Total 50,523 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Points to the coral-xyz sealevel-attacks repository—minimal Anchor programs demonstrating common Solana (Sealevel) exploit patterns and recommended mitigations. Use when auditing or learning Solana program security, pairing with solana-defi-vulnerability-analyst-agent—not for deploying attacks against live systems or evading law.
Early rug-risk triage for token launches and small DeFi deployments from public data—liquidity lock and pool events, dev and sniper wallet clustering, contract authority and transfer-risk checks, coordinated exits, and evidence-backed risk scores. Use when the user asks for rug pull detection, pump-and-dump signals, launch red flags, LP removal forensics, or cross-chain profit exit tracing—not for front-running trades, harassing teams, or certifying scams without on-chain proof.
Operates as an on-chain forensics investigator using only public chain data and OSINT—tracing flows across chains, clustering addresses, reviewing contracts for risk patterns, detecting scam vectors, and producing evidence-backed reports. Use when the user asks for blockchain investigation, forensic tracing, scam or rug analysis from public data, transaction trail documentation, or structured intelligence reports without private keys or insider access.
Points agents to the public Phalcon Compliance documentation portal for compliance-oriented blockchain investigation and monitoring workflows. Use when the user asks about Phalcon Compliance docs, transaction-monitoring-style tooling references, or where to read product documentation alongside crypto-investigation-compliance—not for legal advice or unsubstantiated vendor claims.
Audits a codebase or business process for regulatory compliance across GDPR, HIPAA, SOC2, CCPA, and PCI-DSS. Scans for PII handling, data retention, encryption, access controls, audit logging, consent management, and data transfer issues. Generates a structured compliance report with findings, gap analysis, remediation steps, and evidence requirements.
Comprehensive security code review workflow for a target repository, producing a markdown report with findings and recommendations.
Step-by-step cookbook for setting up cryptographically signed audit trails on Claude Code tool calls. Use when explaining, evaluating, or demonstrating the pattern before committing to the protect-mcp runtime hooks. Covers Cedar policy, Ed25519 receipts, offline verification, tamper detection, CI/CD integration, and SLSA composition.
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code execution. Originally discovered by the NSA and leaked by the Shadow Brokers in 2017, it
Mozilla Observatory integration. Manage data, records, and automate workflows. Use when the user wants to interact with Mozilla Observatory data.
Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.
Queries Certificate Transparency logs via crt.sh and pycrtsh to detect phishing domains, unauthorized certificate issuance, and shadow IT. Monitors newly issued certificates for typosquatting and brand impersonation using Levenshtein distance. Use for proactive phishing domain detection and certificate monitoring.
Account suspension prevention and appeal — policy violations, Plan of Action writing, reinstatement process