Loading...
Loading...
Found 28 Skills
Master smart contract security with auditing, vulnerability detection, and incident response
Web exploitation techniques for CTF challenges. Use when solving web security challenges involving XSS, SQLi, CSRF, file upload bypasses, JWT attacks, Web3/blockchain exploits, or other web vulnerabilities.
Professional Skills and Methodologies for Mobile Application Security Testing
Expert in detecting private information, secrets, API keys, credentials, and sensitive data in codebases before open sourcing
Professional Skills for Cross-Site Scripting (XSS) Attack Testing
End-to-end protocol replay toolkit for ChatGPT Team subscription with hCaptcha solver and anti-fraud research tools
Read/write config files (.env, YAML, TOML, JSON, docker-compose, etc.) safely. Use this instead of Read/Write/Edit tools whenever touching config files that may contain API keys, tokens, passwords, or other secrets — it auto-detects and redacts them.
Runs available security scanning tools against the current project and produces a consolidated markdown report. Auto-detects installed tools (gitleaks, semgrep, grype, npm audit, bandit, pip-audit, gosec, govulncheck, cargo audit, bundle-audit) and activates language-specific scanners based on project files. Gracefully skips missing tools and provides installation hints. By default scans the entire target directory. Pass --full to make the intent explicit (useful in workflows that combine full-codebase and diff-only scans). Use when running security scans, checking for vulnerabilities, detecting leaked secrets in git history, or validating security posture before commits or releases. Pairs with security-review for a complete security workflow.
Test skill for security scanning
Analyze and understand Avast Premium Security features, protection mechanisms, and security architecture for antivirus research and educational purposes
Professional Skills and Methodologies for API Security Testing
Professional Skills and Methodologies for Vulnerability Assessment