MCP App StoreMCP App Store
from correctless63
Goal-directed red team assessment skill for live systems with source-code access; enforces isolation and intensity gating before active testing.
Provides a structured, objective-driven red team workflow for live adversarial assessments where the operator has source code and live system access. Emphasises isolation checks, an intensity gate, boundary mapping, seam identification, attack execution, and mandatory progress visibility and reporting. Includes agent prompts, reporting format, and post-assessment actions.
Use this skill only for controlled, isolated penetration tests with explicit rules of engagement and test/sandbox credentials. Do NOT run against public internet targets or production systems. Activation requires a high-intensity authorization and environmental checks (private IPs, isolated VPS, or Docker Compose networks).
Intended for advanced coding/ops agents capable of orchestration and running background probes (Claude Code, Codex, or similarly capable automation agents). Human oversight strongly recommended for actual execution.
This skill has not been reviewed by our automated audit pipeline yet.
Reverse Engineer
Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for
Teacher Inquiry Cycle Designer
Design a manageable, evidence-informed teacher inquiry cycle from question through data collection, analysis, and sharing to improve classroom practice.
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
CTF Write-up Generator
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.
Azure External Attack Surface Management
Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform
Node.js Best Practices
Guidelines and decision-making for Node.js architecture, runtime, async patterns, security, validation, and testing to inform framework and system choices.
radar — Smart Contract AST & Security Analysis
Multi-framework AST generator and static analysis tool for smart contracts (Rust/Anchor/Stylus and Solidity/Foundry) with a template DSL for writing detection r
Bash Pro
Defensive, production-grade Bash scripting patterns and CI/CD best practices: strict mode, safe argument parsing, testing with Bats, and tooling (ShellCheck/shf