Google Workspace administration via the gws CLI. Install, authenticate, and automate Gmail, Drive, Sheets, Calendar, Docs, Chat, and Tasks.
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as ha — from…
Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance.
Develops custom WordPress themes and plugins, creates and registers Gutenberg blocks and block patterns, configures WooCommerce stores, implements WordPress REST API endp — from…
Chat Shared Conversation To File - Convert ChatGPT, Gemini, Grok, and Claude share links to clean Markdown + HTML transcripts.
Initialize Correctless and run a project health check. Detects stack, configures workflow, bootstraps docs, checks security/quality/CI/testing hygiene, and offers to fix gaps.
Configure Content Security Policy via Trusted URLs and CSP Trusted Sites so Lightning, LWR, and LWC can call third-party scripts, APIs, and frame sources.
Parses and evaluates Content Security Policy headers using csp-parse and csp-evaluator libraries. Identifies overly permissive directives, missing protections, and generates…
Debug CSRF token issues and authentication problems including 403 Forbidden errors, cookie issues, JWT tokens, OAuth flows, and session management.
Finding Cross-Site Request Forgery (CSRF) vulnerabilities in web applications by mapping state-changing actions, checking browser-automatic credential use, evaluating CSRF tokens,…
Implement Cross-Site Request Forgery (CSRF) protection using tokens, SameSite cookies, and origin validation. Use when building forms and state-changing operations.
To prevent cross-site request forgery. Use when: Tokens and SameSite cookies; When the specific requirement for CSRF Protection Strategies arises in the project.
Csrf Protection Validator - Auto-activating skill for Security Fundamentals. Triggers on: csrf protection validator, csrf protection validator Part of the Security Fundamentals…
CT Monitor — Crypto Intelligence Analyst. Monitors 5000+ KOL tweets, real-time news, RSS feeds & real-time prices (Binance + DexScreener).
OpenClaw 多模式安全巡检工具:默认本地离线扫描,可选联网威胁情报上报。 功能范围:读取系统敏感信息(MAC 地址、主机名、系统日志、完整 Skill 清单)执行本地安全检测;在本机持久化保存扫描报告与安全基线;可选通过 --push 模式将摘要数据上传至 auth.ctct.cn 获取威胁情报评分(需用户显式同意);可选通过 openclaw…
CTF challenge ana orkestratörü — kategori tespiti, modern saldırı patern tanıma, ilgili skill arama, cross-skill zincir koordinasyonu, hızlı referans erişim.
Provides AI and machine learning techniques for CTF challenges. Use when attacking ML models, crafting adversarial examples, performing model extraction, prompt injection,…
Root-Me app-system (SSH-only): ELF x86/x64/ARM64 & Windows Kernel x64. No local GDB. Libc.rip fingerprint, patchelf, ret2libc/ROP/ret2dlresolve, FSOP glibc 2.35+, BROP, ARM64…
Cryptography techniques for CTF challenges. Use when attacking encryption, hashing, ZKP, signatures, or mathematical crypto problems.
Digital forensics and blockchain analysis for CTF challenges. Use when analyzing disk images, memory dumps, event logs, network captures, or cryptocurrency transactions.
Malware and network analysis techniques for CTF challenges. Use when analyzing obfuscated scripts, malicious packages, custom protocols, or C2 traffic.
Miscellaneous CTF challenge techniques. Use for trivia, automation scripts, encoding puzzles, RF/SDR signal processing, or challenges that don't fit other categories.
Open Source Intelligence techniques for CTF challenges. Use when gathering information from public sources, social media, geolocation, or identifying unknown data.
Binary exploitation (pwn) techniques for CTF challenges. Use when exploiting buffer overflows, format strings, heap vulnerabilities, race conditions, or kernel bugs.
Solve CTF reverse engineering challenges using systematic analysis to find flags, keys, or passwords.
Reverse engineering techniques for CTF challenges. Use when analyzing binaries, game clients, obfuscated code, or esoteric languages.
Solve CTF (Capture The Flag) challenges by analyzing challenge descriptions, source code, and interacting with challenge environments to capture flags.
Web exploitation techniques for CTF challenges. Use when solving web security challenges involving XSS, SQLi, CSRF, file upload bypasses, JWT attacks, Web3/blockchain exploits, or…
CTF Web 挑战专用侦察方法。当面对 CTF 靶场目标需要快速发现攻击入口时使用。与真实渗透的 recon 不同——CTF 是单个应用、有意留线索、侦察应在 2-3 轮内完成。覆盖源码泄露、备份文件、隐藏路径、页面线索提取
当用户正在进行 CTF 比赛或练习,遇到 Web 类型题目时触发此 Skill。 适用场景包括: - 用户描述了 SQL 注入、XSS、SSRF、SSTI、XXE、文件包含、命令执行等 Web 安全问题 - 用户需要进行信息搜集、目录扫描、端口扫描等渗透前期工作 - 用户遇到 PHP 特性利用、反序列化、JWT 伪造等高级攻击场景 - 用户提及…
Generates a single standardized submission-style CTF writeup for competition handoff and organizer review.
Conduct a CTO-perspective technical strategy review of a codebase. Evaluates architecture decisions and build-vs-buy trade-offs, scaling readiness at 10x and 100x, engineering…
Expert methodology for identifying, assessing, and mitigating technical and operational risks including security, incidents, compliance, and disaster recovery.
Drafts a submission-ready C-TPAT Security Profile from verified company records for U.S. CBP enrollment, recertification, or validation prep.
Define semantic layer cubes with Drizzle ORM tables, including dimensions, measures, time dimensions, and security context.
Interroger les cubes UNISIS S3 (Statistiques en Self-Service) de l'Université de Lausanne via le CLI `cube`.
Run AI-powered code reviews using Cubic CLI to detect bugs, security vulnerabilities, and style issues in local changes.
Best practices for using Cursor—rules, commands, skills, subagents, ignore files, Agent security, workflows, and community resources.
Compliance and security auditing for Cursor IDE usage: SOC 2, GDPR, HIPAA assessment, evidence collection, and remediation.
Avoid common Cursor IDE pitfalls: AI feature mistakes, security gotchas, configuration errors, and team workflow issues.
Configure Cursor privacy mode, data handling, telemetry, and sensitive file exclusion. Triggers on "cursor privacy", "cursor data", "cursor security", "privacy mode", "cursor…
Production readiness checklist for Cursor IDE setup: security, rules, indexing, privacy, and team standards.
Create and manage TMDD threat models grounded in actual codebase architecture. Use when the user wants to threat-model a system, add a feature, create security threat mappings,…
Summarizes custody evaluation reports into a structured memorandum covering evaluator credentials, methodology, parental findings, recommendations, and best-interests factor…
Use when building custom Apex-based actions for Agentforce agents: designing @InvocableMethod classes for Atlas Reasoning Engine invocation, defining input/output schema, handling…
Use when creating a new custom field on any Salesforce object: choosing field type, setting API name, configuring Field-Level Security, adding to page layouts, and deploying.
Use when designing or implementing a custom logging framework in Apex: log sObject schema, log level gating, retention policies, batch purge jobs, and forwarding logs to external…
Use when designing deployable Salesforce configuration with Custom Metadata Types, especially when choosing between CMTs, Custom Settings, and Custom Objects, protecting packaged…
Use when choosing between Custom Metadata Types and Custom Settings, understanding hierarchical vs list settings, deployment behavior, governor limit implications, or accessing…
Create and run custom background analysis workers with composable phases. Use when you need automated code analysis, security scanning, pattern learning, or API documentation…
Universal, multi-agent, VISION-VERIFIED audit that makes any app, website, tool, CLI, API, or MCP server genuinely great.
Install and configure Customer.io SDK/CLI authentication. Use when setting up a new Customer.io integration, configuring API keys, or initializing Customer.io in your project.
Apply Customer.io security best practices. Use when implementing secure credential storage, PII handling, webhook signature verification, or GDPR/CCPA compliance.
60-günlük Görüntü İşleme / Üretken Modeller / RL müfredatının kişisel öğretmeni. Kullanıcı bir gün/konu sorduğunda (örn.
CVE research, standalone PoC script and report generation. Given a CVE ID, researches NVD and advisories, generates a safe Python PoC, and writes a detailed vulnerability report.
Remediate dependency vulnerability scanner failures by verifying live package registry data and upgrading instead of suppressing.
Searches the NIST NVD database for CVE vulnerabilities using API 2.0. Returns CVE details, CVSS scores, affected software, and references.
Эксперт CVE tracking. Используй для vulnerability management, security advisories и patch prioritization.
Look up CVE vulnerability details by ID via MITRE CVE API with NVD fallback — severity, CVSS score, affected products, and references
Score a vulnerability with CVSS v3.1: derive the base metric vector, compute the score and severity rating, and explain each metric choice.