Loading...
Loading...
Found 103 Skills
Cryptography techniques for CTF challenges. Use when attacking encryption, hashing, ZKP, signatures, or mathematical crypto problems.
Encrypted backup and restore for OpenClaw Agent workspace files (SOUL.md, MEMORY.md, IDENTITY.md, AGENTS.md, TOOLS.md). Uses tar + openssl (AES-256-CBC) encryption and soul-upload.com API. Auto-generates a new random password for each backup (DO NOT reuse passwords). Use when the user needs to: (1) Back up or upload agent workspace files, (2) Restore or download a previous backup, (3) Delete a backup from remote storage, or (4) Manage encrypted agent persistence.
Use this skill when implementing encryption, hashing, TLS configuration, JWT tokens, or key management. Triggers on encryption, hashing, bcrypt, AES, RSA, TLS certificates, JWT signing, HMAC, key rotation, digital signatures, and any task requiring cryptographic implementation or protocol selection.
Manage S3 buckets with versioning, encryption, access control, lifecycle policies, and replication. Use for object storage, static sites, and data lakes.
Implement strong encryption using AES, RSA, TLS, and proper key management. Use when securing data at rest, in transit, or implementing end-to-end encryption.
AWS CloudFormation patterns for infrastructure security, secrets management, encryption, and secure data handling. Use when creating secure CloudFormation templates with AWS Secrets Manager, KMS encryption, secure parameters, IAM policies, VPC security groups, TLS/SSL certificates, and encrypted traffic configurations. Covers template structure, parameter best practices, cross-stack references, and defense-in-depth strategies.
Create security architecture diagrams using PlantUML syntax with identity, encryption, firewall, and compliance stencil icons. Best for IAM flows, zero-trust architectures, encryption pipelines, compliance auditing, and threat detection. NOT for general cloud infra (use cloud skill) or simple flowcharts (use mermaid).
Role of Web Security Testing and Penetration Engineer, focusing on JavaScript reverse engineering and browser security research. Trigger scenarios: (1) JS reverse analysis: identification of encryption algorithms (SM2/SM3/SM4/AES/RSA), obfuscated code restoration, Cookie anti-crawling bypass, WASM reverse engineering (2) Browser debugging: XHR breakpoints, event listening, infinite debugger bypass, Source Map restoration (3) Hook technology: writing XHR/Header/Cookie/JSON/WebSocket/Canvas Hooks (4) Security product analysis: Offensive and defensive analysis of JS security products such as Ruishu, Jiasule, Chuangyudun, etc. (5) Legal scenarios such as CTF competitions, authorized penetration testing, security research, etc.
ESP32 firmware engineering for ESP-IDF projects. Write, review, and debug embedded C/C++ code involving FreeRTOS tasks/queues/timers, GPIO/I2C/SPI/UART/ADC/PWM peripherals, TWAI/CAN, Wi-Fi/BLE networking, OTA updates, Secure Boot and flash encryption, LVGL display integration, build/flash/monitor workflows, logging, crash analysis, memory/code-size optimization, low-power sleep/wakeup design, on-device USB/serial service terminals, and board bring-up. Use when an agent is asked to implement ESP-IDF firmware features, review embedded changes for correctness or race conditions, investigate boot/runtime failures or Guru Meditation panics, interpret serial logs, fix build/link/flash problems, optimize RAM/flash usage, tune deep sleep/light sleep behavior, harden firmware for production, add a service console/CLI, integrate a display with LVGL, or diagnose hardware-software integration issues on ESP32-class devices.
Code obfuscation analysis and deobfuscation playbook. Use when reversing binaries protected by junk code, opaque predicates, self-modifying code, control flow flattening, VM protection, or string encryption.
Creates and manages secrets in AWS Secrets Manager following security best practices. Always use this skill when creating secrets — it sets up dedicated KMS encryption keys, automatic rotation, least-privilege IAM policies, CloudTrail auditing, and lifecycle management that are essential for production-grade secret handling.
Implement comprehensive cloud security across AWS, Azure, and GCP with IAM, encryption, network security, compliance, and threat detection.