ing

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems,…

Atheris is a coverage-guided Python fuzzer based on libFuzzer. Use for fuzzing pure Python code and Python C extensions.

Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.

algorand-vulnerability-scanner — 一个可安装的 AI 智能体技能，由 trailofbits/skills 发布。

Determine whether an app is ready to submit, then drive the current App Store release flow with asc, including validation, staging, review submission,…

Validate App Store submission readiness, submit prepared versions, and monitor review status with current asc commands. Use when shipping or troubleshooting…

Comprehensive code review covering security vulnerabilities, performance bottlenecks, best practices, and refactoring opportunities. Use when user requests…

通过完全匹配目标仓库现有的集成模式，构建新的 API 连接器或提供者。适用于在无需……的情况下添加新的集成。

Laravel 项目的验证循环：环境检查、代码规范检查、静态分析、带覆盖率的测试、安全扫描以及部署就绪检查。

面向医疗应用的受保护健康信息 (PHI) 和个人身份信息 (PII) 合规模式。涵盖数据分类，…

Diagnose and fix Claude in Chrome MCP extension connectivity issues. Use when mcp__claude-in-chrome__* tools fail, return "Browser extension is not connected",…

Assess and classify legal risks using a severity-by-likelihood framework with escalation criteria. Use when evaluating contract risk, assessing deal exposure,…

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting…

Creates devcontainers with Claude Code, language-specific tooling (Python/Node/Rust/Go), and persistent volumes. Use when adding devcontainer support to a…

用于后台任务的定时函数模式，包括间隔调度、cron 表达式、作业监控、重试策略以及……的最佳实践

Safely analyzes and cleans up local git branches and worktrees by categorizing them as merged, squash-merged, superseded, or active work.

通过分析日志、指标和诊断信息来排查 Google Cloud 网络问题。适用于调查 VPC 流日志、NAT、防火墙或威胁日志，查询延迟和吞吐量指标，或运行 Connectivity Tests 以进行路径诊断。

Set up bundle IDs, capabilities, signing certificates, provisioning profiles, and encrypted signing sync with the asc cli. Use when onboarding a new app,…

在检索 Jira 工单、分析需求、更新工单状态、添加评论或流转问题时使用此技能。提供 Jira API…

安装完整的 k-skill bundle 后，配置并验证共享的跨平台设置，然后可选择通过…接入更新检查和 GitHub star 操作