Loading...
Loading...
Found 7 Skills
Guides technical program management for security coordinated vulnerability disclosure (CVD)— disclosure policy, intake and triage SLAs, researcher coordination, fix/remediation tracking, embargo and publication timelines, CVE/advisory coordination, bug bounty program operations, and cross-functional gates (security engineering, legal, comms, product). Use when running a CVD or responsible disclosure program, disclosure calendar, bounty ops, or unblocking multi-team remediation for reported vulnerabilities—not for hands-on pentest (offensive-security-analyst), SOC triage (defensive-security-analyst), vuln scanning in CI (devsecops), enterprise security strategy (cybersecurity), generic non-security programs (technical-program-manager), or contract redlines (commercial-counsel).
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Default entrypoint and master ctf-sandbox-orchestrator workflow for CTF, exploit, reverse engineering, DFIR, pwnable, crypto, stego, mobile, AI-agent, cloud, container, Active Directory, Windows-host, and identity challenges. Use first when the user presents challenge infrastructure, binaries, prompts, hosts, or identities that should be treated as sandbox-internal by default and Codex needs to choose, route, and load the right downstream analysis path with concise evidence.
Think and act like an attacker to identify security vulnerabilities, weaknesses, and penetration vectors through adversarial security testing
This skill should be used when the user asks to "plan a red team engagement", "scope a penetration test", "design a security assessment methodology", "create rules of engagement", or "plan an adversary simulation".
Tunneling and pivoting playbook. Use when establishing network tunnels through compromised hosts including SSH tunneling, Chisel, Ligolo-ng, socat, DNS/ICMP/HTTP tunneling, ProxyChains, and multi-layer pivoting strategies.
Claude Code subagents for offensive security research, penetration testing planning, recon analysis, exploit research, detection engineering, and security reporting