Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework.
Score 70/100
Performs proactive threat hunting in Elastic Security SIEM using KQL/EQL queries, detection rules, and Timeline
Score 70/100
Use YARA pattern-matching rules to hunt for malware, suspicious files, and indicators of compromise across filesystems
Score 70/100
Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management,
Score 70/100
Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack
Score 70/100
Use OWASP Threat Dragon to create data flow diagrams, identify threats using STRIDE and LINDDUN methodologies,
Score 70/100
Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments
Score 70/100
Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities,
Score 70/100
Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution,
Score 70/100
Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG)
Score 70/100
Triage web application vulnerability findings from DAST/SAST scanners using OWASP risk rating methodology to
Score 70/100
Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers
Score 70/100
Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through
Score 70/100
Execute a wireless network penetration test to assess WiFi security by capturing handshakes, cracking WPA2/WPA3
Score 70/100
Conduct wireless network security assessments using Kismet to detect rogue access points, hidden SSIDs, weak
Score 70/100
Develop precise YARA rules for malware detection by identifying unique byte patterns, strings, and behavioral
Score 70/100
中文优先:用于Perl安全相关任务,帮助识别、设计、实现或验证对应工作流。English keywords: Comprehensive Perl security covering taint mode, input validation, safe process execution, DBI parameterized queries, web…
Score 70/100
Use when designing or reviewing permission-set-group architecture, especially profile minimization, group composition, muting strategy, and migration away from profile-heavy…
Score 70/100
Use when designing or auditing Salesforce access control — deciding between Profiles, Permission Sets, and Permission Set Groups.
Score 70/100
Apply Perplexity security best practices for API key management and query safety. Use when securing API keys, implementing query sanitization, or auditing Perplexity security…
Score 70/100
Keep searchable long-term memory for coding agents in a local SQLite store and expose it through MCP when sessions keep forgetting prior decisions, conventions, and useful…
Score 70/100
Configure Persona API authentication with sandbox and production API keys. Use when setting up identity verification, configuring API credentials, or initializing Persona in your…
Score 70/100
Secure Persona API keys, webhook secrets, PII handling in verification data. Use when working with Persona identity verification.
Score 70/100
Searches and downloads royalty-free images from Pexels API with smart filtering by orientation, color, and size.
Score 70/100
Build frontend Solana applications with Phantom Connect SDK and Helius infrastructure. Covers React, React Native, and browser SDK integration, transaction signing via Helius…
Score 70/100
Letter-sound relationships, decoding strategies, and word-attack skills for reading unfamiliar text. Covers alphabetic principle, phoneme-grapheme correspondences (single letters,…
Score 70/100
Picoclaw security posture skill with advisory awareness, configuration drift detection, and supply-chain verification guidance.
Score 70/100
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root…
Score 70/100
Deep GitHub Actions workflow expert. Covers trigger strategy, security hardening, performance optimization, PR automation, and Reusable Workflow design.
Score 70/100
Pipedream is a developer-focused workflow platform for connecting APIs and running automation logic in hosted workflows.
Score 70/100
Automate Pipedrive CRM operations including deals, contacts, organizations, activities, notes, and pipeline management via Rube MCP (Composio).
Score 70/100
Store and inject Salesforce auth URLs, JWT keys, and API credentials into CI without leaking them. NOT for runtime secrets in Apex.
Score 70/100
Use after completing any PRD, spec, plan, or code implementation — verifies that artifact-specific pitfalls (security, idempotency, integration contracts, edge cases, LLM output)…
Score 70/100
Security patterns for session keys, caching, logging, and environment variables. Use when implementing authentication, caching sensitive data, or setting up logging.
Score 70/100
Disciplined execution of approved plans with step-by-step verification, phase checkpoints, failure investigation, and mandatory code/security reviews.
Score 70/100
Automatically audits Claude Code plugins for security vulnerabilities, best practices, CLAUDE.md compliance, and quality standards when user mentions audit plugin, security…
Score 70/100
Expertise in FedRAMP POA&M lifecycle management, FedRAMP 20x VDR generation, and vulnerability classification using CISA KEV, EPSS, N-ratings, LEV/IRV, and NIST 800-53 control…
Score 70/100
PocketBase is an open-source Go backend that ships as a single portable executable. It includes an embedded SQLite database with realtime subscriptions, built-in file and user…
Score 70/100
Podium security basics — business messaging and communication platform integration. Use when working with Podium API for messaging, reviews, or payments.
Score 70/100
Policy-as-code enforcement and compliance validation using Open Policy Agent (OPA). Use when: (1) Enforcing security and compliance policies across infrastructure and…
Score 70/100
Validates PopKit security posture using concrete vulnerability patterns, automated secret scanning, and OWASP-aligned checklists
Score 70/100
Perform Porter's Five Forces analysis — competitive rivalry, supplier power, buyer power, threat of substitutes, and threat of new entrants.
Score 70/100
Audit investment portfolio management software for mean-variance optimization, Black-Litterman model, risk parity allocation, VaR/CVaR risk metrics, Brinson performance…
Score 70/100
Secure PostHog integration: API key management, project key vs personal key separation, secret rotation, scoped keys, and git-leak prevention.
Score 70/100
Conception de dashboards Power BI — DAX, modèle de données, visualisations avancées et Row-Level Security.
Score 70/100
Design presentation visuals and slide layouts. Create visual concepts, suggest graphics, and provide design specifications for impactful PowerPoint slides.
Score 70/100
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
Score 70/100
Pragmatics and communicative competence across languages -- speech acts (Austin/Searle), Grice's conversational maxims and implicature, politeness theory (Brown & Levinson),…
Score 70/100
Audit manufacturing predictive maintenance systems for OPC-UA/MQTT sensor data pipelines, time-series storage retention, ML model lifecycle (training-serving skew, drift…
Score 70/100
Tracks the latest preprints and emerging research topics related to your topic across bioRxiv, medRxiv, and arXiv.
Score 70/100
Complete PrestaShop module development workflow using modern architecture and best practices. Use when: creating new PrestaShop modules, updating legacy modules to modern code,…
Score 70/100
Generate strategy documents from completed Primr research. Use when the user wants AI, CX, security, or data strategy deliverables from an existing report.
Score 70/100
Security design principles — trust boundaries and input validation, authentication vs authorization, secrets handling, secure defaults and defense in depth, lightweight threat…
Score 70/100
The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum
Score 70/100
You are an expert in Prisma ORM with deep knowledge of schema design, migrations, query optimization, relations modeling, and database operations across PostgreSQL, MySQL, and…
Score 70/100
Use when building apps that collect user data. Ensures privacy protections are built in from the start—data minimization, consent, encryption.
Score 70/100
Comprehensive knowledge about Linux privilege escalation. Provides methodologies for enumerating and exploiting privesc vectors including SUID binaries, sudo permissions,…
Score 70/100
Provide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems.
Score 70/100
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve.
Score 70/100
OWASP ZAP/Burp Suite/Nuclei integration, penetration test planning, DAST execution, and vulnerability scanning.
Score 70/100