Loading...
Loading...
Found 1,041 Skills
Execute commands on remote servers via SSH. Run commands on remote hosts with key-based authentication.
Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration tests to demonstrate risks from unpatched Windows systems, misconfigured shares, and weak authentication in enterprise networks.
CreatiBI CLI Shared Basics: Application configuration initialization, authentication login (auth login), identity check (auth whoami). Triggered when users need to configure for the first time, use login authorization, encounter insufficient permissions, or use cbi-cli for the first time.
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.
Configures SQL audit logging on CockroachDB clusters to capture security-relevant events including authentication, privilege changes, and sensitive data access. Use when enabling audit logging for compliance, setting up role-based audit policies, or verifying audit configuration.
Expert in migrating Apache Solr collections to OpenSearch indexes. Translates Solr XML/JSON schemas to OpenSearch mappings and converts Solr syntax (Standard, DisMax, eDisMax) into OpenSearch DSL. Provides sizing for nodes, shards, and JVM heap. Provides guidance auf authentication migration from Solr to OpenSearch. Uses the AWS Knowledge MCP Server for accurate, up-to-date OpenSearch and AWS service information.
CCXT cryptocurrency exchange library for Go developers. Covers both REST API (standard) and WebSocket API (real-time). Helps install CCXT, connect to exchanges, fetch market data, place orders, stream live tickers/orderbooks, handle authentication, and manage errors in Go projects. Use when working with crypto exchanges in Go applications, microservices, or trading systems.
Use when you need to design, review, or improve security in Micronaut applications — including micronaut-security authentication, @Secured and intercept-url-map rules, JWT/session strategies, SecurityService checks, CORS, CSRF awareness for browser apps, rejection handlers, and sensitive-data-safe logging. This should trigger for requests such as Add Micronaut security support; Review Micronaut security configuration; Improve API authorization in Micronaut; Add JWT security in Micronaut; Harden Micronaut route authorization rules. Part of cursor-rules-java project
Manage secrets and PKI with HashiCorp Vault. Configure secret engines, authentication methods, and policies. Use when implementing centralized secrets management, dynamic credentials, or certificate management.
Tests WebSocket API implementations for security vulnerabilities including missing authentication on WebSocket upgrade, Cross-Site WebSocket Hijacking (CSWSH), injection attacks through WebSocket messages, insufficient input validation, denial-of-service via message flooding, and information leakage through WebSocket frames. The tester intercepts WebSocket handshakes and messages using Burp Suite, crafts malicious payloads, and tests for authorization bypass on WebSocket channels. Activates for requests involving WebSocket security testing, WS penetration testing, CSWSH attack, or real-time API security assessment.
Leverages Splunk Enterprise Security and SPL (Search Processing Language) to investigate security incidents through log correlation, timeline reconstruction, and anomaly detection. Covers Windows event logs, firewall logs, proxy logs, and authentication data analysis. Activates for requests involving Splunk investigation, SPL queries, SIEM log analysis, security event correlation, or log-based incident investigation.
openerp (Kingdee Cloud·Star ERP CLI) Shared Base: Profile credential configuration, LoginBySign authentication and session reuse, general query (ExecuteBillQuery), output envelope and exit codes, dry-run. Must-read before using openerp for the first time, configuring profile, or troubleshooting authentication/query issues.