CTF 逆向工程解題工具箱 — 聚焦 Windows 應用程式驗證繞過。從開題偵察到 bypass 驗證的完整流程引導,內建實戰踩坑經驗。
Destructive Command Guard. Installs a pre-tool-use hook that blocks unrecoverable shell commands (rm -rf /, git reset --hard, git clean -fd, rm of .env / credentials,…
Shift-left scanning, policy-as-code, signed artifacts, SBOM.
Skill with injected eval patterns for security testing
Deploys static site build output to GoDaddy shared hosting via FTP using basic-ftp in Node.js and SamKirkland/FTP-Deploy-Action in CI.
Tips and Tricks for Working with GitHub Copilot Agent PRs
GraphQL saldırıları — introspection, aliased query batching, rate limit bypass
Security audit of changes; enforce defense in depth and OWASP best practices
Security techniques and quality control for prompts and agents
Evaluate hook security, performance, and SDK compliance. Use for audits.
Hsts reference tool. Use when working with hsts in security contexts.
CLI interface for igf (Grapefruit) dynamic instrumentation server. Use to enumerate Frida devices, list apps, run hooks, query logs, access device file systems, inspect classes,…
Expert Australian Information Security Manual (ISM) advisor for government entities and their supply chains.
Generate production-grade Kubernetes manifests — Deployments with probes and security contexts, Services, Ingress with TLS, HPA, PDB, NetworkPolicy, ConfigMaps, Secrets — with…
Build reproducible data science pipelines with Kedro for research projects
Manage credentials in OS keychains across Windows, macOS, and Linux
Kubernetes security: RBAC, PodSecurity, network policies.
Best practices for Vue.js development including security, performance, and developer experience
Consultar a documentação oficial da Microsoft para encontrar conceitos,
Manage n8n workflows, executions and credentials via REST API
Serverless GDS sessions on Neo4j Aura — covers GdsSessions, AuraAPICredentials,
Operational safety rules untuk Network Intelligence — RTBH, DDoS, dan IBN.
Generate Non-functional Requirements (NFR): performance, security, availability, scalability, compliance, localization.
Expert network operations and censorship circumvention skill. Use for ANY networking question: TCP/IP internals, routing, DNS, firewalls, iptables/nftables, Linux networking,…
自動化 Obsidian 筆記庫與 KM 核心知識庫 (OneDrive) 的同步與結構化管理。
OWASP Top 10 vulnerability scanning and remediation
Revisa código contra as 10 falhas mais comuns antes de merge
Authorized exploitation, proof-of-concept chain, kill-chain mapping.
PHP development — OOP patterns, Laravel basics, WordPress plugin development, REST API endpoints, wpdb queries, security (sanitization, nonces)
Execute use when you need to work with backup and recovery. — from jeremylongshore/claude-code-plugins-plus-skills
Comprehensive Python programming reference covering syntax, concurrency, networking, databases, ML/LLM development, and HPC.
Design Doc compliance and security validation with optional auto-fixes — from shinpr/claude-code-workflows
Design Doc compliance and security validation with optional auto-fixes — from shinpr/claude-code-workflows
Supply chain and dependency security analysis across all package ecosystems
NoSQL Injection detection for MongoDB, Redis, CouchDB, and Elasticsearch
Codebase discovery and architecture mapping for security analysis
False positive elimination and confidence scoring for all security findings
Execute use when you need to work with security and compliance.
Process use when you need to work with security and compliance.
Security architecture and implementation patterns. Use when designing
Sempre considera vetores OWASP top-10 ao escrever/revisar código
Infrastructure security, headers, encryption, and compliance.
OWASP Top 10, authentication, and secure coding practices
Static Application Security Testing (SAST) for code vulnerability
Especialista em segurança OWASP, LGPD e threat modeling para sistemas modernos.
Perform a comprehensive security review of the current codebase
Security review of changes introduced on a branch compared to a base
Security review of staged changes only (git diff --cached)
Stock quotes, history, search, compare, crypto via Yahoo.
TeyvatGuide 项目 SKILL。处理 Vue+Tauri+TypeScript 项目开发,包括组件开发、API 集成、SQLite 操作或代码规范。
Security auditing and hardening for OpenClaw and system infrastructure.
MCPツールとAPI統合のセキュリティ設計を体系化するスキル。 脅威整理、制御設計、設定検証を通じて安全なツール運用を支援する。
Configure Twilio credentials and phone numbers for voice calls
Act on behalf of your user in any third-party software that supports OAuth 2.0
Paste a vendor's domain. Get a security risk assessment in 60 seconds.
Audit and harden VPS security — fail2ban, SSH hardening, firewall setup
AI 驅動的本地網絡掃描器與安全分析工具 (Local Network Scanner and AI Security Analyzer)
Disconnect Wire memory and remove stored credentials
Web application security scanner with proxy and active/passive scanning
Variable name improvement, function extraction, magic number constants, dead code removal, and code review. For refactoring and PR review — does not change behavior.