Use when building or writing the robustness-check section of an Economic-Research manuscript — organizes checks by the identification threat each one answers, not as an…
Systematically remove malware, backdoors, and attacker persistence mechanisms from infected systems while ensuring
An institutional grade security token contract that provides interfaces for the management and compliant transfer of security tokens.
Language-specific vulnerability hotspot reference for manual code audit. Trigger when the user asks to: "what sinks should I look for in Java?", "Python security hotspots",…
Deserialization vulnerability audit skill with gadget chain knowledge for all major languages. Trigger when the user asks to: "audit deserialization", "check for insecure…
Security-focused pull request and diff review skill for finding newly introduced vulnerabilities, risky regressions, and missing security tests in changed code.
Security remediation skill for fixing confirmed or likely SAST findings in source code. Trigger when the user asks to: "fix a vulnerability", "patch this security bug", "remediate…
General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabilities", "review code…
Serialization and deserialization security review skill for object mappers, parser pipelines, message formats, and state transfer mechanisms.
Threat modeling skill for new features, services, endpoints, or repositories. Trigger when the user asks to: "threat model this", "analyze attack surface", "find abuse cases",…
GHSA/CVE variant analysis workflow for finding similar vulnerability patterns across a codebase. Trigger when the user asks to: "find variants of this CVE", "GHSA variant…
Query Elasticsearch/Kibana using ES|QL via the Kibana async search API. Requires an initial curl command from the user to extract session credentials.
Essential 8 expert for Australian cyber security. Deep knowledge of ACSC Essential Eight mitigation strategies including 8 strategies, 3 maturity levels, implementation guidance,…
Monthly tenant review: lease expiration countdown, rent payment history, security deposit tracking, vacancy planning, and renewal decision workflow.
Use when decisions could affect groups differently and need to anticipate harms/benefits, assess fairness and safety concerns, identify vulnerable populations, propose risk…
EU NIS2 Directive (Directive (EU) 2022/2555) expert. Reference-depth knowledge of essential vs important entity classification, Article 20 governance, the Article 21 ten…
Manage Eufy Security (HomeBase S380 + SoloCam S340/E340) from the `eufy` CLI—capture snapshots, forward alarms to the Tuya hub, and change guard/alarm modes through…
Use when targeting European Symposium on Research in Computer Security (ESORICS) or deciding whether a computer-science manuscript fits this venue.
Author behavior evals for a change in five categories — Functional, Security, Performance, Accessibility, Drift — pinned to threshold floors per risk level (AXIS-26 §8.2, §8.3).
Structures green bond analysis with use-of-proceeds verification, impact reporting, and ICMA alignment.
Assesses spin-off equity with forced selling dynamics, orphaned security identification, and standalone valuation analysis.
Evaluates and selects Threat Intelligence Platform (TIP) products based on organizational requirements including
Use when completed work needs evaluation coverage audited across correctness, security, performance, and quality dimensions
EVE Frontier data pipelines — killmail ingestion, smart assembly tracking, entity normalization, polling architecture, and SQLite/PostgreSQL storage patterns.
Shield Event Monitoring: event log types, downloading logs via REST API and SOQL, real-time event monitoring with streaming API, and threat detection policies.
AI inference you own, forever powering your OpenClaw agents via the Morpheus decentralized network. Stake MOR tokens, access Kimi K2.5 and 30+ models, and maintain persistent…
Implement security best practices for Evernote integrations. Use when securing API credentials, implementing OAuth securely, or hardening Evernote integrations.
Normalize and correlate evidence across UI, API, security scans, and logs into a causal chain explanation and unified evidence bundle.
Evidence-capture and PoC-redaction discipline for bug-bounty submissions: cookie redaction protocol (which fields to mask, Preview annotation / Burp panel hiding / DevTools…
Threat-model a feature described as a user story. Generates evil user stories (AS/I/SO format) mapped to MITRE CWE weaknesses, each paired with a concrete security control.
Deep EVM bytecode analysis and decompilation capabilities for smart contract security, gas optimization, and reverse engineering.
Self-sovereign EVM wallet for AI agents. Use when the user wants to create a crypto wallet, check balances, send ETH or ERC20 tokens, swap tokens, or interact with smart…
Use when scout-report.md exists and TDD/Build hasn't started yet. Runs four lenses (CEO, Eng, Design, Security) in parallel on the task list and produces a verdict (PROCEED,…
Secure Exa API keys, implement content moderation, and manage domain restrictions. Use when securing API keys, auditing Exa security configuration, or implementing content safety…
Apply Exa security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Exa security configuration.
Sessione interattiva su canvas Excalidraw bidirezionale. Usa questa skill quando l'utente vuole discutere visivamente di un'idea, fare brainstorming su un canvas, disegnare…
Excalidraw is an open-source virtual whiteboard for creating hand-drawn style diagrams, wireframes, and sketches.
Guide the design and management of trading venue connectivity and market data infrastructure. Owns the FIX session layer (logon, heartbeats, sequence number gaps, resend and gap…
使い捨ての Python / shell スクリプトを sandbox 内で実行する前に、 haiku Agent で security pre-review を通して安全性を判定する。
Executes authorized attack simulations against Active Directory environments to identify misconfigurations,
Execute a comprehensive AI-driven development workflow with planning, implementation, multi-layer review (Sub-agents + /review + CodeRabbit CLI), automated fixes, and PR creation.
Executes authorized phishing simulation campaigns to assess an organization''s susceptibility to email-based
Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE),
Executes comprehensive red team exercises that simulate real-world adversary operations against an organization''s
Hands-off coding executor: one command → build → evaluate → localhost ready. Master controller, ephemeral ECC subagents, durable plan.dag.json state, deferred security review,…
Use when setting up or managing pentest environments with Exegol, launching offensive security containers, configuring VPN/network for engagements, or when the user mentions…
Use when the user wants to act on an audit, fix the findings in a line-check/bug-hunt/security-sweep report, work a prioritized backlog, or asks to "fix the findings", "work the…
Coordinate field feeding, hydration, ration quality, and expeditionary aquaculture fallback options for U.S.
Dodaje fakturę zakupu (koszt) do rejestru SQLite — zapisuje sprzedawcę, NIP, kwoty, kategorię, datę wpływu.
Use when designing or configuring public pages on an Experience Cloud site — guest user profile setup, page-level access settings in Experience Builder, object/field visibility…
Use when configuring access controls, sharing, or site security for authenticated or guest Experience Cloud (community) users: external OWD, Sharing Sets, Share Groups, CSP,…
Selects the most relevant experiences, projects, awards, and credentials from the master context based on JD keywords.
Dispatches `forge-expert` subagents in parallel — one per chosen domain — to produce focused analyses of a feature against the codebase before a plan is drafted.
Surfaces inconsistencies, opinion shifts, methodological flaws, and credential discrepancies across expert reports, transcripts, CVs, and publications for impeachment,…
ACTIVATE when the user asks for expert analysis in non-code domains like security audits, product management, competitive analysis, vendor evaluation, or architecture review.
Produces structured expert witness analyses covering qualifications, opinions, methodology, admissibility (Daubert/Frye), and cross-examination vulnerabilities.
Critiques opposing expert witness reports for admissibility challenges, disclosure deficiencies, and cross-examination vulnerabilities.
Analizuje endpoint Express — wyjaśnia co robi, jakie ma wektory ataku (OWASP), jak zabezpieczyć. Używaj przy nauce nowych endpointów lub security.
Explain the SOVD Security Helper project architecture, API, and purpose. Use when someone asks what this project does or needs onboarding context.
Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token lea — from…