Orchestrates pitfall prevention skills for common development issues. Auto-triggered during code review to check for TanStack Query, Drizzle ORM, Express API, React, WebSocket,…
Score 70/100
Systematically identify and win accounts from major freight brokers by exploiting their known vulnerabilities.
Score 70/100
Scrape competitor ads from Meta Ad Library and Google Ads Transparency Center, analyze creative patterns (hooks, formats, CTAs), reverse-engineer landing page funnels, and produce…
Score 70/100
Automated compliance auditing for SOC2, HIPAA, GDPR, and PCI-DSS. Activates for compliance checks, security audits, regulatory requirements, and compliance automation.
Score 70/100
Use when setting up or auditing how compliance documentation is structured, collected, and preserved for regulatory audit in Salesforce FSC — covering KYC data collection…
Score 70/100
Runs a 4-phase compliance pipeline: security scan, GDPR audit, dependency vulnerability check, and penetration test, producing a unified pass/fail compliance report.
Score 70/100
Provides compliance, governance, and supply chain security guidance for cloud-native systems. Covers OPA Rego policies, Kyverno cluster policies, SBOM generation, SLSA provenance,…
Score 70/100
Runs a 5-phase enterprise compliance and security hardening pipeline: regulatory review, GDPR audit, SOC 2 evaluation, dependency scan, and penetration test with cross-framework…
Score 70/100
Validate compliance during migration with rule checking, audit trails, and security control validation
Score 70/100
Create and manage OSCAL component definitions for reusable security control implementations. Inspired by CivicActions components and community patterns.
Score 70/100
Composio OAuth integration for external service connections. CSRF-protected flow with state management, connection lifecycle transitions (pending→initiated→active), dynamic tool…
Score 70/100
Exhaustive multi-dimensional project auditor covering code, runtime, infrastructure, security, performance, business logic, and human processes across 12 dimensions with…
Score 70/100
Exhaustive multi-dimensional project auditor covering code, runtime, infrastructure, security, performance, business logic, and human processes across 12 dimensions with…
Score 70/100
Ability to plan, direct, and oversee the development, operation, and governance of information systems to meet organisational objectives.
Score 70/100
Analyzes events through computer science lens using computational complexity, algorithms, data structures, systems architecture, information theory, and software engineering…
Score 70/100
Analyzes events through computer science lens using computational complexity, algorithms, data structures, systems architecture, information theory, and software engineering…
Score 70/100
Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text.
Score 70/100
Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text.
Score 70/100
Build production computer vision pipelines for object detection, tracking, and video analysis. Handles drone footage, wildlife monitoring, and real-time detection.
Score 70/100
Conducts security testing of REST, GraphQL, and gRPC APIs to identify vulnerabilities in authentication, authorization,
Score 70/100
Responds to security incidents in cloud environments (AWS, Azure, GCP) by performing identity-based containment,
Score 70/100
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting
Score 70/100
Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using
Score 70/100
Execute an internal network penetration test simulating an insider threat or post-breach attacker to identify
Score 70/100
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify
Score 70/100
Responds to malware infections across enterprise endpoints by identifying the malware family, determining infection
Score 70/100
Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept,
Score 70/100
Performs memory forensics analysis using Volatility 3 to extract evidence of malware execution, process injection,
Score 70/100
Conducts penetration testing of iOS and Android mobile applications following the OWASP Mobile Application Security
Score 70/100
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate
Score 70/100
Responds to phishing incidents by analyzing reported emails, extracting indicators, assessing credential compromise,
Score 70/100
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access.
Score 70/100
Conducts authorized wireless network penetration tests to assess the security of WiFi infrastructure by testing
Score 70/100
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory.
Score 70/100
Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and…
Score 70/100
Configures host-based intrusion detection systems (HIDS) to monitor endpoint file integrity, system calls, and
Score 70/100
Hardware Security Modules (HSMs) are tamper-resistant physical devices that safeguard cryptographic keys and
Score 70/100
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous
Score 70/100
Configure secure OAuth 2.0 authorization flows including Authorization Code with PKCE, Client Credentials, and
Score 70/100
Configures pfSense firewall rules, NAT policies, VPN tunnels, and traffic shaping to enforce network segmentation,
Score 70/100
Installs, configures, and tunes Snort 3 intrusion detection system to monitor network traffic for malicious
Score 70/100
Deploys and configures Suricata IDS/IPS with Emerging Threats rulesets, EVE JSON logging, and custom rules for
Score 70/100
TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements
Score 70/100
Configures Microsoft Defender for Endpoint (MDE) advanced protection settings including attack surface reduction
Score 70/100
Configures Windows Event Logging with advanced audit policies to generate high-fidelity security events for
Score 70/100
Connect to an AWS account, validate credentials, and discover what services are in use.
Score 70/100
Connect to an Azure subscription, validate credentials, and discover what services are in use.
Score 70/100
Guide for connecting MCP (Model Context Protocol) servers to Claude Code with HTTP, stdio, and SSE transports.
Score 70/100
Managing OAuth policies, IP relaxation, session security, PKCE, and credential rotation for Salesforce Connected Apps.
Score 70/100
Use when designing, reviewing, or troubleshooting Salesforce connected apps, Named Credentials, External Credentials, and OAuth-based integration access.
Score 70/100
Analyze cryptographic code to detect operations that leak secret data through execution timing variations.
Score 70/100
Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets, secret-dependent branches, or…
Score 70/100
Establish project governing principles including dev guidelines, code quality standards, testing policies, UX requirements, performance benchmarks, and security constraints.
Score 70/100
Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators.
Score 70/100
Dockerfile security linting and best practice validation using Hadolint with 100+ built-in rules aligned to CIS Docker Benchmark.
Score 70/100
Scans Docker and OCI container images for vulnerabilities using Trivy JSON output and the Docker Hub API v2 for image metadata.
Score 70/100
Эксперт по container registry. Используй для настройки ECR, Harbor, Docker Hub, image security и CI/CD интеграции.
Score 70/100
Monitors container runtime behavior using Falco rules and the Docker Engine API. Detects anomalous syscalls, privilege escalations, and unexpected network connections in real time.
Score 70/100
Scans containers and Dockerfiles for security issues. Wraps Hadolint for Dockerfile linting and Trivy for container image scanning.
Score 70/100
Comprehensive container security guidance including vulnerability scanning with Trivy, image hardening, secrets management, and CIS benchmark compliance.
Score 70/100