Total 50,510 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Subdomain takeover detection and exploitation playbook. Use when targets have dangling CNAME/NS/MX records pointing to deprovisioned cloud resources, expired third-party services, or unclaimed SaaS tenants that an attacker can register to serve content under the victim's domain.
Dangling markup injection playbook. Use when HTML injection is possible but JavaScript execution is blocked (CSP, sanitizer strips event handlers, WAF blocks script tags) — exfiltrate CSRF tokens, session data, and page content by injecting unclosed HTML tags that capture subsequent page content.
Windows local privilege escalation playbook. Use when you have low-privilege shell access on Windows and need to escalate via token abuse, Potato exploits, service misconfigurations, DLL hijacking, UAC bypass, or registry autoruns.
Linux privilege escalation playbook. Use when you have low-privilege shell access and need to escalate to root via SUID/SGID binaries, capabilities, cron abuse, kernel exploits, misconfigurations, or credential harvesting on Linux systems.
DeFi attack pattern playbook. Use when analyzing flash loan attacks, price oracle manipulation, MEV sandwich attacks, governance exploits, bridge vulnerabilities, and token standard edge cases in decentralized finance protocols.
AV/EDR evasion playbook for Windows. Use when bypassing AMSI, ETW, .NET assembly detection, shellcode execution, process injection, API hooking, and signature-based detection on Windows endpoints.
Audit MCP (Model Context Protocol) server configurations for security issues. Use this skill when: - Reviewing .mcp.json files for security risks - Checking MCP server args for hardcoded secrets or shell injection patterns - Validating that MCP servers use pinned versions (not @latest) - Detecting unpinned dependencies in MCP server configurations - Auditing which MCP servers a project registers and whether they're on an approved list - Checking for environment variable usage vs. hardcoded credentials in MCP configs - Any request like "is my MCP config secure?", "audit my MCP servers", or "check .mcp.json" keywords: [mcp, security, audit, secrets, shell-injection, supply-chain, governance]
Scaled Access integration. Manage data, records, and automate workflows. Use when the user wants to interact with Scaled Access data.
Burp Suite integration. Manage data, records, and automate workflows. Use when the user wants to interact with Burp Suite data.
Analyze contract fundamentals including formation requirements (offer, acceptance, consideration), essential clauses, and common risk areas. Use this skill when the user needs to review a contract, understand contract terms, identify risky clauses, or draft contract provisions — even if they say 'review this agreement', 'what should I watch out for in this contract', or 'is this clause standard'.
Rust security skill for supply chain safety and memory-safe development. Use when auditing dependencies with cargo-audit, enforcing policies with cargo-deny, reviewing RUSTSEC advisories, writing memory-safe FFI patterns, or integrating fuzzing and Miri into a security review pipeline. Activates on queries about cargo-audit, cargo-deny, RUSTSEC advisories, supply chain security, Rust CVEs, safe FFI, or fuzzing for security.
Educational map of behavioral risk screening—volume, velocity, and transit-style heuristics at address and transaction level. Use when the user asks about suspicious pattern detection, structuring-like activity, rapid fund movement, or AML-style behavior rules—not for tuning systems to evade monitoring or for legal conclusions.