MCP App StoreMCP App Store
from decepticon4,339
Techniques to probe and exploit LLM APIs: rate-limit abuse, token-cost amplification, schema bypass, model-version manipulation, and related probes.
Practical catalogue of attack and probe techniques targeting LLMs when exposed as APIs. Covers patterns for rate-limit and quota abuse, forcing high-cost outputs, bypassing structured-output schemas, probing model-version and context window behavior, and abusing function-calling/tool integrations. Each technique includes detection signals and defensive recommendations.
This is a red-team/reference resource for security researchers, platform defenders, and operator threat-modelling. Use when you need to design tests for cost- or quota-related abuse, validate schema enforcement, fingerprint deployed model variants, or evaluate defenses for tool- and function-call exposures. Not for automated offensive use — research and defensive validation only.
Designed for security researcher toolkits and agent frameworks that can run scripted tests and probes (e.g., LangChain/agent-driven test harnesses). Suitable as a reference for Claude Code / general LLM research workflows.
This skill has not been reviewed by our automated audit pipeline yet.
Scanner Skill — Decepticon
High-volume codebase scanner that shards work, ranks suspicious locations, and promotes a concise set of candidates for deeper analysis.
AD Overview (Decepticon)
Playbook and workflows for Active Directory offensive operations: BloodHound ingestion, Kerberoasting, ADCS ESC scanning, DCSync and LAPS extraction.
APT29 (Cozy Bear) Adversary Emulation Profile
Adversary-emulation profile that maps APT29 (Cozy Bear) ATT&CK TTPs to Decepticon tooling for realistic, cloud- and identity-focused red-team exercises.
Web Recon — Web Application Reconnaissance Hub
Directory, vhost and API enumeration hub with CMS scanning, WAF detection, auth mapping and cookie auditing — a reconnaissance orchestration skillset.
Yielding Bear — Unified LLM Routing
A unified LLM routing API that automatically routes requests to the cheapest capable model across providers to reduce inference cost by ~60-80%.
Reverse Engineer
Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for
Markdrop
Convert PDFs to structured Markdown or interactive HTML and generate AI-powered descriptions for images and tables using multiple LLM providers.
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
CTF Write-up Generator
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.
Azure External Attack Surface Management
Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform
Node.js Best Practices
Guidelines and decision-making for Node.js architecture, runtime, async patterns, security, validation, and testing to inform framework and system choices.
radar — Smart Contract AST & Security Analysis
Multi-framework AST generator and static analysis tool for smart contracts (Rust/Anchor/Stylus and Solidity/Foundry) with a template DSL for writing detection r