Wycheproof provides test vectors for validating cryptographic implementations. Use when testing crypto code for known attacks and edge cases.
Use when writing or reviewing Visualforce pages, Apex controllers, or LWC components that output user-supplied data, build dynamic queries, or construct HTTP responses.
Execute comprehensive client-side injection vulnerability assessments on web applications to identify XSS and HTML injection flaws, demonstrate exploitation techniques for session…
Prévenir les attaques XSS. Utiliser quand on affiche du contenu dynamique ou sanitize des entrées utilisateur.
Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.
Xss Vulnerability Scanner - Auto-activating skill for Security Fundamentals. Triggers on: xss vulnerability scanner, xss vulnerability scanner Part of the Security Fundamentals…
Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules.
Orchestrates OWASP ZAP security scans via the ZAP API with automated spider, active scanner, and authentication sequence configuration.
Zapier Integration Helper - Auto-activating skill for Business Automation. Triggers on: zapier integration helper, zapier integration helper Part of the Business Automation skill…
Builds a Zapier automation using the Zapier NLA API to trigger on new HubSpot form submissions and enrich contact records via the Clearbit Enrichment API.
No-code automation democratizes workflow building. Zapier and Make (formerly Integromat) let non-developers automate business processes without writing code.
Creates and manages Zapier integrations using the Zapier Platform CLI and REST Hooks API. Builds custom triggers, actions, and searches with OAuth2 authentication flows.
Routes and validates inbound automation traffic built around Webhooks by Zapier endpoints such as `hooks.zapier.com/hooks/catch/...`.
Automatisation avec Zapier — Zaps multi-étapes, filtres, paths, webhooks et intégration entre applications.
Manage and trigger pre-built Zapier workflows and MCP tool orchestration. Use when user mentions workflows, Zaps, automations, daily digest, research, search, lead tracking,…
Public guide: Generate short domain names, check availability, purchase on Dynadot, switch nameservers, set up on Zapmail, create inboxes, and export to your email sending…
· Hunt novel vulnerabilities: reversing, patch diffing, fuzzing, attack surface, PoCs. Triggers: 'zero-day', '0-day', 'vulnerability research', 'variant analysis', 'fuzz',…
Zero-knowledge circuit development using Circom and Noir languages. Supports constraint optimization, ZK-friendly cryptographic primitives, proof generation (Groth16, PLONK), and…
Android Accessibility Service security analysis and pentesting. Use this skill whenever the user mentions Android security testing, accessibility service abuse, RAT detection,…
How to identify and test for account takeover vulnerabilities in web applications. Use this skill whenever the user mentions account takeover, authentication bypass, password…
MUST USE for deploying Aerospike on Kubernetes. Contains CE-specific YAML templates, validated AerospikeCluster CR examples, and critical constraints that prevent enterprise-only…
Check any AI agent codebase against the OWASP Agentic Security Initiative (ASI) Top 10 risks. Use this skill when: - Evaluating an agent system's security posture before…
Design and implement smart contracts as self-executing programmatic agreements on blockchain. Use this skill when the user needs to build automated on-chain logic, evaluate smart…
Use this skill for analytics and data-science workflow setup, exploratory analysis, notebook-first EDA, repo normalization for analysis projects, experiment comparison, AutoML,…
Use this skill to run a multi-persona expert advisory review on a labelled pull request in microsoft/apm.
Use this skill when securing web applications, preventing OWASP Top 10 vulnerabilities, implementing input validation, or designing authentication.
INVOKE THIS SKILL when creating, reading, updating, or deleting Arize AI integrations. Covers listing integrations, creating integrations for any supported LLM provider (OpenAI,…
Security audit of a UniFi home or small-office network using the unifi-mcp tools. Use this skill when asked to audit, review, check, or assess the security posture of a UniFi…
This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS,
Plan and run backups, set recovery objectives, and run disaster recovery drills. Use this skill when defining RPO/RTO targets, designing backup architecture, deciding what to back…
Conduct SWOT analysis with TOWS matrix for strategic planning. Use this skill when the user needs to evaluate a company, product, or project by identifying strengths, weaknesses,…
Bitcoin cycle timing model with weighted scoring system. Tracks 13 indicators across 2 categories — Daily Pulse (4 indicators, 32 points) and Weekly Structure (9 indicators, 68…
This skill covers deploying Microsoft Sentinel as a cloud-native SIEM and SOAR platform for centralized security
This skill ensures all code follows security best practices and identifies potential vulnerabilities.
Use this skill whenever the user mentions API keys, passwords, tokens, credentials, secrets, .env files, OAuth tokens, or any sensitive value that needs to end up in code, config,…
Expert CMMC 2.0 (Cybersecurity Maturity Model Certification) advisor for US defense contractors and subcontractors in the Defense Industrial Base (DIB).
Comprehensive guide for configuring and managing GitHub Dependabot. Use this skill when users ask about creating or optimizing dependabot.yml files, managing Dependabot pull…
This skill covers detecting cyber attacks targeting Supervisory Control and Data Acquisition (SCADA) systems
This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection
This skill teaches security teams how to detect and respond to unauthorized cryptocurrency mining operations
This skill covers detecting sophisticated cyber-physical attacks that follow the Stuxnet attack pattern of modifying
Expert DORA (Regulation (EU) 2022/2554 — Digital Operational Resilience Act) compliance advisor for EU financial entities.
This skill should be used when draining a labeled issue backlog (deferred-scope-out, code-review, type/security) in one cleanup PR.
Elite manual security code review skill for deep, adversarial vulnerability hunting and exploit-chain discovery.
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning",…
Generates complete FAERS-based multi-drug single-SOC safety comparison research designs from a user-provided drug set, comparator, and adverse event domain.
Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing…
PRIMARY expert for ALL NestJS and @lenne.tech/nest-server tasks. ALWAYS use this skill when working in projects with @lenne.tech/nest-server in package.json dependencies (supports…
PRIMARY expert for ALL NestJS and @lenne.tech/nest-server tasks. ALWAYS use this skill when working in projects with @lenne.tech/nest-server in package.json dependencies (supports…
Apply organizational ambidexterity theory to balance exploration and exploitation activities. Use this skill when the user needs to diagnose whether an organization is…
Apply Christensen's Disruptive Innovation theory to assess low-end and new-market threats to incumbents.
Apply the Efficient Market Hypothesis (Fama, 1970) to evaluate information incorporation in asset prices across weak, semi-strong, and strong forms.
Apply panel data analysis with fixed effects, random effects, and dynamic GMM to exploit longitudinal variation and control for unobserved heterogeneity.
Apply Smith and Lewis's paradox theory to identify and manage organizational tensions across performing, organizing, belonging, and learning dimensions.
Apply social capital theory (Putnam, Coleman, Bourdieu, Burt) to analyze how network structures and trust generate value or impose constraints.
houtu-dependencies enterprise-grade Spring Cloud microservice foundational framework complete usage guide.
Apply structured critical thinking — identifying claims, evidence, reasoning chains, hidden assumptions, and logical fallacies — to evaluate or construct specific written…
Converts a long source document (opdrachtbeschrijving, stage-plan, intern rapport, draft, bedrijfsbrief, onderzoeksnotities) into a properly structured afstudeerrapport-outline…
This skill covers deploying AWS Security Hub as a centralized cloud security posture management platform that
This skill covers deploying and tuning Web Application Firewall rules on AWS WAF, Azure WAF, and Cloudflare