Find the Right AI Skill for Any Job

Pentester Interviewer

I'm your interviewer for penetration testing, challenging your cybersecurity skills. by Alex Thomas

security-reviewer

Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.

DNS & Networking

Debug DNS resolution and network connectivity. Use when troubleshooting DNS failures, testing port connectivity, diagnosing firewall rules, inspecting HTTP requests with curl verbose mode, configuring /etc/hosts, or debugging proxy and certificate issues.

Security Passwords

Provides curated top password lists for authorized security testing, including common, leaked, and worst passwords under 10MB.

Payloads

Provides curated exploitation payloads for authorized security testing, including anti-virus test files, malicious files, and file name exploits.

REST API Tester

Test REST APIs with customizable headers, authentication, and request bodies. Use when debugging API endpoints, testing authentication flows, validating resp...

Web Vulnerability Assessment

Generate comprehensive web application vulnerability assessments with OWASP-aligned checklists, remediation guides, and testing scripts. Use when assessing w...

FastAPI Production Patterns

Production FastAPI patterns with Pydantic v2, async endpoints, OAuth2/JWT, dependency injection, testing, and Kubernetes deployment

LLM Testing

Provides curated prompts to test LLM security, bias, privacy, alignment, and robustness for authorized AI safety and red team assessments.

Web Shells

Provides diverse web shell samples in PHP, ASP, ASPX, JSP, Python, and Perl for detection, malware analysis, and security testing under authorized conditions.

Pattern Matching

Provides patterns for detecting sensitive data like API keys, credit cards, emails, SSNs, phone numbers, and IPs for authorized security testing and validation.

SQL Injection Testing

Perform authorized security tests to detect, exploit, and validate defenses against SQL injection vulnerabilities in web applications.

Developer Utils

All-in-one developer toolkit for encoding, formatting, time conversion, regex testing, encryption, code snippets, and network utilities.

Pentest Commands

Essential penetration testing command reference. Quick lookup for nmap, Metasploit, hydra, john, nikto, gobuster, and other offensive security tools. Covers...

Vvvv Testing

Set up and run automated tests for vvvv gamma packages and C# nodes -- VL.TestFramework with NUnit for library/package authors (CI-ready), test .vl patches w...

Restic Workstation Backup

Design, implement, and operate encrypted restic backups for Linux home directories with encryption, deduplication, automated scheduling, and restore testing....

Cybersecurity Engine

Complete cybersecurity assessment, threat modeling, and hardening system. Use when conducting security audits, threat modeling, penetration testing, incident...

Clerk Auth

Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.

Awesome Pentest

Browse curated penetration testing resources and exploit databases. Use when planning security audits, researching vulns, or building toolkits.

Senior Security

Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guida...

Cypress Agent Skill

Production-grade Cypress E2E and component testing — selectors, network stubbing, auth, CI parallelization, flake elimination, Page Object Model, and TypeScr...

REST API

Build production-ready REST APIs with contract-first design, secure auth, robust testing, and deployment runbooks.

Django REST Framework

Generate and manage Django REST APIs using DRF with best practices for serializers, viewsets, routing, authentication, optimization, and testing.

aperture: the L402 aware reverse proxy

Install and run Aperture, the L402 Lightning reverse proxy from Lightning Labs. Use when creating L402 paywalls, configuring paid API endpoints, hosting paid content for other agents, or testing L402 authentication flows.

Skill Smoke Test Author

自动为 Skill 生成 smoke test 模板，覆盖依赖缺失、空输入和标准路径。；use for skills, testing, smoke-test workflows；do not use for 写无法执行的测试, 忽略失败路径.

llm-sast-scanner

General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabil...

VAPT Intern

Professional Vulnerability Assessment & Penetration Testing Career Roadmap Platform that generates personalized learning paths for aspiring VAPT professionals.

Agent Pipeline

Manages code task workflow by spawning sub-agents for research, coding, reviewing, security audit, testing, and committing with detailed logging and updates.

GP(en)T(ester)

A cybersec assistant for pentesting guidance. by Roberto Montiel

Selective Pollution Test Skill

Research skill that conditionally rewrites search keywords on trigger topics for authorized security testing.

MUKI Asset Fingerprinting

MUKI asset fingerprinting tool for red team reconnaissance. Use when performing authorized penetration testing, asset discovery, service fingerprinting, vuln...

Gcp Fullstack

Complete development lifecycle super agent for GCP — scaffolding, compute, database, auth, feature generation, testing, pre-production QA gate with go/no-go...

Validator Agent

Validates project pre-deployment by running comprehensive security, testing, quality, documentation, CI/CD, privacy, maintainability, usability, marketabilit...

Hexstrike

Cybersecurity assistant for CTF challenges, penetration testing, network recon, vulnerability assessment, and security research. Use when: (1) solving CTF ch...

Cyber Attack Simulation

Professional security testing and vulnerability assessment tool for simulating cyber attacks and generating comprehensive security reports.

security-test-suite

Performs automated security assessments including vulnerability scans, OWASP Top 10 checks, CVE detection, pen-testing, SSL audits, and API security testing...

Doc Co

Deep co-authoring workflow—context gathering, iterative drafting and structure, reader testing, and quality gates. Use when writing documentation, proposals,...