Use when creating or verifying one project runtime on a prepared VPS, including god-session, provider credentials, and local dispatcher setup.
Checks hardcoded secrets, SQL injection, XSS, insecure deps, input validation. Use when auditing security.
Checks application security boundaries: secrets, injection, XSS, input validation, and sensitive env defaults. Use when auditing exploitable code paths.
Checks outdated packages, unused deps, reinvented wheels, CVE/CVSS vulnerability scan. Use when auditing dependencies. — from security/appsec-tools
Checks outdated packages, unused deps, reinvented wheels, CVE/CVSS vulnerability scan. Use when auditing dependencies. — from majiayu000/claude-skill-registry
Sets up security scanning for secrets and dependency vulnerabilities. Use when adding security infrastructure to a project.
Scans codebase for hardcoded secrets with severity classification and remediation guidance. Use when auditing a project for leaked credentials.
Use mbox-to-sqlite when an agent needs to work across an email archive as structured data instead of parsing one message at a time.
Fallback for missing credentials — loads the secrets managed in Skill Studio (for example OPENAI_API_KEY, GITHUB_TOKEN) into your environment.
MemGPT-style virtual context-load egy 11.11 session indulásakor. B-2 sprint Week 3 rewrite (2026-05-13): a klasszikus aggressive 15-20K token-os cat-jel helyett **lean ~5K token**…
Run constant-rate HTTP attacks, capture binary results, and generate reports or plots before capacity changes and releases.
Drafts a U.S. secured Loan and Security Agreement with UCC Article 9 security interests, perfection mechanics, covenants, and enforcement remedies.
Drafts a U.S. commercial Loan Modification Agreement amending existing loan terms (interest rates, payment schedules, maturity dates, covenants) while preserving enforceability of…
Register ICANN domains with crypto payments (USDC/USDT/ETH/BTC) via API — built for AI agents
Drafts irrevocable standby letters of credit serving as security deposits in commercial lease transactions.
Install, configure, and validate local ClickHouse for gapless-crypto-clickhouse development and backtesting.
Use when users say "is this legal AI app local-first", "what leaves the machine", "BYOK privacy", "audit network calls", "where are documents stored", or need a legal AI workspace…
本地资源库导航——字典库(Dic)、Payload库、POC库的结构和使用方法。当需要使用 ffuf/spray 目录爆破、密码爆破、或构造 Fuzz payload 时必读。覆盖字典选择策略、payload 模板调用、POC 库搜索方法。字典库统一安装在 /pentest 目录下
Drafts U.S. IPO/secondary offering lock-up agreements restricting securityholder transfers and hedging during the post-offering period.
· Handle authorized privesc, CTFs, post-exploitation on Linux, containers, K8s. Triggers: 'privesc', 'CTF', 'pentest', 'post-exploitation', 'container escape', 'SUID', 'GTFOBins'.
Locus payment infrastructure for AI agents — send USDC payments, call 30+ pay-per-use APIs, order prepaid cards, manage email inboxes, hire freelancers, and more.
Implement centralized logging with ELK Stack, Loki, or Splunk for log collection, parsing, storage, and analysis across infrastructure.
Analyze application logs to identify errors, performance issues, and security anomalies. Use when debugging issues, monitoring system health, or investigating incidents.
Log Analysis Security - Auto-activating skill for Security Advanced. Triggers on: log analysis security, log analysis security Part of the Security Advanced skill category.
Analyze system, application, and security logs for forensic investigation. Use when investigating security incidents, insider threats, system compromises, or any scenario…
Monitor and log API requests with correlation IDs, performance metrics, and security audit trails. Use when auditing API requests and responses.
Sweep a directory, module, or full codebase for logic correctness and produce a scored health dashboard with systemic patterns.
AI-powered Claude Code skill that performs deep code review using formal logic and reasoning frameworks to detect bugs, anti-patterns, and security risks beyond what linters catch.
Find logic bugs in a single file or function via semi-formal execution tracing (Premises → Trace → Divergence → Remedy).
Analyze digital and analog captures from Saleae Logic MSO devices. Decode protocols like UART, SPI, I2C from exported binary files.
Investigate Salesforce login activity using LoginHistory, IdentityVerificationHistory, and Login Forensics (Event Monitoring add-on): reconstruct per-user login timelines,…
Reproduces the full prefill sensitivity analysis pipeline for reward hacking indicators. Use when evaluating how susceptible model checkpoints are to exploit-eliciting prefills,…
Index Logseq markdown into SQLite, query the index quickly, and synchronize markdown updates back into the database.
Apply Lokalise security best practices for API tokens and access control. Use when securing API tokens, implementing least privilege access, or auditing Lokalise security…
Version 2.35.0 | PRD to Production | Zero Human Intervention > Research-enhanced: OpenAI SDK, DeepMind, Anthropic, AWS Bedrock, Agent SDK, HN Production (2025)
DeFi yield analysis framework — lending rates (AAVE / Compound), liquidity provision (LP) returns, staking yields, yield farming strategies, and risk-adjusted return comparison.
Real-time quotes, K-line charts, order book, trade ticks, intraday capital flow, market sentiment temperature, trading session schedule, security lists, exchange rates, and IPO…
Fetch current documentation for libraries used in channelhub (Bun, grammy, MCP SDK, Playwright, bun:sqlite, etc.).
Finds the Network Interface Card (NIC) and associated Network Security Group (NSG) for a VM given its public IP address.
Checks every subnet in a Virtual Network for an associated Network Security Group, and also inspects each NIC attached to those subnets for NIC-level NSG coverage.
Authentication and authorization patterns including OAuth2, JWT, RBAC/ABAC, session management, API keys, password hashing, and MFA.
Run adversarial review. Use for PR/diff/code/security/UX/API/performance/design review, or when behavior, records, evidence, risks, or acceptance claims need pressure-testing…
Data validation patterns covering schema validation, input sanitization, output encoding, and type coercion.
Error handling patterns and strategies including Rust Result/Option, API error responses, data pipeline errors, and security-aware handling.
Route security-sensitive work before implementation. Use when authentication, authorization, user input, secrets, sensitive data, uploads, webhooks, external integrations,…
Use when the work touches security-sensitive boundaries: untrusted input, authn/authz, secrets, sensitive data, uploads, webhooks, command/database execution, external…
Low-code and internal tool platforms including Retool, Supabase, Appsmith, Tooljet, n8n, and Zapier. Use when building admin panels, internal tools, workflow automations, or…
AI-powered LuLu Firewall companion for macOS. Monitors firewall alerts, analyzes connections with AI, sends Telegram notifications with Allow/Block buttons.
Migrating LWCs from Lightning Locker Service to Lightning Web Security (LWS) — flipping the org switch safely, identifying components likely to break, removing Locker workarounds…
Use when designing or reviewing Lightning Web Components for DOM safety, Lightning Web Security boundaries, third-party library handling, and secure server-side data access from…
Microsoft 365 / Entra ID red-team attack chain — current 2026 reality. AADSTS code reference, user enumeration vectors (with hardening status), Smart Lockout math, Conditional…
Work with macOS Keychain generic password items through bundled scripts. Use when Codex needs to check, read metadata, create, update, retrieve, reveal, or delete local…
macOS security hardening for Claude Code — pre-execution validation, malicious config detection, credential hygiene, endpoint protection
Madrid-Protokoll WIPO und internationale Registrierung: DE/EU als Basismarke, Subsequent Designations US/JP/CN/GB, Section 66(a)-Application beim USPTO, Central Attack Period 5…
Генерирует для репозитория файл AGENTS.md (инструкции для coding-агентов) по лучшим практикам: коротко, детерминированно, с Persona/Architecture/Operations/Code Style/Boundaries &…
Use when: designing Service Mesh architectures, configuring VirtualServices, DestinationRules, and Istio security.
Mahnbescheid (§§ 688-703d ZPO) online beantragen: zentrales Mahngericht je Bundesland, online-mahnbescheid.de, Widerspruchsfrist 2 Wochen § 692 ZPO, Vollstreckungsbescheid § 699…
Mahnwesen fuer eigene Honorarforderungen der Kanzlei. Stufen erste Zahlungserinnerung (vor Verzug) erste Mahnung mit Verzugsbeginn nach § 286 BGB zweite Mahnung mit konkreter…
Execute email operations with platform-specific optimizations and security protocols.
Use for mainframe, z/OS, RACF, ACF2, Top Secret, CICS, IMS, DB2, JCL, JES, APF libraries, USS, TN3270, privileged dataset, and legacy enterprise security assessment work.