Loading...
Loading...
Found 47 Skills
Automate Virustotal tasks via Rube MCP (Composio). Always search tools first for current schemas.
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.
Runs available security scanning tools against the current project and produces a consolidated markdown report. Auto-detects installed tools (gitleaks, semgrep, grype, npm audit, bandit, pip-audit, gosec, govulncheck, cargo audit, bundle-audit) and activates language-specific scanners based on project files. Gracefully skips missing tools and provides installation hints. By default scans the entire target directory. Pass --full to make the intent explicit (useful in workflows that combine full-codebase and diff-only scans). Use when running security scans, checking for vulnerabilities, detecting leaked secrets in git history, or validating security posture before commits or releases. Pairs with security-review for a complete security workflow.
AI-powered penetration testing automation CLI using Google Gemini, Claude, or GPT-4 with LangChain for intelligent security assessments
Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.
Run the participant-facing CTFd CLI directly from its Git repository with uvx. Use when an agent needs to list or inspect CTFd challenges, view hints or the scoreboard, inspect the current user's solves and submissions, submit a flag, or unlock a hint without installing the ctfd package globally.
Secure credential management for trading platforms
Use when reviewing permission prompt frequency, optimizing the allow-list, or resetting the audit log. Triggers on "audit permissions", "permission report", "allow list", "reduce prompts", "what's getting prompted".
Professional Skills and Methodologies for Vulnerability Assessment
Test skill for security scanning
Production-grade MCP server providing Claude with 27 security intelligence tools across 21 APIs for vulnerability research, CVE analysis, threat intelligence, and risk scoring
Conducts external reconnaissance using Open Source Intelligence (OSINT) techniques to map an organization's external attack surface without directly interacting with target systems. The tester gathers information from public sources including DNS records, certificate transparency logs, search engines, social media, code repositories, and data breach databases to build a comprehensive target profile. Activates for requests involving OSINT reconnaissance, external footprinting, attack surface mapping, or passive information gathering.