Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation,
Score 70/100
Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications
Score 70/100
Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack
Score 70/100
Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network
Score 70/100
Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration
Score 70/100
Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests
Score 70/100
Detecting and exploiting SQL injection vulnerabilities using sqlmap to extract database contents during authorized
Score 70/100
Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker,
Score 70/100
Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent
Score 70/100
The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7.
Score 70/100
Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure
Score 70/100
Exploit the Zerologon vulnerability (CVE-2020-1472) in the Netlogon Remote Protocol to achieve domain controller
Score 70/100
Analyze exploit intelligence for a vulnerability against the current repository
Score 70/100
Deploy resource optimization and opportunity cost awareness mode. Use when need to balance exploration vs exploitation, feel trade-offs viscerally, or optimize portfolio thinking.
Score 70/100
Comprehensive audit of Expo/React Native app API integration layer. Use when asked to: (1) Review API interactions, auth handling, or token management, (2) Find hardcoded data or…
Score 70/100
Apply consistent React Native + Expo conventions for project structure, Expo Router navigation, theming primitives, icons, sqlite data patterns, safe area handling, and bun/bunx…
Score 70/100
Express.js middleware patterns, routing, error handling, security, and production best practices.
Score 70/100
Extract embedded configuration from Agent Tesla RAT samples including SMTP/FTP/Telegram exfiltration credentials,
Score 70/100
Extract cached credentials, password hashes, Kerberos tickets, and authentication tokens from memory dumps using
Score 70/100
Extracts indicators of compromise (IOCs) from malware samples including file hashes, network indicators (IPs,
Score 70/100
Intelligent prompt pattern system with 240+ specialized patterns for content analysis, extraction, and transformation.
Score 70/100
Fabric is an open-source framework for augmenting humans using AI. It provides a modular system of crowdsourced prompt patterns that solve specific problems—from summarizing…
Score 70/100
Native Fabric pattern execution for Claude Code. USE WHEN processing content with Fabric patterns (extract_wisdom, summarize, analyze_claims, threat modeling, etc.).
Score 70/100
Intelligent pattern selection for Fabric CLI. Automatically selects the right pattern from 242+ specialized prompts based on your intent - threat modeling, analysis,…
Score 70/100
Identify potential failure modes and assess system vulnerabilities for pilot workflows and integrations.
Score 70/100
Monitors container runtime events using Falco sysdig libraries and sends alerts on suspicious syscall patterns.
Score 70/100
Audit sicurezza OWASP avanzato per pre-lancio. Checklist completa. Trigger: "audit sicurezza", "OWASP", "penetration test", "security review"
Score 70/100
Expert in securing FastAPI applications with JWT tokens and Better Auth. Use this when implementing authentication middleware, route protection, and user isolation.
Score 70/100
Guides development of Fastify Node.js backend servers and REST APIs using TypeScript or JavaScript. Use when building, configuring, or debugging a Fastify application — including…
Score 70/100
Build Model Context Protocol (MCP) servers - comprehensive coverage of generic MCP protocol AND FastMCP framework specialization.
Score 70/100
Secure Fathom API keys and handle meeting data privacy. Trigger with phrases like "fathom security", "fathom api key safety", "fathom privacy".
Score 70/100
Senior FDA consultant and specialist for medical device companies including HIPAA compliance and requirement management.
Score 70/100
FDA regulatory consultant for medical device companies. Provides 510(k)/PMA/De Novo pathway guidance, QSR (21 CFR 820) compliance, HIPAA assessments, and device cybersecurity.
Score 70/100
Assess FedRAMP/StateRAMP readiness — impact levels, control baselines, 3PAO requirements
Score 70/100
FedRAMP 20X modernization expert. Provides guidance on Key Security Indicators (KSIs), continuous monitoring automation, machine-readable policies, and the new automated…
Score 70/100
FedRAMP Rev 5 authorization expert. Provides guidance on traditional authorization paths, SSP/SAP/SAR/POA&M documentation, NIST 800-53 Rev 5 control implementation, and 3PAO…
Score 70/100
Expertise on FedRAMP SSP authoring — what the DOCX templates contain, what OSCAL 1.2.0 SSP looks like for FedRAMP, how this plugin fits alongside Compliance Trestle and oscal-cli.
Score 70/100
Expert knowledge for running winter festival operations covering customer experience, security, vendor relations, lost & found, and marketing communications
Score 70/100
Use when writing cross-origin fetch() calls that require cookies or session auth to ensure `credentials: 'include'` is set.
Score 70/100
Complete live streaming and protocol system for FFmpeg 7.1 LTS and 8.0.1 (latest stable, released 2025-11-20).
Score 70/100
Query Binance fiat payment capabilities — supported countries, currencies, payment methods, limits, and crypto prices — via public APIs, plus authenticated order/payment history…
Score 70/100
Focuses on routing, CSRF protection, context handling, and template usage within the internal handlers directory.
Score 70/100
Salesforce Shield Field Audit Trail: configuration, retention policies, querying archived field data, compliance requirements.
Score 70/100
Enforce security policies and coding standards for Figma API integrations. Use when setting up linting rules for Figma tokens, preventing accidental credential leaks, or enforcing…
Score 70/100
Secure Figma API tokens, configure scopes, and validate webhook signatures. Use when securing API keys, implementing least-privilege scopes, or auditing Figma security…
Score 70/100
Identify and exploit file path traversal (directory traversal) vulnerabilities that allow attackers to read arbitrary files on the server, potentially including sensitive…
Score 70/100
Encrypt/decrypt local files, redact sensitive information in documents, and validate password strength when handling private data or preparing files for sharing.
Score 70/100
Complete guide for implementing file uploads in IntelliFill with React-dropzone frontend, Multer backend, file validation, Bull queue processing, and security best practices
Score 70/100
Use when designing malware and content scanning for files uploaded to Salesforce (Files, Attachments, ContentVersion) — external scanning service callouts, quarantine patterns,…
Score 70/100
Audit fintech and financial services code for KYC/AML (CIP, CDD, EDD, sanctions screening, transaction monitoring), BSA (SAR/CTR filing, FinCEN reporting, Travel Rule), Reg E (EFT…
Score 70/100
Parse and analyze personal financial transaction CSV exports to calculate account totals and generate detailed breakdowns.
Score 70/100
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit code on the current…
Score 70/100
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit code on the current…
Score 70/100
Configure identify security misconfigurations in infrastructure-as-code, application settings, and system configurations.
Score 70/100
Secure Finta fundraising data and investor information. Trigger with phrases like "finta security", "finta data privacy".
Score 70/100
Automate Finta pipeline events with Zapier and email triggers. Use when setting up notifications for investor responses, automating follow-up reminders, or syncing events to other…
Score 70/100
Scaffold a production-ready financial services API -- generate a complete fintech backend with Plaid bank account linking and transaction sync, ACH/wire/card payment processing…
Score 70/100
Pre-launch compliance and security gate for fintech apps: audit PCI DSS payment card handling, review financial API integrations for idempotency and error handling, evaluate fraud…
Score 70/100
Security and type safety standards for FinWiz including API key management, input validation, and mypy strict mode.
Score 70/100
Apply Firecrawl security best practices for API key management and webhook verification. Use when securing API keys, implementing webhook signature validation, or auditing…
Score 70/100