Total 50,510 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Reconstruct data structures by analyzing memory access patterns across functions
IDAPython and IDALib script reference for reverse engineering. Activate when the user needs to write IDAPython scripts in IDA, use IDALib for headless analysis, operate on IDB databases, debug with IDA, manipulate memory/registers, traverse functions/blocks/instructions, work with Hex-Rays decompiler API, handle obfuscation, or batch-process binaries.
Use this skill whenever performing security threat modeling, attack surface mapping, or trust boundary analysis on a codebase. Triggers on 'threat model', 'security review', 'attack surface', 'trust boundaries', or when assessing a project's security posture. Also trigger when the user is about to build security-sensitive features (auth, crypto, file I/O, network services, native bridges) and needs to understand the threat landscape first — even if they don't explicitly say "threat model." Also triggers on 'what changed' or 'diff analysis' for incremental security review of recent commits.
Review business contracts for risk identification including liability clauses, IP ownership, termination terms, and payment conditions. Use this skill when the user needs a practical contract risk assessment for vendor agreements, partnership contracts, or service agreements — even if they say 'review this contract', 'what should I watch out for', 'is this agreement fair', or 'negotiate better terms'.
Analyze data privacy compliance requirements under GDPR, Taiwan's Personal Data Protection Act (PDPA), and related regulations. Use this skill when the user needs to assess data privacy obligations, design compliant data handling processes, evaluate cross-border data transfer risks, or understand data subject rights — even if they say 'do we comply with GDPR', 'can we collect this data', 'what are our privacy obligations', or 'how do we handle user data in Taiwan'.
Investigates hypotheses that MEV activity (bundles, searchers, same-block ordering) temporally overlaps or co-occurs with launch-phase rug signals—using public txs, bundle IDs, and clustering with explicit confidence. Use when the user asks about MEV plus rug coordination, launch sniper bundles, Jito or Flashbots overlap with dev exits, or joint profit-flow case studies—not for alleging collusion without evidence, harassing addresses, or live interference.
Guides EVM Solidity DeFi triage from public verified source or bytecode—access control, proxies, oracle usage, reentrancy and CEI patterns, DEX/router integrations, and common vulnerability classes. Use when the user asks for Ethereum or L2 smart contract security review, Solidity audit triage, OpenZeppelin proxy risks, or EVM-specific DeFi patterns—not for live exploits or private keys.
Educational map of transaction-centric compliance screening—transfer as the atomic unit, deposit vs withdrawal direction, single and CSV import, transaction list and detail views, per-transfer screening, rescreen, and STR-style exports. Use when the user asks how monitoring UIs treat tx hashes, directions, or regulatory reporting hooks—not for legal filing advice or evading reporting.
Routes to Chainalysis public Sanctions Screening surfaces—the free Sanctions REST API (address checks against OFAC SDN crypto listings) and the EVM on-chain oracle—plus how they differ from paid Chainalysis customer data. Use when the user references Chainalysis sanctions tooling, public.chainalysis.com, or repo notes in Chainalysis.md—not for legal conclusions, full vendor ToU reproduction, or substituting official government sanctions lists.
List available LLM-accessible credentials. Use when you need API keys, passwords, or other secrets that have been made available to you.
Generate secure passwords and secrets. Use when: user needs to create secure passwords, API keys, tokens, or cryptographic random strings.
Scan code for security vulnerabilities and secrets. Detect exposed secrets, insecure patterns, and common vulnerabilities.