All Skills

Total 30,372 skills, Security & Compliance has 1084 skills

Showing 12 of 1084 skills

Per page

Downloads

Sort

Security & Compliancejorgealves/agent_skills

prompt-injection-scanner

Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection. Use when designing new agent skills or before deploying agents to public environments where users provide untrusted input.

🇺🇸|EnglishTranslated

Security & Compliancechipagosfinest/enterprise...

legal-catchall

Legal: legal counsel, compliance, contracts, paralegal support. Triggers: contract review, legal advice, compliance, GDPR, SOC2, NDA, terms of service, privacy policy, IP, trademark, litigation, regulatory, vendor agreement.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

constant-time-testing

Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementations for timing vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

burpsuite-project-parser

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancetrailofbits/skills

firebase-apk-scanner

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use when analyzing APK files for Firebase vulnerabilities, performing mobile app security audits, or testing Firebase endpoint security. For authorized security research only.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

entry-point-analyzer

Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by access level (public, admin, role-restricted, contract-only), and generates structured audit reports. Excludes view/pure/read-only functions. Use when auditing smart contracts (Solidity, Vyper, Solana/Rust, Move, TON, CosmWasm) or when asked to find entry points, audit flows, external functions, access control patterns, or privileged operations.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

cairo-vulnerability-scanner

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

audit-prep-assistant

Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates documentation (flowcharts, user stories, inline comments).

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

constant-time-analysis

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets, secret-dependent branches, or constant-time programming questions in C, C++, Go, Rust, Swift, Java, Kotlin, C#, PHP, JavaScript, TypeScript, Python, or Ruby.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

fuzzing-dictionary

Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-specific code.

🇺🇸|EnglishTranslated

Security & Compliancepubnub/skills

pubnub-security

Secure PubNub applications with Access Manager, encryption, and TLS

🇺🇸|EnglishTranslated