Loading...
Loading...
Found 256 Skills
WooYun business logic vulnerability methodology — 22,132 real cases across 6 domains (authentication bypass, authorization bypass, payment tampering, information disclosure, logic flaws, misconfiguration) and 33 vulnerability classes. It can be used for ANY security testing, auditing, or code review of web apps, APIs, or business systems, even without explicit "security" keywords. Triggers: penetration testing, security audit, vulnerability, bug bounty, payment security, IDOR, password reset, weak credentials, unauthorized access, race condition, parameter tampering, code review, penetration testing, security audit, vulnerability mining, payment security, privilege escalation, logic vulnerability, business security, SRC, code audit. It also triggers on implicit intent: "test this endpoint", "find bugs", "can I bypass this", "help me test this interface", "can this parameter be modified", "help me find bugs".
Forces exhaustive problem-solving using corporate PUA rhetoric and structured debugging methodology. MUST trigger when: (1) any task has failed 2+ times or you're stuck in a loop tweaking the same approach; (2) you're about to say 'I cannot', suggest the user do something manually, or blame the environment without verifying; (3) you catch yourself being passive — not searching, not reading source, not verifying, just waiting for instructions; (4) user expresses frustration in ANY form: 'try harder', 'stop giving up', 'figure it out', 'why isn't this working', 'again???', or any similar sentiment even if phrased differently. Also trigger when facing complex multi-step debugging, environment issues, config problems, or deployment failures where giving up early is tempting. Applies to ALL task types: code, config, research, writing, deployment, infrastructure, API integration. Do NOT trigger on first-attempt failures or when a known fix is already executing successfully.
Japanese version of the PUA Universal Motivation Engine. It compels exhaustive problem-solving using corporate PUA rhetoric and structured debugging methodology in Japanese. MUST trigger under the following conditions: (1) Any task has failed 2+ times, or you're stuck in a loop of tweaking the same approach; (2) You're about to say 'I cannot', suggest manual handling to the user, or blame the environment without verification; (3) You find yourself being passive — not searching, not reading source code, not verifying, just waiting for instructions; (4) The user expresses frustration in any form: 'try harder', 'stop giving up', 'figure it out', 'why isn't this working', 'again???', 'もっと頑張れ', 'なんでまた失敗したの', 'もう一回やって', 'なんとかしろ', or any similar sentiment regardless of phrasing. It should also trigger when facing complex multi-step debugging, environment issues, configuration problems, or deployment failures where early surrender is tempting. Applies to ALL task types: code, configuration, research, writing, deployment, infrastructure, API integration. DO NOT trigger on first-attempt failures or when a known fix is already executing successfully.
Anticipate and neutralize every reason customers say "no" before they say it. Combine Chris Voss's negotiation psychology with systematic sales methodology to turn objections into opportunities. Use when: **Before sales calls** to prepare responses to common pushback; **After losing deals** to document and learn from objections; **Product positioning** to address concerns in marketing copy; **Pricing conversations** to defend value against price resistance; **Team training** to create an obje...
Multi-perspective academic paper review with dynamic reviewer personas. Simulates 5 independent reviewers (EIC + 3 peer reviewers + Devil's Advocate) with field-specific expertise. Supports full review, re-review (verification), quick assessment, methodology focus, and Socratic guided modes. Triggers on: review paper, peer review, manuscript review, referee report, review my paper, critique paper, simulate review, editorial review.
Comprehensive growth strategy expertise combining SEO/SMO/CRO implementation, marketplace and network effects frameworks (Andrew Chen), growth loops methodology (Brian Balfour/Reforge), and Silicon Valley growth thinking. Use when building growth strategy, designing growth loops, improving SEO/SMO/CRO, planning acquisition channels, building network effects, or scaling product-led growth. Growth is not marketing — it's systematic application of product, engineering, and data.
Expert product strategy and product marketing skill. Use when defining product vision, assessing product-market fit, sizing market opportunities, doing competitive positioning, building growth loops, designing PLG strategies, creating product marketing context, or using the Working Backwards methodology. Activates for: product strategy, product marketing, PMM, product manager, product management, growth product manager, working backwards, PR/FAQ, Amazon PR FAQ, product roadmap, product positioning, product-market fit, product launch, feature prioritization, TAM SAM SOM, market sizing, competitive moat, business model design, monetization strategy, north star metric, activation, retention, growth loops, freemium, PLG, product-led growth, growth experimentation, ICP context, marketing context document.
Official Feature-Sliced Design (FSD) v2.1 skill for applying the methodology to frontend projects. Use when the task involves organizing project structure with FSD layers, deciding where code belongs, defining public APIs and import boundaries, resolving cross-imports or evaluating the @x pattern, deciding whether logic should remain local or be extracted, migrating from FSD v2.0 or a non-FSD codebase, integrating FSD with frameworks, or implementing common patterns such as auth, API handling, Redux, and React Query within FSD.
This skill should be used when the user asks to "audit this code", "deep analysis before security review", "build architectural context", "line-by-line code review", or needs ultra-granular analysis before vulnerability discovery. Provides structured context-building methodology with First Principles, 5 Whys, 5 Hows micro-analysis patterns.
Use this skill when planning user research, conducting usability tests, creating journey maps, or designing A/B experiments. Triggers on user interviews, usability testing, user journey maps, A/B test design, survey design, persona creation, card sorting, tree testing, and any task requiring user experience research methodology or analysis.
Use this skill when conducting authorized penetration tests, vulnerability assessments, or security audits within proper engagement scope. Triggers on pentest methodology, vulnerability scanning, OWASP testing guide, Burp Suite, reconnaissance, exploitation, reporting, and any task requiring structured security assessment within authorized engagements or CTF competitions.
Expert methodology for analyzing and summarizing research papers, extracting key contributions, methodological details, and contextualizing findings. Use when reading papers from PDFs, DOIs, or URLs to create structured summaries for researchers.