Total 50,523 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
TaxJar integration. Manage Orders, Nexuses, Customers. Use when the user wants to interact with TaxJar data.
Security checklist for Solidity AMM contracts, liquidity pools, and swap flows. Covers reentrancy, CEI ordering, donation or inflation attacks, oracle manipulation, slippage, admin controls, and integer math.
Agent skill for v3-security-architect - invoke with $agent-v3-security-architect
Cloudmersive integration. Manage data, records, and automate workflows. Use when the user wants to interact with Cloudmersive data.
Expression Language injection playbook. Use when Java EL, SpEL, OGNL, or MVEL expressions may evaluate attacker-controlled input in Spring, Struts2, Confluence, or similar frameworks.
Smart contract vulnerability playbook. Use when auditing Solidity/EVM contracts for reentrancy, integer overflow, access control, delegatecall, flash loan, signature replay, and MEV-related attack patterns.
Nessus integration. Manage data, records, and automate workflows. Use when the user wants to interact with Nessus data.
Test Android apps on a rooted device. Decompile APKs, intercept traffic, parse UI, test for IDORs, bypass SSL pinning, hook methods with Frida, inspect exported components, read local storage, and find sensitive data. Use when asked to "test this app", "find bugs", "pentest", "reverse engineer", "decompile", "intercept requests", "check for IDORs", "bypass cert pinning", "hook this method", or "check deeplinks".
Domain assessment and web application mapping - subdomain discovery, port scanning, endpoint enumeration, API discovery, and attack surface analysis.
Analyze intellectual property rights across patents, trademarks, copyrights, and trade secrets. Use this skill when the user needs to understand IP protection options, evaluate whether their work is protectable, assess infringement risk, or design an IP strategy — even if they say 'can I patent this', 'someone copied our design', 'how do we protect our brand name', or 'what IP do we have'.
Source code security audit using backward taint analysis, slot type classification, render context verification, and 3-phase parallel review producing an exploitation queue.
Investigates completed DEX sandwich-style MEV from public blocks and bundles—front-victim-back ordering on EVM and Solana, Jito bundle traces, swap decoding, victim slippage vs searcher profit estimates, and evidence-style case studies. Use when the user asks for sandwich attack analysis, MEV sandwich post-mortems, high-slippage swap forensics, or searcher clustering—not for building sandwich bots, mempool manipulation for profit, or harassing labeled wallets.