Detect and prevent QR code phishing (quishing) attacks that bypass traditional email security by embedding malicious
Score 70/100
Detects race condition vulnerabilities including TOCTOU, double-checked locking issues, and shared state problems.
Score 70/100
Detects ransomware encryption activity in real time using entropy analysis, file system I/O monitoring, and
Score 70/100
Detects early-stage ransomware indicators in network traffic before encryption begins, including initial access
Score 70/100
Detect RDP brute force attacks by analyzing Windows Security Event Logs for failed authentication patterns (Event
Score 70/100
Detects and prevents code injection attacks targeting serverless functions (AWS Lambda, Azure Functions, Google
Score 70/100
Spearphishing targets specific individuals using personalized, researched content that bypasses generic spam
Score 70/100
Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity
Score 70/100
Detect and analyze SQL injection vulnerabilities in application code and database queries. Use when you need to scan code for SQL injection risks, review query construction,…
Score 70/100
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned
Score 70/100
Detects suspicious use of assertions for security checks that can be disabled in production builds. Use when analyzing assertion usage, security checks, or investigating…
Score 70/100
Detect risky OAuth application consent grants in Azure AD / Microsoft Entra ID using Microsoft Graph API, audit
Score 70/100
Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials
Score 70/100
Detect abuse of elevation control mechanisms including UAC bypass, sudo exploitation, and setuid/setgid manipulation
Score 70/100
Detects type confusion vulnerabilities by identifying unsafe type casts, vtable corruption, and polymorphism issues.
Score 70/100
Detects use-after-free vulnerabilities by identifying pointer dereferences after memory deallocation.
Score 70/100
Security detection use cases for identifying threats across network, endpoint, identity, cloud, application, and email vectors.
Score 70/100
Create detection rules and hunting queries from malware analysis findings. Use when you need to write Sigma rules for SIEM, Suricata rules for network IDS, defang IOCs for safe…
Score 70/100
Generic detection rule creation and management using Sigma, the universal SIEM rule format. Sigma provides vendor-agnostic detection logic for log analysis across multiple SIEM…
Score 70/100
Package and dependency management patterns across ecosystems (npm, pip, cargo, maven). Covers lockfiles, semantic versioning, dependency security scanning, update strategies,…
Score 70/100
Delegate QAQC and review tasks to Google Gemini CLI using markdown file handoff pattern. Write review request to REVIEW.md, Gemini analyzes, outputs findings to FINDINGS.md.
Score 70/100
Delegate testing, QA, and code review tasks to Opencode CLI using Kimi K2.5 model via markdown file handoff.
Score 70/100
Configuration Nginx — reverse proxy, SSL/TLS, load balancing, caching et security headers. Se déclenche avec "Nginx", "nginx.conf", "reverse proxy", "SSL Nginx", "load balancer…
Score 70/100
Vérifie un projet contre le OWASP Top 10 et propose des remédiations. À utiliser pour vérifier la conformité OWASP.
Score 70/100
Guide méthodologique pour tests d'intrusion et évaluation de sécurité. À utiliser pour préparer ou conduire un pentest.
Score 70/100
Détecte les secrets, clés API et credentials exposés dans le code. À utiliser pour vérifier qu'aucun secret n'est dans le code.
Score 70/100
Audit de sécurité complet d'une application ou d'un code source. À utiliser quand l'utilisateur veut vérifier la sécurité de son projet.
Score 70/100
Audit de sécurité de smart contracts Solidity et blockchain. Se déclenche avec "smart contract", "Solidity", "audit blockchain", "vulnérabilité smart contract", "reentrancy",…
Score 70/100
Guide pour écrire des requêtes SQL et concevoir des schémas SQLite avec les bonnes pratiques. À utiliser quand l'utilisateur travaille avec SQLite, écrit des requêtes SQL ou…
Score 70/100
Analyse et évalue les vulnérabilités d'un système ou d'une application. À utiliser pour comprendre et prioriser les vulnérabilités.
Score 70/100
React Flow 라이브러리를 사용한 노드 기반 UI 개발 지원. 노드/엣지 생성, 커스터마이징, 레이아웃, 상호작용 구현 시 사용. 항상 최신 문서를 WebFetch로 참조하여 정확한 정보 제공.
Score 70/100
Use when called by the devops dispatcher after analysis to audit security posture and select CI security tooling before config generation
Score 70/100
Expert DevSecOps engineer specializing in secure CI/CD pipelines, shift-left security, security automation, and compliance as code.
Score 70/100
Looks up OWASP DevSecOps Guideline phases, security tools, and pipeline checks. Returns tool configurations, CWE mappings, and integration patterns for CI/CD security.
Score 70/100
DevSecOps methodology guidance covering shift-left security, SAST/DAST/IAST integration, security gates in CI/CD pipelines, vulnerability management workflows, and security…
Score 70/100
Autonomous financial research agent for stock analysis, financial statements, metrics, prices, SEC filings, and crypto data.
Score 70/100
Autonomous financial research agent for stock analysis, financial statements, metrics, prices, SEC filings, and crypto data.
Score 70/100
Generates Mermaid diagrams from Trailmark code graphs. Produces call graphs, class hierarchies, module dependency maps, containment diagrams, complexity heatmaps, and attack…
Score 70/100
Compare checked-in SQL against live MySQL, PostgreSQL, SQLite, or SQL Server schemas and generate a reviewable apply plan before agents touch production databases.
Score 70/100
One-call structured triage of a git diff. Returns per-file role classification (source/test/config/doc/generated/build/fixture/migration), risk tier (low/medium/high) with…
Score 70/100
Canonical phrasing for respectful disagreement without capitulation — structural resistance to sycophancy
Score 70/100
Analyze disaster prediction and early warning systems — model accuracy for flood, earthquake, wildfire, hurricane, and tsunami hazards, data pipeline reliability from sensor…
Score 70/100
Implement disaster recovery and backup strategies for Proxmox. Create and manage backups, test recovery procedures, and ensure business continuity for your infrastructure.
Score 70/100
Execute comprehensive disaster recovery tests, validate recovery procedures, and document lessons learned from DR exercises.
Score 70/100
Automatically discover cryptography skills when working with encryption, TLS, certificates, PKI, and security
Score 70/100
Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management.
Score 70/100
Analyze disk images and file systems for forensic investigation. Use when investigating data theft, insider threats, malware persistence, deleted file recovery, or any incident…
Score 70/100
Defense-in-depth, PII protection, secrets scanning, and secure packaging for distributed software
Score 70/100
Django security - CSRF protection, authentication, sessions, login/logout, password handling, middleware, protected views
Score 70/100
Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deployment configurations.
Score 70/100
Manage DNS records, routing policies, and failover configurations for high availability and disaster recovery.
Score 70/100
Runs Trivy against a Docker image and produces a prioritized CVE list grouped by severity with fix availability. Filters out CVEs with no available fix.
Score 70/100
Secure Docker containers and images with hardening, scanning, and secrets management
Score 70/100
Audits Dockerfiles for security vulnerabilities using Hadolint and Trivy container scanner. Recommends hardening steps based on CIS Docker Benchmark and Snyk container advisories.
Score 70/100
Automatically applies when writing function docstrings. Uses Google-style format with Args, Returns, Raises, Examples, and Security Note sections for proper documentation.
Score 70/100
Implement security best practices for Documenso document signing integrations. Use when securing API keys, configuring webhooks securely, or implementing document security…
Score 70/100
Systematically improve documentation quality from 7/10 → 9/10 using assessment checklists and transformation patterns.
Score 70/100
Security best practices for Dokploy templates: secrets management, network isolation, least privilege, image security, and hardening recommendations.
Score 70/100
Dokploy 셀프호스팅 PaaS 플랫폼의 전체 관리 스킬. SSH 및 API를 통한 서버 관리, 애플리케이션 배포, Docker Compose/Swarm 관리, 데이터베이스(PostgreSQL, MySQL, MongoDB, Redis) 관리, Traefik 리버스 프록시 설정, SSL 인증서(Let's Encrypt,…
Score 70/100
Configure Traefik labels for routing, SSL/TLS with LetsEncrypt, and advanced routing patterns including Cloudflare DNS challenge. Use when adding web access to Dokploy services.
Score 70/100