from awesome-omni-skills34
A comprehensive penetration testing checklist and operational workflow to plan, scope, monitor, and remediate security tests while preserving provenance of upst
Provides a step-by-step penetration testing checklist and editorial workflow for operators preparing, executing, and following up on pentests. The skill preserves upstream provenance and imported support files, guiding safe preparations (scope, authorization, environment), pre-scan activities, tester selection, monitoring, remediation, and cleanup. It emphasizes auditability by keeping metadata.json and ORIGIN.md links visible so reviewers can trace copied source materials.
Use this skill when you need a repeatable, auditable pentest process: defining scope, obtaining authorization, preparing test environments, running scans, selecting qualified testers, and scheduling remediation and follow-up. Use it when provenance of upstream workflows must remain visible or when you want to package an imported workflow for reviewer packets. NOT for unauthorized offensive testing.
This skill is oriented toward agents that support developer and security workflows (Codex/GPT-style CLIs, Claude Code, Cursor, Gemini CLI) and is safe to route through review/validation flows that preserve provenance.
This skill has not been reviewed by our automated audit pipeline yet.
Azure Identity SDK (TypeScript) v2
Authenticate to Azure services from TypeScript using DefaultAzureCredential, Managed Identity, service principals, and credential chains with provenance-preserv
Conductor Revert (Git-aware Revert Track)
Git-aware revert workflow for reverting tracks, phases, or tasks while preserving provenance and upstream workflow; includes safety checks and an execution plan
Security Threat Model (Repository-grounded)
Generate an evidence-backed, repository-specific threat model that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and prioritized miti
Context Restoration — Code Refactoring
Workflow and best practices for restoring and preserving project context during code refactoring, with provenance and selective file restoration.
HelpDesk Automation (Rube MCP)
Automate HelpDesk workflows via Rube MCP (Composio): list and paginate tickets, manage views, use canned responses, and inspect custom fields while preserving u
Azure Event Hubs (Rust) — Workflow
Run and review Azure Event Hubs workflows in Rust: send/receive events, batch sends, partitioned consumption and checkpointing with preserved provenance.
Azure.Messaging.EventGrid (.NET) v2
Workflow skill for Azure Event Grid (.NET): publish and consume EventGrid and CloudEvents, with examples for publishing, pull delivery, and Azure Functions trig
AgentPhone (Telephony)
Manage AgentPhone telephony workflows: create agents, buy/release numbers, make calls, send/receive SMS, configure webhooks, and inspect transcripts/usage.
Node.js Best Practices (v3)
Decision-focused Node.js guidance for framework choice, async patterns, security, testing, and architecture — teaches how to think about Node.js projects rather
Learning Opportunities
Adds short interactive learning exercises during AI-assisted coding to help developers understand design decisions and new code before merging.
