Detects logic bypass vulnerabilities including authentication bypass, authorization bypass, and business logic flaws.
Detects various memory corruption vulnerabilities beyond simple buffer overflows including heap overflow, stack smashing, and double free.
Detect command injection attacks against Modbus TCP/RTU protocol in ICS environments by monitoring for unauthorized
Deploys and configures Zeek (formerly Bro) network security monitor to passively analyze network traffic, generate
Detects null pointer dereference vulnerabilities by identifying unchecked pointer usage and missing validation.
Detect Pass-the-Hash attacks by analyzing NTLM authentication patterns, identifying Type 3 logons with NTLM where
Detect Kerberos Pass-the-Ticket (PtT) attacks by analyzing Windows Event IDs 4768, 4769, and 4771 for anomalous
Detects privilege escalation vulnerabilities including setuid/setgid abuse, permission check bypasses, and unsafe privilege management.
Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing,
Detect and prevent QR code phishing (quishing) attacks that bypass traditional email security by embedding malicious
Detect RDP brute force attacks by analyzing Windows Security Event Logs for failed authentication patterns (Event
Detects and prevents code injection attacks targeting serverless functions (AWS Lambda, Azure Functions, Google
Spearphishing targets specific individuals using personalized, researched content that bypasses generic spam
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned
Detects suspicious use of assertions for security checks that can be disabled in production builds. Use when analyzing assertion usage, security checks, or investigating…
Detect abuse of elevation control mechanisms including UAC bypass, sudo exploitation, and setuid/setgid manipulation
Detects type confusion vulnerabilities by identifying unsafe type casts, vtable corruption, and polymorphism issues.
Detects use-after-free vulnerabilities by identifying pointer dereferences after memory deallocation.
Generic detection rule creation and management using Sigma, the universal SIEM rule format. Sigma provides vendor-agnostic detection logic for log analysis across multiple SIEM…
Analiza la jerarquía de archivos de un repositorio técnico de fabricante de componentes electrónicos, construye un grafo semántico de relaciones entre documentos, y define el…
Escribe tutoriales completos en lenguaje natural para proyectos de domótica, contextualizados en escenarios reales de automatización del hogar con integración Home Assistant.
Erkennt Fristen und Eile-Signale in Mandantenanfragen: Hauptverhandlung naechste Woche, Kuendigungsfrist laeuft, Haftungsfalle, Zwangsvollstreckung, Insolvenzantrag.
Generate diagrams from natural language using EdrawMax AI APIs. Supports four diagram types: flowchart (流程图), infographic (信息图), Gantt chart (甘特图), and mind map (思维导图).
Edrone integration. Manage data, records, and automate workflows. Use when the user wants to interact with Edrone data.
Elastic Stack を用いた Active Directory ログ分析・脅威検知支援スキル。Elasticsearch クエリ、Logstash パイプライン、Kibana 可視化を通じて、Windows イベントログおよび Sysmon ログの多角的な脅威検知を実現します。Active Directory…
Audit environmental software for EPA reporting (CEDRI, NetDMR, RCRAInfo), Clean Air Act (Title V, NESHAP, CEMS, TRI), Clean Water Act (NPDES, SWPPP, SPCC), RCRA hazardous waste…
Evaluates and selects Threat Intelligence Platform (TIP) products based on organizational requirements including
Sessione interattiva su canvas Excalidraw bidirezionale. Usa questa skill quando l'utente vuole discutere visivamente di un'idea, fare brainstorming su un canvas, disegnare…
Off-Label-Use bei Long-COVID und ME/CFS Erstattung durch gesetzliche Krankenversicherung GKV. § 35c SGB V Off-Label-Liste § 92 Abs. 1 SGB V Richtlinie Methodenbewertung.
GEAS-Reform EU-Asyl- und Migrationsmanagementverordnung 2024/1351 EU-Asylverfahrensverordnung 2024/1348 EU-Grenzverfahrensverordnung 2024/1349 ab 12.6.2026 anwendbar.
Assess FedRAMP/StateRAMP readiness — impact levels, control baselines, 3PAO requirements
FedRAMP 20X modernization expert. Provides guidance on Key Security Indicators (KSIs), continuous monitoring automation, machine-readable policies, and the new automated…
FedRAMP Rev 5 authorization expert. Provides guidance on traditional authorization paths, SSP/SAP/SAR/POA&M documentation, NIST 800-53 Rev 5 control implementation, and 3PAO…
Expertise on FedRAMP SSP authoring — what the DOCX templates contain, what OSCAL 1.2.0 SSP looks like for FedRAMP, how this plugin fits alongside Compliance Trestle and oscal-cli.
Fetch live per-token, per-image, and per-GPU-hour prices for foundation models across Anthropic, OpenAI, Google, AWS Bedrock, Azure OpenAI, OCI Generative AI, and Vertex AI.
Descompone un fix grande en porciones atomicas cuando el cambio es demasiado amplio para resolverse de una sola vez.
Resuelve bugs, ajustes visuales, refactors y mejoras de comportamiento en el proyecto. Usa esta skill SIEMPRE que el usuario mencione fix, bug, error, no funciona, arreglar,…
Procesa las herramientas e instrucciones de flasheo de un repositorio de fabricante y crea guías interactivas paso a paso para flashear firmware en microcontroladores ESP32 sin…
Pure mathematical structure. Sets, groups, rings, fields, topology — the formal bedrock everything else rests on.
Analyzes FedRAMP FRMR documents to extract control mappings, KSI entries, and version changes. Use when the user asks about FedRAMP requirements, control mappings, compliance…
Migrate AI image generation from Google Gemini 2.5 Flash to BytePlus SeeDream v4.5. Use when: (1) User wants to switch from Gemini to SeeDream/BytePlus for image generation, (2)…
Generates structured cyber threat intelligence reports at strategic, operational, and tactical levels tailored
Genere un fichier Zoom SQL (.dhsp) complet avec les 27 procedures obligatoires du cycle de vie ecran CRUD (creation, modification, suppression, consultation).
Gentleman.Dots / Gentleman Programming alongside DobackSoft. Tono y jerarquía ya aplican siempre vía .cursor/rules/gentleman-dobacksoft.mdc; esta skill amplía instalación y globs…
Perform geometric calculations on protein structures using Biopython Bio.PDB. Use when measuring distances, angles, and dihedrals, superimposing structures, calculating RMSD, or…
Geschaeftsordnung der Geschaeftsfuehrung. Zustimmungspflichtige Geschaefte Berichtspflichten Meeting-Rhythmus Entscheidungs-Prozesse Eskalations-Matrix bei Mehrgliedrigkeit.
Crea tareas y subtareas en ClickUp para implementaciones de GoHighLevel. Usar SIEMPRE que el usuario quiera subir workflows de GHL a ClickUp, registrar tareas de automatización, o…
Automate Google Drive tasks via Rube MCP (Composio). Always search tools first for current schemas.
Use when architecting or assessing a Salesforce Government Cloud org — covering FedRAMP High authorization, Hyperforce GovCloud on AWS GovCloud regions, GovCloud Plus feature set,…
Audit government and federal software for FedRAMP authorization readiness (Low/Moderate/High), NIST 800-53 controls (AC, AU, CM, IA, SC, SI families), FISMA compliance, Section…
Building LLM-powered React applications with the Hashbrown library. Use when the user asks to (1) Build generative UI where LLMs render React components, (2) Add client-side tool…
Guía de arquitectura hexagonal para aplicaciones React + TypeScript. Activa esta skill cuando el usuario pida crear, estructurar o agregar cualquier módulo o feature en el…
Use when the user wants to generate a cinematic still image on Higgsfield, asks about shot framing, camera angle, or composition for image prompts, needs a specific shot type…
Assess Huawei Cloud workload security using the Well-Architected Framework Security pillar: IAM SCP governance, VPC isolation, DEW key management, SecMaster SIEM/SOAR, and MLPS…
Elimina patrones de escritura típicos de IA en textos en español de España para que suenen naturales y humanos.
Expert guidance on Hummingbird 2 web framework. Use when developers mention: (1) Hummingbird, HB, or Hummingbird 2, (2) Swift web server or HTTP server, (3) server-side Swift…
Proactively hunts for Advanced Persistent Threat (APT) activity within enterprise environments using hypothesis-driven
Detect DCSync attacks by analyzing Windows Event ID 4662 for unauthorized DS-Replication-Get-Changes requests
Hunt for spearphishing campaign indicators across email logs, endpoint telemetry, and network data to detect
The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining