil berekenen op basis van aankoopprijs, aankoopjaar, aankoopkwartaal en provincie.
WPScan is an open-source WordPress security scanner that detects vulnerabilities in plugins, themes, and core installations.
This skill enables Claude to perform automated fuzz testing on APIs to discover vulnerabilities, crashes, and unexpected behavior.
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug…
Plan and run backups, set recovery objectives, and run disaster recovery drills. Use this skill when defining RPO/RTO targets, designing backup architecture, deciding what to back…
This skill implements backup strategies for databases and applications. It generates configuration files and setup code to ensure data protection and disaster recovery.
This skill manages database recovery operations using the database-recovery-manager plugin. It enables disaster recovery, point-in-time recovery (PITR), and automated failover…
This skill enables Claude to plan and implement disaster recovery (DR) procedures. It generates configurations and setup code based on specific requirements and infrastructure.
This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub
Manage PR crises using classification, golden hour response, crisis statement templates (3C framework), and reputation recovery planning.
[REQUIRED] Comprehensive description of what this skill does and when to use it. Include: (1) Primary functionality, (2) Specific use cases, (3) Security operations context.
Execute Snyk Code SAST (Static Application Security Testing) scans on source code files or projects, interpret vulnerability findings, generate structured security reports, and…
BiDi text validation and Trojan Source attack detection (CVE-2021-42574)
Execute use when you need to work with backup and recovery.
機密情報検出スキル。APIキー、パスワード、トークン等の機密情報をコードから検出。git-secrets/truffleHog/gitleaks等のツールを統合。漏洩防止と早期発見に使用。
脆弱性スキャンスキル。CVE/依存関係脆弱性を検出し、npm audit/pip-audit/trivy等の結果を解析。セキュリティリスクの優先順位付けと修正提案を提供。