Find the perfect skill
SOC2 Compliance Checker
Security
Automatically activates when you mention SOC2 compliance checking. Provides step-by-step guidance, best practices, and generates production-ready code and configurations for SOC2 compliance tasks. Ideal for penetration testing, compliance frameworks, threat modeling, and enterprise security.
Secrets Management
Security
Implement secure secrets management for CI/CD pipelines using tools like HashiCorp Vault, AWS Secrets Manager, or native platform solutions. This skill covers storing and rotating sensitive credentials such as API keys and database passwords, integrating retrieval into CI pipelines, and following least-privilege access principles.
Insecure Deserialization Checker
Security
Validates insecure deserialization checker operations with automated vulnerability detection. Auto-activating skill for Security Fundamentals covering secure coding practices.
Node.js Security Audit
Security
Scans Node.js applications for security vulnerabilities including RCE, SSRF, SQL injection, and path traversal, with support for Express, Koa, and NestJS frameworks. Helps developers identify and fix critical issues before release by providing a structured checklist, fix examples, and severity ratings.
Python Sandbox Escape
Security
Provides techniques to escape restricted Python eval/exec environments, including basic command execution, class hierarchy traversal, and keyword bypasses using encoding or concatenation. Useful for penetration testing and CTF challenges involving Python jails or sandbox restrictions.
Encrypt/Decrypt BSV Backup Files
Security
Encrypt and decrypt BSV backup files in .bep format using bitcoin-backup CLI. Secure your private keys and sensitive data with AES-256-GCM encryption.
Instantly Enterprise RBAC Configuration
Security
Configure SSO authentication, role-based access control, and organization management for Instantly. Integrate SAML/OIDC with automatic role mapping.
Attack Tree Construction
Security
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.