Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines,...
Use when about to claim work is complete, fixed, or passing, before committing or creating PRs - requires running verification commands and confirming output before making any success claims; evide...
Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks.
Expert in secure mobile coding practices specializing in input validation, WebView security, and mobile-specific security patterns.
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit ...
Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.
This skill should be used when the user asks to "analyze network traffic with Wireshark", "capture packets for troubleshooting", "filter PCAP files", "follow TCP/UDP streams", "dete...
Expert reverse engineer specializing in binary analysis, disassembly, decompilation, and software analysis. Masters IDA Pro, Ghidra, radare2, x64dbg, and modern RE toolchains.
Structured guide for setting up A/B tests with mandatory gates for hypothesis, metrics, and execution readiness.