Loading...
Loading...
Found 51 Skills
Guidance for extracting secrets from protected or obfuscated binaries through systematic static and dynamic analysis. This skill should be used when tasks involve reverse engineering executables, extracting hidden flags or keys, analyzing binary protections, or decoding obfuscated data within compiled programs.
General coding best practices and software engineering principles to build robust, maintainable, and scalable software.
Clarity smart contract security audit — structured review covering correctness, security vulnerabilities, design concerns, and deployment readiness.
Uses Managed Agents' 14.5-hour runtime to audit an entire codebase overnight. Security, performance, accessibility, dependency issues. You wake up to a full report.
Codebase intelligence for JavaScript and TypeScript. Free static layer finds unused code (files, exports, types, dependencies), code duplication, circular dependencies, complexity hotspots, architecture boundary violations, and feature flag patterns. Optional paid runtime layer (Fallow Runtime) merges production execution data into the same health report for hot-path review, cold-path deletion confidence, and stale-flag evidence. 90 framework plugins, zero configuration, sub-second static analysis. Use when asked to analyze code health, find unused code, detect duplicates, check circular dependencies, audit complexity, check architecture boundaries, detect feature flags, clean up the codebase, auto-fix issues, merge production coverage, or run fallow.
Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates documentation (flowcharts, user stories, inline comments).
Identify unused code, imports, variables, and functions for safe removal.
Run Semgrep SAST scans on code. Supports 30+ languages with OWASP, security, and custom rulesets. Parses results and provides remediation guidance.
Detect codebase bloat through progressive analysis: dead code, duplication, complexity, documentation bloat. Use when context usage high, quarterly maintenance, pre-release cleanup, before refactoring. Do not use when active feature development, time-sensitive bugs, codebase < 1000 lines.
Use this skill when the user asks to "evaluate MCP tools", "test tool selection", "improve tool descriptions", "check MCP schema quality", "eval my MCP server", or wants to measure whether Claude uses their MCP tools correctly. Tests tool selection accuracy, analyzes schema quality, and iteratively optimizes descriptions. Companion to build-mcp-server.
Detects code smells and anti-patterns — long methods, large classes, feature envy, data clumps, primitive obsession, dead code, magic numbers, deep nesting, and more. Uses configurable thresholds from .codeprobe-config.json when available. Trigger phrases: "code smells", "smell check", "anti-patterns", "clean code review".
ReactLynx best practices covering dual-thread architecture and React patterns. Provides rules reference for writing, static analysis for reviewing, and auto-fix for refactoring.