Loading...
Loading...
Found 35 Skills
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about inject...
Expert at analyzing the quality and effectiveness of Claude Code components (agents, skills, commands, hooks). Assumes component is already technically valid. Evaluates description clarity, tool permissions, auto-invoke triggers, security, and usability to provide quality scores and improvement suggestions.
Comprehensive security and privacy evaluation system for MCP (Model Context Protocol) servers. Use when users provide GitHub URLs to MCP servers and request security assessment, privacy evaluation, or ask "is this MCP safe to use." Evaluates security vulnerabilities, privacy risks, code quality, community feedback, and provides actionable recommendations with risk scoring.
Domain reconnaissance coordinator that orchestrates subdomain discovery and port scanning to build comprehensive domain attack surface inventory
CEO/founder-mode plan review. Rethink the problem, find the 10-star product, challenge premises, expand scope when it creates a better product. Three modes: SCOPE EXPANSION (dream big), HOLD SCOPE (maximum rigor), SCOPE REDUCTION (strip to essentials).
Comprehensive technology stack evaluation and comparison tool with TCO analysis, security assessment, and intelligent recommendations for engineering teams
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
Compare two security audit reports to track remediation progress and identify new vulnerabilities.
List all tables exposed via the Supabase PostgREST API to identify the attack surface.
XXE XML外部实体注入测试的专业技能和方法论
Professional Skills and Methodologies for Deserialization Vulnerability Testing
Use when user needs Active Directory security analysis, privileged group design review, authentication policy assessment, or delegation and attack surface evaluation across enterprise domains.