All Skills

Total 30,488 skills, Security & Compliance has 1085 skills

Showing 12 of 1085 skills

Per page

Downloads

Sort

testing-handbook-generator

Meta-skill that analyzes the Trail of Bits Testing Handbook (appsec.guide) and generates Claude Code skills for security testing tools and techniques. Use when creating new skills based on handbook content.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

cosmos-vulnerability-scanner

Scans Cosmos SDK blockchains for 9 consensus-critical vulnerabilities including non-determinism, incorrect signers, ABCI panics, and rounding errors. Use when auditing Cosmos chains or CosmWasm contracts.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

substrate-vulnerability-scanner

Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

constant-time-testing

Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementations for timing vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancewaynesutton/convexskills

convex-security-audit

Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

ton-vulnerability-scanner

Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks. Use when auditing FunC contracts.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

wycheproof

Wycheproof provides test vectors for validating cryptographic implementations. Use when testing crypto code for known attacks and edge cases.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

firebase-apk-scanner

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use when analyzing APK files for Firebase vulnerabilities, performing mobile app security audits, or testing Firebase endpoint security. For authorized security research only.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

burpsuite-project-parser

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancetrailofbits/skills

aflpp

AFL++ is a fork of AFL with better fuzzing performance and advanced features. Use for multi-core fuzzing of C/C++ projects.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

cairo-vulnerability-scanner

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.

🇺🇸|EnglishTranslated

Security & Compliance404kidwiz/claude-supercod...

legal-advisor

Provides legal guidance for contracts, compliance, intellectual property, data privacy, and regulatory matters. Use when reviewing contracts, ensuring compliance, protecting IP, or navigating technology law. Triggers include "contract review", "terms of service", "GDPR", "privacy policy", "intellectual property", "licensing", "compliance".

🇺🇸|EnglishTranslated