Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.

MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code

Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities

This is the **deepsafe-scan** security scanner for AI agent environments.

ai-vulnerability-tracker

基于Moltbook社区的高度关注（4151点赞的帖子：供应链攻击风险），我们开发了这个技能安全扫描器。

dependency-vulnerability-checker

xss-vulnerability-scanner

network-security-scanner

vulnerability-report-generator

OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in large language model systems - Brought to you by microsoft/hve-core.

OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core.

OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.

Symbolic execution analysis using Mythril for deep vulnerability detection in smart contracts. Supports configurable transaction depth, timeout settings, and proof-of-concept exploit generation.

Develop comprehensive risk management plans for collections and cultural venues including disaster preparedness, security protocols, and insurance coordination

Integration with security-focused static analysis tools

Scan .claude/ directory for security misconfigurations, exposed secrets, unsafe permissions

Systematic false positive verification for security findings. Provides structured methodology to confirm or dismiss scanner results, manual audit findings, and automated alerts. Adapted from Trail of Bits. Use when triaging security scan results or verifying audit findings.

Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.

面向饮食失调来访者的标准化、类比驱动型生理风险psychoeducation脚本，用于动机性访谈阶段增强内在改变意愿，聚焦食管脆弱性、急性损伤机制与慢性系统影响，强调可逆性与干预窗口期。

在辩证行为疗法（DBT）早期阶段，结构化执行包含DBT心理教育、问题行为界定（依DBT优先级）、行为链分析、辩证认可介入及日记卡协同制定的五环节session，旨在建立技能学习动机并启动行为自我监控。

指导来访者系统拆解问题行为的事件链锁：促发事件→脆弱性因素→行为前想法/情绪→行为本身→即时/延时后果→替代技巧与预防计划，以提升其对认知-情绪-行为联结的觉察与可控感。

>

Check code against security compliance standards and best practices.

Security audits, vulnerability analysis, and security best practices enforcement

Эксперт по политикам бэкапов. Используй для стратегий резервного копирования, retention rules и disaster recovery.

Execute systematic buffer overflow vulnerability discovery and exploitation against Windows applications to achieve remote code execution. This skill enables comprehensive fuzzing to identify crashes,

Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management. Activates for application security, OWASP, and security hardening tasks.

Convert vulnerability reports into actionable patch plans.

灾难恢复

eld-sense-activation

Android APK decompiler that converts DEX bytecode to readable Java source code. Use when you need to decompile APK files, analyze app logic, search for vulnerabilities, find hardcoded credentials, or understand app behavior through readable source code.

Master smart contract security best practices, vulnerability prevention, and secure Solidity development patterns.

Runs Semgrep security scans on the current project to detect vulnerabilities, secrets leakage, and OWASP Top 10 issues. Use when the user asks for security scanning, vulnerability detection, code auditing, secrets checking, or says things like 安全扫描, 代码扫描, 扫漏洞, 安全检查, 漏洞检测, 扫一下安全.

Open source security audit for OpenClaw agents. 72 checks, verified findings, OWASP-mapped, community-maintained.

>

安全审计专家，专注于发现漏洞、设计安全架构和合规性检查。

<!--