Loading...
Loading...
Found 2,961 Skills
Burp Suite integration. Manage data, records, and automate workflows. Use when the user wants to interact with Burp Suite data.
Mitigation patterns for privileged-access and governance-adjacent DeFi failures, anchored on the public Drift Protocol incident analysis in Chainalysis’s blog—social engineering, Solana durable nonces, oracle and collateral abuse, multisig governance, and operational monitoring. Use when hardening signer processes, reviewing admin surfaces, or teaching post-incident lessons—not for designing exploits or attributing actors without evidence.
Use when designing cloud deployments, Dockerising applications, laying out AWS or GCP environments, choosing a deployment pattern, or moving a workload from a single VM to a resilient multi-AZ topology.
Fortify integration. Manage data, records, and automate workflows. Use when the user wants to interact with Fortify data.
Two-way sync between a local paper directory and an Overleaf project via the Overleaf Git bridge (Premium feature). Lets you keep ARIS audit/edit workflows on the local copy while collaborators edit in the Overleaf web UI. Token never touches the agent — user does the one-time auth via macOS Keychain. Use when user says "同步 overleaf", "overleaf sync", "推送到 overleaf", "connect overleaf", "Overleaf 桥接", "pull overleaf", "push overleaf", or wants to bridge their ARIS paper directory with an Overleaf project.
System exploitation testing - Active Directory attacks, privilege escalation (Linux/Windows), and exploit development.
Comodo integration. Manage data, records, and automate workflows. Use when the user wants to interact with Comodo data.
ローカル改修した `.agents/skills/<skill-name>/` を upstream リポジトリ (Fandhe-AI/agent-cli-skills 等) へ PR として投稿する。`skills-lock.json` の `source` を読み、`Fandhe-AI/` 以外への push は安全弁で中止。clone → 反映 → セキュリティチェック → ブランチ作成 → push → `gh pr create` を実行。マージ後は sync-skills-lock で hash 更新。「スキルを upstream に貢献」「外部リポジトリに PR」などで使用。
MUST use this skill when installed and users ask to query, inspect, or run SELECT statements against SQLite or Postgres databases. Always route database reads through Unleak when a project contains an unleak/ folder, or when users ask to list database connections, inspect schemas, propose or validate access policies, activate policies, or query approved database data with leakage guardrails. This skill prevents direct credential, policy, schema, and raw database CLI access.
Vanta integration. Manage data, records, and automate workflows. Use when the user wants to interact with Vanta data.
Guides authoring, review, optimization, and false-positive debugging of YARA-X detection rules for malware identification across PE, script, npm, Office, Chrome extensions (crx module), and Android DEX (dex module). Covers string and atom quality, condition short-circuiting, legacy YARA migration, yarGen/FLOSS workflows, goodware validation, and production deployment—not full malware reverse engineering, network IDS (Suricata/Snort), or memory forensics (Volatility). Use when the user asks to write YARA rule, YARA-X, yr check, yr scan, false positive YARA, yarGen, malware detection rule, crx module, dex module, optimize YARA performance, or migrate legacy YARA.
[QwenCloud] Configure authentication (API keys, endpoints). TRIGGER when: setting up QWEN_API_KEY, troubleshooting 401/auth errors, when another skill reports missing credentials, or user explicitly invokes this skill by name (e.g. use qwencloud-ops-auth). DO NOT TRIGGER when: non-auth Qwen tasks, general API usage questions.