Detect SQL injection vulnerabilities in a codebase using a three-phase approach: recon (find unsafe SQL construction sites), batched verify (trace user input to those sites in…
Score 70/100
Detect Server-Side Request Forgery (SSRF) vulnerabilities in a codebase using a three-phase approach: recon (find outbound call sites), batched verify (trace user input to…
Score 70/100
Detect Server-Side Template Injection (SSTI) vulnerabilities in a codebase using a three-phase approach: recon (find template rendering sites that use dynamic strings), batched…
Score 70/100
Detect Cross-Site Scripting (XSS) vulnerabilities in a codebase using a three-phase approach: recon (find HTML/JS/DOM sink sites), batched verify (trace user input to sinks in…
Score 70/100
Detect XML External Entity (XXE) vulnerabilities in a codebase using a three-phase approach: recon (find XML parsing sites without external-entity hardening), batched verify…
Score 70/100
Generate a Software Bill of Materials (SBOM) from your AWS environment and scan for vulnerable/compromised packages.
Score 70/100
Generates Software Bill of Materials using Syft for container images and matches components against the NVD CVE database via OSV.dev API.
Score 70/100
Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives.
Score 70/100
Generates Software Bill of Materials using Syft and scans for CVEs with Grype. Cross-references findings against the NVD and OSV databases for comprehensive vulnerability…
Score 70/100
REST, GraphQL, and gRPC API security audit — authentication, authorization, data exposure, and configuration
Score 70/100
Clickjacking and UI redressing detection — missing frame protection headers and CSP frame-ancestors
Score 70/100
Cryptography misuse detection — weak algorithms, ECB mode, static IVs, weak PRNG, and key management flaws
Score 70/100
Cross-Site Request Forgery detection — missing tokens, SameSite misconfiguration, and CORS-CSRF interaction
Score 70/100
Incremental security scan for changed files only — optimized for PR and commit-level reviews
Score 70/100
Infrastructure-as-Code security scanning — Dockerfile, Kubernetes, Terraform, and GitHub Actions misconfigurations
Score 70/100
Master orchestration skill that coordinates the entire 4-phase security scanning pipeline
Score 70/100
Path traversal and directory traversal detection — LFI, RFI, zip slip, and symlink attacks
Score 70/100
Final consolidated security assessment report generator with CVSS severity and remediation roadmap
Score 70/100
Hardcoded secrets, API keys, tokens, credentials, and private key detection in source code
Score 70/100
SQL Injection detection across all variants — classic, blind, time-based, second-order, and UNION-based
Score 70/100
Cross-Site Scripting detection for Reflected, Stored, and DOM-based XSS across all frameworks
Score 70/100
Software Composition Analysis (SCA) using Synopsys Black Duck for identifying open source vulnerabilities, license compliance risks, and supply chain security threats with CVE,…
Score 70/100
Software Composition Analysis (SCA) and container vulnerability scanning using Aqua Trivy for identifying CVE vulnerabilities in dependencies, container images, IaC…
Score 70/100
Run a pre-trust security pass over skill packs and prompt bundles before they get shared, merged, or deployed.
Score 70/100
Use Agentic Radar to statically scan agent workflows, map tools and MCP servers, generate shareable security reports, and optionally run adversarial runtime tests before rollout.
Score 70/100
Generate a reviewable security report for a supported agent workflow before deployment by scanning its code, tools, MCP usage, and known vulnerability surface.
Score 70/100
Run Kubernetes security and compliance scans against manifests or live clusters before rollout or audit.
Score 70/100
Run MCP Scanner against a remote or local MCP server before trusting it, so the agent gets a bounded security review of tools, prompts, resources, dependencies, and supply-chain…
Score 70/100
Catch insecure Python calls, weak crypto usage, shell injection risks, and similar patterns before merge or release.
Score 70/100
Use Medusa Security before trusting a repository, dependency, or AI-agent codebase when an agent needs a focused scan for repo poisoning, prompt-injection, MCP, and AI…
Score 70/100
Check repositories and CI surfaces for Shai-Hulud 2.0 compromise indicators when the task is targeted supply-chain triage, not generic malware scanning.
Score 70/100
Detect API security vulnerabilities including injection, broken auth, and data exposure. Use when scanning APIs for security vulnerabilities.
Score 70/100
Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable
Score 70/100
Detect exposed secrets, API keys, and credentials in code. Use when auditing for secret leaks. Trigger with 'scan for secrets', 'find exposed keys', or 'check credentials'.
Score 70/100
Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network
Score 70/100
Scan for input validation vulnerabilities and injection risks. Use when reviewing user input handling.
Score 70/100
Detect significant price movements and unusual volume across crypto markets. Calculates significance scores combining price change, volume ratio, and market cap.
Score 70/100
Performs advanced network reconnaissance using Nmap''s scripting engine, timing controls, evasion techniques,
Score 70/100
Unified repo security scanner for scientific Python projects — one call orchestrates `bandit` (Python AST security linter), `shellcheck` (shell-script linter), `pip-audit` (Python…
Score 70/100
Unified dataset-discovery API across 7 scientific repositories — OpenNeuro + DANDI + PhysioNet (neuroscience, BIDS + NWB), Zenodo + Scientific Data (general), GEO (gene…
Score 70/100
Relational-DB wrapper for scientific Python — `SQLite3` and `PostgreSQL` classes composed from a dozen shared mixins (connection, transaction, query, schema, index, row/batch ops,…
Score 70/100
Use kube-score to statically review Kubernetes YAML or rendered Helm output for rollout risks, weak defaults, and resilience gaps before merge or deploy.
Score 70/100
Check a repository against OpenSSF security heuristics before you trust it as a dependency, approve it for use, or ship from it.
Score 70/100
Use SafeDep Vet as a pre-adoption gate when an agent, maintainer, or CI pipeline is about to add a new dependency or import a skill repository and needs malware and policy signals…
Score 70/100
Literature search and citation management for medical research. Searches PubMed, Semantic Scholar, and bioRxiv/medRxiv with verified citations.
Score 70/100
Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor…
Score 70/100
Prevent secret leakage across git history, package artifacts, logs, and docs. Use when editing workflows, packaging configuration, environment files, or release automation.
Score 70/100
Secure credential intake via local web form. Spin up a one-page server on Tailscale, paste keys, upload PEM/JSON files, hit submit — secrets land in .hex/secrets/ with 600 perms…
Score 70/100
Detect accidentally committed secrets, credentials, and sensitive information in code.
Score 70/100
Audit codebases for leaked secrets and hardcoded credentials, generate .env templates, configure secrets management with AWS Secrets Manager, Vault, Doppler, or GCP Secret…
Score 70/100
Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern…
Score 70/100
Détecte les secrets, clés API et credentials exposés dans le code. À utiliser pour vérifier qu'aucun secret n'est dans le code.
Score 70/100
Security news aggregation from tldrsec, no.security, and other sources. USE WHEN security news, security updates, what's new in security, breaches, security research, sec updates.
Score 70/100
Full-stack security posture assessment with 0-100 risk scoring. Scans dependency vulnerabilities (npm audit, pip-audit, cargo audit, govulncheck), dangerous code patterns (SQL…
Score 70/100
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing…
Score 70/100
Build and ship features with security baked in — runs OWASP Top 10 pre-scan, builds and ships with /ship, validates with post-build security review, then penetration tests the…
Score 70/100
Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual…
Score 70/100
Use when writing or reviewing code that handles external input, manages access, touches data or crypto, or changes dependencies.
Score 70/100
Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image
Score 70/100
Harbor is an open-source container registry that provides security features including vulnerability scanning
Score 70/100