Loading...
Loading...
Found 2,960 Skills
Scan extension source code for Chrome Web Store rejection risks. Generates report with issues, root causes, and fixes. Use when: review, pre-submit, rejection, CWS compliance, store review.
Safety guardrails that warn before destructive commands. Use to protect beginners from accidentally running dangerous operations like rm -rf, DROP TABLE, git push --force, or git reset --hard. Provides beginner-friendly explanations of WHY a command is dangerous and suggests safer alternatives. Activate when the user mentions safety, careful mode, guardrails, protection, or when working with beginners on tasks involving file deletion, database changes, or git operations.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for Kerberos, WinRM, SMB, RDP, Windows credential material, replayable tickets, delegation edges, and host-to-host pivot chains. Use when the user asks to replay Kerberos material, trace a WinRM, SMB, or RDP pivot, understand host-to-host privilege movement, or prove which Windows service accepted a credential or ticket. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for browser cookies, localStorage, sessionStorage, IndexedDB, Cache Storage, service workers, offline caches, and client-side session persistence. Use when the user asks to inspect browser state, replay cached auth or session behavior, explain why a page behaves differently after load, or trace how stored client state changes requests, rendering, or access. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for file uploads, imports, previews, archive extraction, format conversion, parser invocation, and deserialization chains. Use when the user asks to inspect an upload or import path, trace archive extraction, preview or converter behavior, explain how a file reaches a parser or deserializer, or connect one uploaded artifact to the decisive backend effect. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for OAuth, OIDC, redirect flows, state or nonce handling, PKCE, token exchange, refresh logic, claim mapping, and accepted login paths. Use when the user asks to trace redirects, callback parameters, scopes, state, nonce, PKCE, refresh tokens, consent, or explain how an OAuth or OIDC chain turns into accepted identity or privilege. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
Gatekeeper integration. Manage Users, Organizations. Use when the user wants to interact with Gatekeeper data.
Alert Logic integration. Manage data, records, and automate workflows. Use when the user wants to interact with Alert Logic data.
NoSQL injection playbook. Use when MongoDB-style operators, JSON query objects, flexible search filters, or backend query DSLs may allow data or logic abuse.
Decode and inspect JSON Web Tokens (JWTs) without verification. Use when the user provides a JWT string and wants to see its header, payload, or claims — e.g. "decode this JWT", "what's in this token", "inspect this JWT", "show me the claims", "parse this token". Also triggers on raw JWT strings (three base64url segments separated by dots).
Mozilla Observatory integration. Manage data, records, and automate workflows. Use when the user wants to interact with Mozilla Observatory data.
unity-cli 共通ルール。全スキルの前提条件。