Loading...
Loading...
Found 2,967 Skills
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
Dependency audit and cleanup workflow for maintaining healthy project dependencies. Use for regular maintenance, security updates, and removing unused packages.
Production-ready SAP BTP best practices for enterprise architecture, account management, security, and operations. Use when planning BTP implementations, setting up account hierarchies, configuring environments, implementing authentication, designing CI/CD pipelines, establishing governance, building Platform Engineering teams, implementing failover strategies, or managing application lifecycle on SAP BTP. Keywords: SAP BTP, account hierarchy, global account, directory, subaccount, Cloud Foundry, Kyma, ABAP, SAP Identity Authentication, CI/CD, governance, Platform Engineering, failover, multi-region, SAP BTP best practices
Apple firmware and binary reverse engineering with the ipsw CLI tool. Use when analyzing iOS/macOS binaries, disassembling functions in dyld_shared_cache, dumping Objective-C headers from private frameworks, downloading IPSWs or kernelcaches, extracting entitlements, analyzing Mach-O files, or researching Apple security. Triggers on requests involving Apple RE, iOS internals, kernel analysis, KEXT extraction, or vulnerability research on Apple platforms.
Security vulnerability scanning using Trivy for ecommerce project. Scans dependencies, container images, and IaC. Blocks CRITICAL and HIGH severity. Triggers on "trivy", "vulnerability scan", "security scan", "container scan", "cve", "dependency scan", "npm audit", "docker scan", "security check". PROACTIVE: MUST invoke before committing code with new dependencies.
Comprehensive audit logging for compliance and security. Track user actions, data changes, and system events with tamper-proof storage.
Generate Privy wallet policy rules from natural language. Use when the user wants to set up, modify, or review wallet security policies — transfer limits, address allowlists, method restrictions, time windows, etc.
OKX OnChainOS - Complete on-chain operations suite with 11 specialized skills for trading, analytics, security, and wallet management across 20+ blockchains
Verify, download, and inspect build provenance attestations using the orbit CLI. Use this skill whenever the user asks about verifying attestations, checking provenance, inspecting Sigstore bundles, SLSA provenance, build provenance, verifying binaries, downloading attestation bundles, signer identity, in-toto attestations, or supply chain security. Trigger on phrases like 'verify attestation', 'check provenance', 'inspect bundle', 'build provenance', 'sigstore', 'SLSA', 'verify binary', 'attestation download', 'download bundle', 'check signer', 'inspect attestation', 'provenance verification', 'verify artifact', 'supply chain verification', 'check build origin', or any attestation-related task — even casual references like 'is this binary legit', 'who built this', 'where did this artifact come from', 'check the bundle', or 'show provenance'. The orbit CLI alias for attestation is `attest`.
Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by access level (public, admin, role-restricted, contract-only), and generates structured audit reports. Excludes view/pure/read-only functions. Use when auditing smart contracts (Solidity, Vyper, Solana/Rust, Move, TON, CosmWasm) or when asked to find entry points, audit flows, external functions, access control patterns, or privileged operations.
Prevent Cross-Site Scripting (XSS) attacks through input sanitization, output encoding, and Content Security Policy. Use when handling user-generated content in web applications.
Comprehensive Flutter development patterns covering widgets, testing, performance, security, and animations. Use when you need quick reference for Flutter best practices, common UI patterns, performance optimization techniques, security guidelines, or animation implementations.