High-performance vector similarity search engine for RAG and semantic search. Use when building production RAG systems requiring fast nearest neighbor search, hybrid search with filtering, or scalable vector storage with Rust-powered performance.

Guarantee valid JSON/XML/code structure during generation, use Pydantic models for type-safe outputs, support local models (Transformers, vLLM), and maximize inference speed with Outlines - dottxt.ai's structured generation library

Reduce LLM size and accelerate inference using pruning techniques like Wanda and SparseGPT. Use when compressing models without retraining, achieving 50% sparsity with minimal accuracy loss, or enabling faster inference on hardware accelerators. Covers unstructured pruning, structured pruning, N:M sparsity, magnitude pruning, and one-shot methods.

Train Mixture of Experts (MoE) models using DeepSpeed or HuggingFace. Use when training large-scale models with limited compute (5× cost reduction vs dense models), implementing sparse architectures like Mixtral 8x7B or DeepSeek-V3, or scaling model capacity without proportional compute increase. Covers MoE architectures, routing mechanisms, load balancing, expert parallelism, and inference optimization.

'Check and optimize MetaDescription frontmatter fields in VS Code documentation. Use when auditing, adding, or improving page descriptions for SEO and discoverability. Apply this when making content changes to markdown articles.'

'Analyzes bootkit and advanced rootkit malware that infects the Master Boot Record (MBR), Volume Boot Record

Extract and analyze Cobalt Strike beacon configuration from PE files and memory dumps to identify C2 infrastructure,

Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns,

Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules),

'Analyzes RAM memory dumps from compromised systems using the Volatility framework to identify malicious processes,

'Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility

Detect and analyze Linux persistence mechanisms including crontab entries, systemd service units, LD_PRELOAD

'This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS,

Implement a vulnerability aging dashboard and SLA tracking system to measure remediation performance against

'Collects and synthesizes open-source intelligence (OSINT) about threat actors, malicious infrastructure, and

'Performs memory forensics analysis using Volatility 3 to extract evidence of malware execution, process injection,

Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows

'Detects fileless malware and in-memory attacks that execute entirely in RAM without writing persistent files

'Detects and analyzes fileless malware that operates entirely in memory using PowerShell, WMI, .NET reflection,

Detect Mimikatz execution through command-line patterns, LSASS access signatures, binary indicators, and in-memory

'Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing,

Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials

Detect process injection techniques (T1055) including classic DLL injection, process hollowing, and APC injection

Extract cached credentials, password hashes, Kerberos tickets, and authentication tokens from memory dumps using

Hardening Docker containers for production involves applying security best practices aligned with CIS Docker

'Hardens Linux endpoints using CIS Benchmark recommendations for Ubuntu, RHEL, and CentOS to reduce attack surface,

'Hardens Windows endpoints using CIS (Center for Internet Security) Benchmark recommendations to reduce attack

Detect Cobalt Strike beacon network activity using default TLS certificate signatures (serial 8BB00EE), JA3/JA3S/JARM

Ed25519 is a high-performance digital signature algorithm using the Edwards curve Curve25519. It provides 128-bit

'Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant

'Implements memory protection mechanisms including DEP (Data Execution Prevention), ASLR (Address Space Layout

Build network traffic baselines from NetFlow/IPFIX data using Python pandas for statistical analysis, z-score

Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace

Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email

Monitor for brand impersonation attacks across domains, social media, mobile apps, and dark web channels to detect

'This skill covers hardening container images by minimizing attack surface, removing unnecessary packages, implementing

Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying

'Performing comprehensive security assessments of Google Cloud Platform environments using Forseti Security,

Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control

'Performs rapid malware triage and classification using YARA rules to match file patterns, strings, byte sequences,

Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware

'Use YARA pattern-matching rules to hunt for malware, suspicious files, and indicators of compromise across filesystems

'Develops comprehensive threat actor profiles for APT groups, criminal organizations, and hacktivist collectives

Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated

This target provides benchmark tooling for CLI workflows.

Backlink profile analysis: referring domains, anchor text distribution, toxic link detection, competitor gap analysis. Works with free APIs (Moz, Bing Webmaster, Common Crawl) and DataForSEO extension. Use when user says backlinks, link profile, referring domains, anchor text, toxic links, link gap, link building, disavow, or backlink audit.

>

>

>

Comprehensive SEO analysis for any website or business type. Full site audits, single-page analysis, technical SEO (crawlability, indexability, Core Web Vitals with INP), schema markup, content quality (E-E-A-T), image optimization, sitemap analysis, and GEO for AI Overviews/ChatGPT/Perplexity. Industry detection for SaaS, e-commerce, local, publishers, agencies. Triggers on: SEO, audit, schema, Core Web Vitals, sitemap, E-E-A-T, AI Overviews, GEO, technical SEO, content quality, page speed, structured data.