Loading...
Loading...
Found 55 Skills
Senior FDA consultant and specialist for medical device companies including HIPAA compliance and requirement management. Provides FDA pathway expertise, QSR compliance, cybersecurity guidance, and regulatory submission support. Use for FDA submission planning, QSR compliance assessments, HIPAA evaluations, and FDA regulatory strategy development.
Guidelines for building Python cybersecurity tools with secure coding practices, async scanning, and structured security testing.
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
Guides cybersecurity deception operations using MITRE D3FEND—honeynets, decoy objects, decoy personas, and decoy credentials. Covers honeypot deployment, decoy file planting, credential baiting, and deception environment design. Use when deploying honeypots, planting decoy data, baiting credentials, or designing deception programs—not for detection (d3fend-detect), hardening (d3fend-harden), or isolation (d3fend-isolate).
FDA regulatory consultant for medical device companies. Provides 510(k)/PMA/De Novo pathway guidance, QSR (21 CFR 820) compliance, HIPAA assessments, and device cybersecurity. Use when user mentions FDA submission, 510(k), PMA, De Novo, QSR, premarket, predicate device, substantial equivalence, HIPAA medical device, or FDA cybersecurity.
C/C++/CAPL best practices for automotive embedded systems. This skill should be used when writing, reviewing, or refactoring embedded C/C++ code or CAPL scripts targeting automotive ECUs, following MISRA, AUTOSAR, ISO 26262, and ISO 21434 guidelines. Triggers on tasks involving embedded firmware, CAN/CAN FD/LIN/Ethernet communication, TCP/UDP/DoIP/SOME-IP protocols, RTOS programming, safety-critical code, cybersecurity, diagnostics (UDS), CAPL test automation, or calibration toolchain integration.
Use 754 structured cybersecurity skills mapped to MITRE ATT&CK, NIST CSF, ATLAS, D3FEND, and NIST AI RMF for AI-driven security operations
Solve CTF challenges by analyzing files, connecting to services, and applying exploitation techniques. Orchestrates category-specific CTF skills.
Proactively detect and respond to advanced cyber threats using forensic tools and analytics in enterprise environments.
OSINT-based technology stack identification. Discovers company tech stacks using passive reconnaissance across 17 intelligence domains. Given a company name (and optional domain hint), infers frontend, backend, infrastructure, and security technologies using publicly available signals.
Default entrypoint and master ctf-sandbox-orchestrator workflow for CTF, exploit, reverse engineering, DFIR, pwnable, crypto, stego, mobile, AI-agent, cloud, container, Active Directory, Windows-host, and identity challenges. Use first when the user presents challenge infrastructure, binaries, prompts, hosts, or identities that should be treated as sandbox-internal by default and Codex needs to choose, route, and load the right downstream analysis path with concise evidence.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for prompt-injection, retrieval poisoning, memory contamination, planner drift, MCP or tool-boundary abuse, and agent exfiltration challenges. Use when the user asks to analyze prompt injection, retrieval poisoning, memory contamination, planner drift, tool-argument corruption, or secret exposure caused by an agent chain. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.