Use Agentic Radar to statically scan agent workflows, map tools and MCP servers, generate shareable security reports, and optionally run adversarial runtime tests before rollout.
Generate a reviewable security report for a supported agent workflow before deployment by scanning its code, tools, MCP usage, and known vulnerability surface.
Run Kubernetes security and compliance scans against manifests or live clusters before rollout or audit.
Run MCP Scanner against a remote or local MCP server before trusting it, so the agent gets a bounded security review of tools, prompts, resources, dependencies, and supply-chain…
Workspace-wide scan for logic errors, security issues, and metrics calculation bugs across all crates and all language modules.
Run MurphySec CLI against a project before release or dependency approval to detect vulnerable direct and transitive dependencies.
Catch insecure Python calls, weak crypto usage, shell injection risks, and similar patterns before merge or release.
Scan a repository or directory for security threats using Sigil. Use when auditing AI agent code, reviewing cloned repositories, checking dependencies, or analyzing suspicious…
Use Medusa Security before trusting a repository, dependency, or AI-agent codebase when an agent needs a focused scan for repo poisoning, prompt-injection, MCP, and AI…
Check repositories and CI surfaces for Shai-Hulud 2.0 compromise indicators when the task is targeted supply-chain triage, not generic malware scanning.
Detect API security vulnerabilities including injection, broken auth, and data exposure. Use when scanning APIs for security vulnerabilities.
Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable
Scan project dependencies for vulnerabilities, license issues, and supply chain risks. Use when auditing third-party packages or before releases.
Detect exposed secrets, API keys, and credentials in code. Use when auditing for secret leaks. Trigger with 'scan for secrets', 'find exposed keys', or 'check credentials'.
Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network
Scan for input validation vulnerabilities and injection risks. Use when reviewing user input handling.
Detect significant price movements and unusual volume across crypto markets. Calculates significance scores combining price change, volume ratio, and market cap.
Performs advanced network reconnaissance using Nmap''s scripting engine, timing controls, evasion techniques,
Structure individual scenes using Scene-Sequel framework with goal-conflict-disaster beats
Structure scenes and control pacing using scene-sequel rhythm. Use when individual scenes work but don't accumulate, when pacing feels off (too rushed or too slow), when…
CronWorkflow patterns for scheduled automation: time-based execution, concurrency policies, orchestration pipelines, and GitHub Actions integration for DevSecOps.
Index coverage and N+1 review aids for SQLite/D1 schemas with a sqlc catalog. Surfaces unused indexes (with FK CASCADE awareness so cascade-load-bearing indexes are not flagged),…
Interpreta diagramas esquemáticos de circuitos electrónicos y los convierte en explicaciones didácticas organizadas por bloques funcionales.
Massive multi-source academic literature search via subagent orchestration. Fans out parallel searchers across every available scholarly source — arXiv, Semantic Scholar,…
Unified repo security scanner for scientific Python projects — one call orchestrates `bandit` (Python AST security linter), `shellcheck` (shell-script linter), `pip-audit` (Python…
Unified dataset-discovery API across 7 scientific repositories — OpenNeuro + DANDI + PhysioNet (neuroscience, BIDS + NWB), Zenodo + Scientific Data (general), GEO (gene…
Relational-DB wrapper for scientific Python — `SQLite3` and `PostgreSQL` classes composed from a dozen shared mixins (connection, transaction, query, schema, index, row/batch ops,…
PyTorch neural-network building blocks for neuroscience and signal processing. Differentiable filters (`BandPassFilter`, `BandStopFilter`, `HighPassFilter`, `LowPassFilter`,…
GitHub security-alert utilities. `check_github_alerts(repo=...)` returns the open Dependabot/CodeQL alerts as a structured list.
Persistent, auto-reconnecting SSH reverse tunnels for NAT traversal — installs an `autossh` systemd unit on the local host so a bastion/relay server can SSH back in even through…
Use kube-score to statically review Kubernetes YAML or rendered Helm output for rollout risks, weak defaults, and resilience gaps before merge or deploy.
Check a repository against OpenSSF security heuristics before you trust it as a dependency, approve it for use, or ship from it.
Use SafeDep Vet as a pre-adoption gate when an agent, maintainer, or CI pipeline is about to add a new dependency or import a skill repository and needs malware and policy signals…
API de Scripts Externos da Tray. Utilize quando o desenvolvedor precisar gerenciar scripts JavaScript customizados injetados na vitrine da loja, incluindo listagem, cadastro,…
SCX-Studio-Pro projesinin Prisma ORM ve SQLite tabanlı veritabanı şemasını, model ilişkilerini, migrasyon süreçlerini ve veri yönetimini açıklar.
Planning-only skill for SDD projects. SDD builds **web apps** on Django + htmx + SQLite + Pico.css in Docker — one stack, the only one.
Rédige et met à jour les spécifications SDD par cas d'utilisation (UC) : spec racine (projet principal) ou spec d'extension (fonction ajoutée à une racine existante).
Produit les documents de conception technique SDD (ARCHITECTURE.md, DEPLOYMENT.md, SECURITY.md, COMPLIANCE_MATRIX.md) à partir d'un SPEC-racine-*.md (+ extensions).
Full mode — new feature. Planner → Architect → [UX Designer] → Skeptic → Developer → [Skeptic ∥ Security Auditor] → Tester → Friction Reviewer.
Integrate Seal threshold encryption and access control on Sui. Use when the user mentions Seal.
Provision, connect, and operate Sealos object storage through the sealos-cli s3 commands added in zjy365/sealos-cli#28.
Literature search and citation management for medical research. Searches PubMed, Semantic Scholar, and bioRxiv/medRxiv with verified citations.
Enforces security rules (SEC-1 through SEC-7). Loaded by the conductor for security audits, PR/code reviews, incident response, and new service scaffolding.
Apply suggested security fixes from a prior code review. Use when the user wants to remediate security findings with before/after code diffs, severity filtering, and explicit…
Maintain and extend the SecondBrain codebase with low-risk, test-validated edits. Use when work touches FastAPI route/model/service layers, indexing/parsing, SQLite FTS,…
SecOps checks for endpoints: EDR, Sysmon, updates, EVTX on heartbeat, least privilege, network visibility, credential protection (Kerberos/NTLM/pass-the-hash), device inventory…
Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices.
Secret management integration (密鑰管理整合). Use when working with HashiCorp Vault, credential management, or secure configuration.
Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor…
Prevent secret leakage across git history, package artifacts, logs, and docs. Use when editing workflows, packaging configuration, environment files, or release automation.
Use BEFORE writing API keys/tokens/passwords into code, BEFORE git commit/push, BEFORE creating PR. Blocks accidental leaks of secrets to GitHub.
Decision-aid skill for runtime secret hygiene — fd passing, scratch surface verification, error-path safety, identifier hygiene, and avoiding the SECRETS_ENV aggregation…
Secure credential intake via local web form. Spin up a one-page server on Tailscale, paste keys, upload PEM/JSON files, hit submit — secrets land in .hex/secrets/ with 600 perms…
Store, access, rotate, and audit secrets safely — provider selection (Vault, AWS Secrets Manager, GCP Secret Manager), runtime injection, rotation policy, least-privilege IAM,…
Secret lifecycle management with Vault, AWS Secrets Manager, and rotation automation. Activate on: secret management, HashiCorp Vault, AWS Secrets Manager, secret rotation, SOPS,…
HashiCorp Vault, cloud secret managers, rotation strategies, and zero-trust secret access
30+ service-specific secret detection regex patterns, entropy-based detection, PEM/JWT/Base64 identification, and false positive filtering.
Detect accidentally committed secrets, credentials, and sensitive information in code.
Focused micro-skill for secret management setup. Explains options, guides through Bitwarden installation/login/unlock, configures backend. Exits when done.
Encrypted credential store — AES-256-GCM secured tokens and secrets in one place.