Scans your project for outdated npm, pip, Cargo, Go, or Ruby packages. Runs a CVE security audit. Fetches changelogs, summarizes breaking changes with Gemini, and opens one PR per…
Vet new package dependencies before installation. Triggers when adding packages via pip, npm, yarn, or similar package managers.
Dependency Vulnerability Checker - Auto-activating skill for Security Fundamentals. Triggers on: dependency vulnerability checker, dependency vulnerability checker Part of the…
Scans project dependencies using OSV.dev API and Snyk CLI for known CVEs across npm, PyPI, Maven, and Go modules. Generates SBOM in CycloneDX format via syft.
Turns npm audit/Snyk results into prioritized patch plans with severity assessment, safe upgrade paths, breaking change analysis, and rollback strategies.
Deploys canary files (honeytokens) across file systems to detect ransomware encryption activity in real time.
Deploys and configures CrowdStrike Falcon EDR agents across enterprise endpoints to enable real-time threat
Deploys and monitors ransomware canary files across critical directories using Python''s watchdog library for
Deploys TCP Trojan proxy nodes on Xray-core with certbot Let's Encrypt or self-signed EC P-256 + SHA-256 certificate fingerprint pinning, TCP Fast Open kernel tuning with BBR,…
Query the Cancer Dependency Map (DepMap) for cancer cell line gene dependency scores (CRISPR Chronos), drug sensitivity data, and gene effect profiles.
Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate and audit workflows.
Check dependencies for vulnerabilities. Use when user asks to "audit dependencies", "/deps-audit", "check for vulnerabilities", or wants to check dependency health.
Comprehensive dependency management expertise covering TypeScript (npm, yarn, pnpm, bun), Rust (cargo), and Python (pip, poetry, uv).
Dependency-upgrade campaign — outdated scan, batch-by-severity, breaking-change remediation, lockfile audit.
Use before calling any design done, and for anything with concurrency, persistence, or external dependencies — risk-storm the design: attack it, then decide resilient vs fail-fast…
Build retention into visit burden, schedule, and engagement to lower the ~30% dropout, instead of re-recruiting. Reach for this when dropout threatens the timeline.
Design a Uniswap integration architecture. Use when user is building a project that needs to integrate Uniswap and wants recommendations on integration method (Trading API vs SDK…
Parallel design review by 6 specialist agents (PM, Architect, Designer, Security Design, UX, CTO) with mandatory unanimous approval.
Copilot agent that assists with systematic design review using ATAM (Architecture Tradeoff Analysis Method), SOLID principles, design patterns, coupling/cohesion analysis, error…
Use when analyzing user journeys, auditing UX quality, prototyping flows, or designing new pages/features from a product perspective.
Designs backend API error contracts with a REST-default approach using RFC 9457 Problem Details, stable machine-readable codes, retry semantics, validation error payloads,…
Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages.
Detects whether a user task contains multiple independent subtasks and splits it into a JSON array. Internal helper for orchestrate Phase 0.5; uses session credentials (no API…
Detects prompt injection attacks targeting LLM-based applications using a multi-layered defense combining regex
Detect and prevent API enumeration attacks including BOLA and IDOR exploitation by monitoring sequential identifier
Detects arbitrary read vulnerabilities by identifying unchecked array indexing and out-of-bounds memory access.
Detects arbitrary write vulnerabilities by identifying unchecked array indexing and out-of-bounds memory writes.
Detect and prevent ARP spoofing attacks using ARPWatch, Dynamic ARP Inspection, Wireshark analysis, and custom
Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition, Wonderware) that sit at the IT/OT
Detects and analyzes Bluetooth Low Energy (BLE) security attacks including sniffing, replay attacks, GATT enumeration
Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive
Detects stack and heap buffer overflow vulnerabilities in binary code by identifying unsafe memory operations.
Business Email Compromise (BEC) is a sophisticated fraud scheme where attackers impersonate executives, vendors,
Deploy AI and NLP-powered detection systems to identify business email compromise attacks by analyzing writing
Detects OS command injection vulnerabilities by identifying unsafe system/popen/exec calls with user-controlled input.
Detecting compromised cloud credentials across AWS, Azure, and GCP by analyzing anomalous API activity, impossible
Container escape is a critical attack technique where an adversary breaks out of container isolation to access
Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file
Detect DCSync attacks where adversaries abuse Active Directory replication privileges to extract password hashes
Detects AI-generated deepfake audio used in voice phishing (vishing) attacks by extracting spectral features
Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack
Detects double free vulnerabilities by identifying attempts to free the same memory block twice. Use when analyzing memory management, cleanup paths, or investigating heap…
Detect malicious email forwarding rules created by adversaries to maintain persistent access to email communications
Detects fileless malware and in-memory attacks that execute entirely in RAM without writing persistent files
Detects and analyzes fileless malware that operates entirely in memory using PowerShell, WMI, .NET reflection,
Detects format string vulnerabilities by identifying unsafe printf family function calls with user-controlled format strings.
Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT anomalies including mismatched encryption
Detect Kerberos Golden Ticket forgery by analyzing Windows Event ID 4769 for RC4 encryption downgrades (0x17),
Detects information disclosure vulnerabilities including sensitive data in logs, error message exposure, and memory leaks.
Detects various injection vulnerabilities including SQL injection, LDAP injection, XPath injection, and code injection.
Detect insider threat behavioral indicators including unusual data access, off-hours activity, mass file downloads,
Implement User and Entity Behavior Analytics using Elasticsearch/OpenSearch to build behavioral baselines, calculate
Detects integer overflow and underflow vulnerabilities in arithmetic operations used for buffer sizing or allocation.
Detect Kerberoasting attacks by monitoring for anomalous Kerberos TGS requests targeting service accounts with
Detect adversary lateral movement across networks using Splunk SPL queries against Windows authentication logs,
Detect abuse of legitimate Windows binaries (LOLBins) used for living off the land attacks. Monitors process
Detects logic bypass vulnerabilities including authentication bypass, authorization bypass, and business logic flaws.
Detects various memory corruption vulnerabilities beyond simple buffer overflows including heap overflow, stack smashing, and double free.
Detects and analyzes malicious behavior in mobile applications through behavioral analysis, permission abuse
Detect command injection attacks against Modbus TCP/RTU protocol in ICS environments by monitoring for unauthorized