Total 43,928 skills, Security & Compliance has 1637 skills
Showing 12 of 1637 skills
Create security architecture diagrams using PlantUML syntax with identity, encryption, firewall, and compliance stencil icons. Best for IAM flows, zero-trust architectures, encryption pipelines, compliance auditing, and threat detection. NOT for general cloud infra (use cloud skill) or simple flowcharts (use mermaid).
OSINT and investigation including people search, company intel, domain lookup, social media discovery, and threat intel. USE WHEN OSINT, due diligence, company intel, background check, find person, people search, domain lookup, entity lookup, threat intel, who is.
Skill for working with the BlueHammer vulnerability proof-of-concept repository, covering build, usage, and code patterns.
Debug and emulate specific code fragments or functions using the Unicorn engine. Activate when the user wants to emulate a function with Unicorn, trace binary execution without running the full program, decrypt or decode data by emulating the algorithm, or bypass environment dependencies (JNI, syscalls, libc) during emulation.
Restore function symbols by analyzing code patterns, strings, constants, and cross-references
Deep code property graph analysis with Joern CPG (AST+CFG+PDG) and CodeQL for control flow, data flow, taint analysis, and security auditing
Use this skill to remediate security findings by producing minimal, surgical code patches. Triggers on 'patch security findings', 'fix vulnerabilities', 'remediate findings', 'threat patch', or when the user provides a findings.json (from threat-model), a Codex security findings CSV, a THREAT-MODEL.md, or individual vulnerability descriptions and wants them fixed. Also trigger when reviewing code flagged by a security scanner and the user wants actionable fixes rather than just reports.
Use this skill whenever performing security threat modeling, attack surface mapping, or trust boundary analysis on a codebase. Triggers on 'threat model', 'security review', 'attack surface', 'trust boundaries', or when assessing a project's security posture. Also trigger when the user is about to build security-sensitive features (auth, crypto, file I/O, network services, native bridges) and needs to understand the threat landscape first — even if they don't explicitly say "threat model." Also triggers on 'what changed' or 'diff analysis' for incremental security review of recent commits.
Source code security audit using backward taint analysis, slot type classification, render context verification, and 3-phase parallel review producing an exploitation queue.
Step-by-step wallet investigation workflow using Range AI MCP tools (risk score, sanctions, connections, transfers, funded-by, entities, cross-chain pivots) plus a one-shot prompt template. Use when the user runs investigations inside an MCP-connected client with Range enabled, or needs a structured checklist alongside crypto-investigation-compliance—not as legal advice or a substitute for Range’s live docs and API scopes.
Investigates hypotheses that MEV activity (bundles, searchers, same-block ordering) temporally overlaps or co-occurs with launch-phase rug signals—using public txs, bundle IDs, and clustering with explicit confidence. Use when the user asks about MEV plus rug coordination, launch sniper bundles, Jito or Flashbots overlap with dev exits, or joint profit-flow case studies—not for alleging collusion without evidence, harassing addresses, or live interference.
Operates as an on-chain forensics investigator using only public chain data and OSINT—tracing flows across chains, clustering addresses, reviewing contracts for risk patterns, detecting scam vectors, and producing evidence-backed reports. Use when the user asks for blockchain investigation, forensic tracing, scam or rug analysis from public data, transaction trail documentation, or structured intelligence reports without private keys or insider access.