SKILL.md packages that extend Claude Code, Cursor, Copilot, and other AI agents.
Tags

solana-clawd
Instructions and guardrails for installing and using the 1Password CLI (`op`) safely inside a managed tmux session, with recommended workflows to avoid leaking

bug-hunter
Run an adversarial, sequential-first pipeline (Recon → Hunter → Skeptic → Referee) to find, verify, and optionally auto-fix runtime bugs and security issues acr

agent-skills
Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform

claude-code-plugins-plus-skills
Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

agent-bom
Monitor an agent fleet, surface trust scores, and run a local dashboard to inspect lifecycle and security signals.

uniswapv4-hooks-skill
Guides secure development, review, and auditing of Uniswap v4 hook contracts with threat models, permission guidance, and safe templates.

decepticon
High-volume codebase scanner that shards work, ranks suspicious locations, and promotes a concise set of candidates for deeper analysis.

openclaw-master-skills
Provides agents a funded identity (wallet, email) plus paid API tools: web search, image/video/music generation, SMS/voice, email, and an LLM gateway — useful w

cryptoskill
Comprehensive Ethereum (EVM) guidance for building, auditing, testing, and operating smart contracts, dApps, and onchain services.

nethereum
Practical examples and snippets for generating keys, creating accounts, and encrypting/decrypting keystores using Nethereum for .NET applications.

openagentscontrol
Automated code review guidance focusing on security, correctness, and maintainability; used to validate changes before committing.

clawsec
Generate deterministic runtime attestations and perform fail-closed drift detection for Hermes-managed infrastructure.

claude-bughunter
Guided hunting methodology for server-side request forgery (SSRF): detection, OOB validation, payloads, bypass techniques, and escalation chains.

cowork-os
Run a consensus-style multi-agent review of a pull request and produce severity-ranked findings and actionable remediation steps.

skills
Full CLI integration for Caido: search HTTP history, replay and edit requests, manage scopes, create findings, export curl PoCs, and control intercepts via the

my-cc-harness
Performs a dual-pass code review of the current branch using Codex (GPT) and Claude, producing structured findings and severity classifications.

skills
Scans codebases for rate-limiting and API throttling anti-patterns, producing actionable reports and CI-friendly output to prevent brute-force, retry storms, an

correctless
Turn a feature idea into a structured, testable specification with configurable intensity, research, and STRIDE-backed invariants.

red-team-blue-team-agent-fabric
A comprehensive, defensive test suite that runs protocol and decision-layer security checks against AI agent systems to surface vulnerabilities before deploymen

mitre-attack-agent-skills
Defensive analysis skill for MITRE ATT&CK T1569.001 (Launchctl): detection, triage, and mitigation guidance for macOS adversary activity.

reverse-engineering-assistant
Framework and playbook for discovering and exploiting memory-corruption vulnerabilities (buffer overflows, format strings, heap exploits, ROP) to capture CTF fl

TerminalSkills Skills Library
Documentation and best-practices for E2B sandboxes: run AI-generated code, install packages, manage files, and return artifacts safely.

megacode
Run privacy-preserving RLM-driven security audits on large .NET repositories, producing prioritized findings and actionable remediation guidance.

claude-skill-registry
Guided procedures and tool-aware workflows for proactive threat hunting (IOCs, TTPs, SIEM queries) and producing triage reports.

devops-security-agent-skills
Guidance and templates to implement FedRAMP/NIST 800-53 controls, continuous monitoring, and authorization artifacts for cloud services pursuing federal complia

anti-distill
Cleans and anonymizes employee SKILL.md files by removing sensitive, tacit, and proprietary details while preserving structure for safe submission.

lingxling
Defensive, production-grade Bash scripting patterns and CI/CD best practices: strict mode, safe argument parsing, testing with Bats, and tooling (ShellCheck/shf

netclaw
Search the NVD for CVEs by ID or keyword, retrieve CVSS scores, CWE info, affected configurations and remediation references to support audits, incident respons

antigravity-awesome-skills
Guidelines and decision-making for Node.js architecture, runtime, async patterns, security, validation, and testing to inform framework and system choices.

claude-matrix
A 5-agent, context-aware code review pipeline for comprehensive PR and staged-change reviews, including security detection, blast-radius analysis, triage, remed