Loading...
Loading...
Found 207 Skills
This skill should be used when fixing bugs, implementing features, debugging issues, or making code changes. Ensures understanding of code flow before implementation by: (1) Tracing execution path with specific file:line references, (2) Creating lightweight text diagrams showing class.method() flows, (3) Verifying understanding with user. Prevents wasted effort from assumptions or guessing. Triggers when users request: bug fixes, feature implementations, refactoring, TDD cycles, debugging, code analysis.
Systematic codebase investigation to extract architectural patterns and implementation details from an existing project, with findings persisted for long-term reuse. Use when the user wants to explore an open-source or existing codebase to understand how it works and inform the development of a new project. Triggers include: "explore this codebase", "investigate this repo", "how does X implement Y", "I want to build X, study how Y does it", "deep dive into this project", "understand how this works".
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns, shellcode landing zones, and suspicious large allocations in process virtual address space.
Use when the user needs to run GitNexus CLI commands like analyze/index a repo, check status, clean the index, generate a wiki, or list indexed repos. Examples: "Index this repo", "Reanalyze the codebase", "Generate a wiki"
Static code analysis and complexity metrics
Security Check - Security review for skills before installation. Triggers: Before installing new skills, regular review of installed skills, or when security issues with a skill are suspected. Security Checks: - Dangerous Commands: rm -rf, sudo, curl|bash, etc. - Network Requests: Potential data leakage risks - File Writes: Writing to sensitive locations - Credentials: Risk of API key/password leakage - Resource Exhaustion: Infinite loops - Privilege Escalation: Privilege escalation attempts - External Dependencies: Suspicious dependencies Commands: - /安检 <skill-path> - Review skill security - /安检 scan <path> - Deep scan - /安检 list - List risks of installed skills - /安检 fix <skill> - Fix security issues - /security <skill-path> - English command Actions: - Auto-fix: Remove or replace dangerous code - Disable: Disable dangerous features - User Confirm: User chooses whether to proceed - Block: Block installation for severe risks Capabilities: Static code analysis, dangerous pattern recognition, risk assessment, auto-fix, user interactive decision making.
Use this skill when the user mentions phrases such as: "analyze a project", "analyze a repository", "analyze GitHub", "project analysis", "source code analysis", "architecture analysis", "code analysis", "learn this project", "research this framework", "see how this library is implemented", "compare two projects", "project evaluation", "framework evaluation"
Explain how something works in this codebase by exploring code and producing a clear architectural explanation. Optionally critique the architecture for issues.
Harness Engineering Phase 1 Step 2: Conduct in-depth analysis of project code and fill in the substantive content of each file in the docs/ knowledge base. Use this skill after the directory skeleton is created by harness-step1-create-agents-md. Immediately trigger this skill when the user says "fill document content", "improve docs/ files", "add substantive content to documents", "analyze project and write architecture document", "write ARCHITECTURE.md", or "write technical decision document". Prerequisite: The project already has AGENTS.md and the docs/ directory skeleton (created by harness-step1).
Analyzing .NET code for modernization. Outdated TFMs, deprecated packages, superseded patterns.
Score the current repo's agent-friendliness on disk and recommend a model class to use for it. Use when the user asks "is this repo a mess?", "which model should I use here?", "is my repo agent-ready?", or invokes /agent-friendly.