Loading...
Loading...
Found 56 Skills
Build secure desktop applications with Electron 33, Vite, React, and TypeScript. Covers type-safe IPC via contextBridge, OAuth with custom protocol handlers, native module compatibility (better-sqlite3, electron-store), and electron-builder packaging. Use when building cross-platform desktop apps, implementing OAuth flows in Electron, handling main/renderer process communication, or packaging with code signing. Prevents: NODE_MODULE_VERSION mismatch, hardcoded encryption keys, context isolation bypasses, sandbox conflicts with native modules.
Manage S3 buckets with versioning, encryption, access control, lifecycle policies, and replication. Use for object storage, static sites, and data lakes.
Implement automated secrets rotation for API keys, credentials, certificates, and encryption keys. Use when managing secrets lifecycle, compliance requirements, or security hardening.
Security engineering that protects applications, data, and users from real-world threatsUse when "security, authentication, authorization, encryption, OWASP, vulnerability, XSS, SQL injection, CSRF, secrets, password, JWT, OAuth, permissions, audit, compliance, security, authentication, authorization, encryption, vulnerabilities, OWASP, compliance, audit" mentioned.
This skill should be used when the user asks to "encrypt message with BSV key", "decrypt with private key", "ECDH encryption", "AES-256-GCM BSV", "EncryptedMessage", "BRC-2 encryption", or needs to encrypt/decrypt data using BSV keys and @bsv/sdk.
Handles MMKV storage operations and data persistence patterns with encryption. Use when implementing data persistence, caching, or user preferences in Fitness Tracker App.
Configure TLS certificates and encryption for secure communications. Use when setting up HTTPS, securing service-to-service connections, implementing mutual TLS (mTLS), or debugging certificate issues.
Role of Web Security Testing and Penetration Engineer, focusing on JavaScript reverse engineering and browser security research. Trigger scenarios: (1) JS reverse analysis: identification of encryption algorithms (SM2/SM3/SM4/AES/RSA), obfuscated code restoration, Cookie anti-crawling bypass, WASM reverse engineering (2) Browser debugging: XHR breakpoints, event listening, infinite debugger bypass, Source Map restoration (3) Hook technology: writing XHR/Header/Cookie/JSON/WebSocket/Canvas Hooks (4) Security product analysis: Offensive and defensive analysis of JS security products such as Ruishu, Jiasule, Chuangyudun, etc. (5) Legal scenarios such as CTF competitions, authorized penetration testing, security research, etc.
Guide for performing linear cryptanalysis attacks on FEAL and similar Feistel ciphers. This skill should be used when tasks involve breaking FEAL encryption, recovering cipher keys using known plaintext-ciphertext pairs, or implementing linear cryptanalysis techniques. Applies to cryptographic challenges mentioning "linear attack," "FEAL," "Feistel cipher analysis," or key recovery from plaintext-ciphertext pairs.
Implements authentication, authorization, encryption, secrets management, and security hardening patterns. Use when designing auth flows, managing secrets, configuring CORS, implementing rate limiting, or when asked about JWT, OAuth, password hashing, API keys, RBAC, or security best practices.
Manipulate PDF documents programmatically. Merge, split, rotate, and watermark PDFs. Extract text and metadata. Handle form filling and encryption/decryption.
Load PROACTIVELY when task involves security review, vulnerability assessment, or hardening. Use when user says "check for security issues", "audit for vulnerabilities", "scan for secrets", "review auth security", or "check OWASP compliance". Covers authentication and session security, authorization and access control, input validation and injection prevention, data protection and encryption, dependency vulnerability scanning, API security (CORS, rate limiting, headers), and infrastructure hardening. Produces structured reports with severity ratings.