Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security…
Score 70/100
Secure environment variable management with Varlock. Use when handling secrets, API keys, credentials, or any sensitive configuration.
Score 70/100
Manage training data and model artifacts securely on Vast.ai GPU instances. Use when transferring data to instances, managing checkpoints, or implementing secure data lifecycle on…
Score 70/100
Apply Vast.ai security best practices for API keys and instance access. Use when securing API keys, hardening SSH access to GPU instances, or auditing Vast.ai security…
Score 70/100
Manages secret lifecycle through the HashiCorp Vault HTTP API v1. Rotates database credentials via Vault dynamic secrets engine and syncs to Kubernetes via External Secrets…
Score 70/100
Verifies encryption workflows with HashiCorp Vault Transit endpoints like `/encrypt`, `/decrypt`, and `/rewrap`, plus key metadata inspection.
Score 70/100
Mutation-driven test vector generation. Finds implementations of a cryptographic algorithm or protocol, runs mutation testing to identify escaped mutants, then generates new test…
Score 70/100
Veeva Vault security basics for REST API and clinical operations. Use when working with Veeva Vault document management and CRM. Trigger: "veeva security basics".
Score 70/100
Conducts comprehensive vendor security assessments. Evaluates vendor security posture, identifies risks, and generates assessment reports with recommendations.
Score 70/100
Framework for assessing IT service providers, technology vendors, and third-party partners. Creates structured risk assessments across financial, operational, compliance,…
Score 70/100
Analyze vendor management systems for performance scorecards, third-party risk assessment, SLA enforcement, vendor rationalization, and relationship governance.
Score 70/100
Use Venice as a pay-per-call JSON-RPC proxy to 20+ EVM and Starknet networks. Covers GET /crypto/rpc/networks, POST /crypto/rpc/{network}, the 1×/2×/4× method-tier pricing model,…
Score 70/100
Apply Vercel security best practices for secrets, headers, and access control. Use when securing API keys, configuring security headers, or auditing Vercel security configuration.
Score 70/100
Security intelligence for code analysis. Detects SQL injection, XSS, CSRF, authentication issues, crypto failures, and more.
Score 70/100
Detection Engineering agent. Designs Sigma/YARA rules, maps detection coverage, designs threat hunting hypotheses, executes Purple Team Blue side, and integrates Detection-as-Code…
Score 70/100
Check file hashes, URLs, domains, and IP addresses against 70+ antivirus engines and threat intelligence feeds via VirusTotal
Score 70/100
Designing and debugging Visualforce pages: standard/custom controllers, view state management, CSRF and SOQL injection security, PDF rendering, Visualforce email templates.
Score 70/100
Vocabulary learning strategies and retention science for any language -- frequency-based word selection, spaced repetition systems (Ebbinghaus forgetting curve, Leitner system,…
Score 70/100
Analyze volunteer management platforms for skill-based matching algorithms, shift scheduling optimization, availability tracking, and retention analysis.
Score 70/100
Look up a vulnerability by ID or list all vulnerabilities for a package
Score 70/100
Composes multi-step exploit chains by correlating vulnerabilities across domains, calculates real impact of chained findings, generates end-to-end PoC scripts, and produces bug…
Score 70/100
Analyze dependency or ecosystem risk and produce remediation and advisory packets.
Score 70/100
Analyse et évalue les vulnérabilités d'un système ou d'une application. À utiliser pour comprendre et prioriser les vulnérabilités.
Score 70/100
Vulnerability Report Generator - Auto-activating skill for Security Advanced. Triggers on: vulnerability report generator, vulnerability report generator Part of the Security…
Score 70/100
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
Score 70/100
Generalist agent that plans, browses, executes shell commands, and writes files.
Score 70/100
Waf Rule Creator - Auto-activating skill for Security Advanced. Triggers on: waf rule creator, waf rule creator Part of the Security Advanced skill category.
Score 70/100
Full security audit — secrets, dependencies, IAM, auth, injection, XSS, HTTPS, rate limiting, public storage.
Score 70/100
Produce a hardening spec and implement it — auth patterns, security headers, rate limiting, input validation, secrets management, dependency hygiene.
Score 70/100
Security reconnaissance — full inventory of secrets management, IAM, dependencies, auth, encryption, audit logging, and compliance gaps.
Score 70/100
Produce a threat model — assets, ranked threats, mitigations, accepted risks. Use when asked to "threat model this", "what could go wrong security-wise", "map our attack surface",…
Score 70/100
Poll the Anthropic plugin marketplace manifest until "channelhub" appears, then notify the user. Use when waiting for the security review to land — the submission portal shows…
Score 70/100
Apply modern web development best practices for security, compatibility, and code quality. Use when asked to "apply best practices", "security audit", "modernize code", "code…
Score 70/100
Expert 10x engineer with comprehensive knowledge of web development, internet protocols, and web standards.
Score 70/100
OWASP Top 10, security headers, CSP, XSS prevention, and vulnerability prevention.
Score 70/100
Expert guidance on identifying and mitigating common web vulnerabilities from a bug hunter's perspective.
Score 70/100
Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.
Score 70/100
Web2 recon pipeline — subdomain enumeration (subfinder, Chaos API, assetfinder), live host discovery (dnsx, httpx), URL crawling (katana, waybackurls, gau), directory fuzzing…
Score 70/100
Complete reference for 18 web2 bug classes with root causes, detection patterns, bypass tables, exploit techniques, and real paid examples.
Score 70/100
Smart contract security audit — 10 DeFi bug classes (accounting desync, access control, incomplete path, off-by-one, oracle, ERC4626, reentrancy, flash loan, signature replay,…
Score 70/100
Go-to-market strategy for web3 builders - protocols, products, services, and solo founders. Use when planning growth for a crypto protocol, building developer community, crafting…
Score 70/100
Automated web application vulnerability scanner and exploit generator starting from domains or URLs. Tests for SQLi, XSS, SSRF, IDOR, SSTI, authentication bypass, file upload…
Score 70/100
Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions.
Score 70/100
Automated SQL injection detection and exploitation tool for web application security testing. Use when: (1) Testing web applications for SQL injection vulnerabilities in…
Score 70/100
Web security assessment. USE WHEN web assessment, pentest, security testing, vulnerability scan. SkillSearch('webassessment') for docs.
Score 70/100
Execute Webflow production deployment checklist — token security, rate limit hardening, health checks, circuit breakers, gradual rollout, and rollback procedures.
Score 70/100
Apply Webflow API security best practices — token management, scope least privilege, OAuth 2.0 secret rotation, webhook signature verification, and audit logging.
Score 70/100
Use when conducting a formal Salesforce Well-Architected Framework (WAF) review of an org or solution design.
Score 70/100
Use when the user is facing, or about to face, a negotiation where the counterparty's first move is shock-and-awe — a maximalist demand, a public ultimatum, a surprise threat, or…
Score 70/100
Code style and conventions audit with auto-fix capabilities for comprehensive style enforcement
Score 70/100
Comprehensive security auditing across static analysis, dynamic testing, dependency vulnerabilities, secrets detection, and OWASP compliance
Score 70/100
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management.
Score 70/100
Configure Claude Code sandbox security with file system and network isolation boundaries. Ensures safe code execution with proper access controls and resource limits.
Score 70/100
Use when conducting comprehensive code review for pull requests across multiple quality dimensions. Orchestrates 12-15 specialized reviewer agents across 4 phases using star…
Score 70/100
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
Score 70/100
Complete WordPress white-labeling using FREE plugins only - ASE, Branda, White Label CMS, Admin Menu Editor.
Score 70/100
Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements.
Score 70/100
Configure AI interaction audit logging for compliance. Activate when users mention "audit logging", "compliance logging", "ai interaction logs", "security audit", or "activity…
Score 70/100
Analyze and update dependencies with vulnerability scanning. Activate when users mention "update dependencies", "security audit", "npm audit", "vulnerability scan", or "dependency…
Score 70/100
Apply Windsurf security best practices for workspace isolation, data privacy, and secret protection. Use when securing sensitive code from AI indexing, configuring telemetry, or…
Score 70/100