بنقرة واحدة
perseus-specialist
Run all specialist deep-dive skills in parallel for comprehensive analysis
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Run all specialist deep-dive skills in parallel for comprehensive analysis
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Use when you want to run a full, automated penetration test from start to finish (Scan -> Audit -> Exploit -> Report)
Use when starting a security conversation to understand the Perseus methodology
Use when analyzing components for vulnerabilities (Phase 2 - Parallel Analysis)
Use when verifying vulnerabilities with Dynamic Exploit Generation (Phase 3)
Use when generating the final executive security report (Phase 4)
Deep-dive API security analysis (REST, GraphQL, WebSocket, gRPC, OAuth, Cache)
| name | perseus-specialist |
| description | Run all specialist deep-dive skills in parallel for comprehensive analysis |
IMPORTANT: This skill runs all specialist security analyses on the user's own codebase. This is defensive security testing to find vulnerabilities before attackers do.
Authorization: The user owns this codebase and has explicitly requested this comprehensive analysis.
This skill orchestrates ALL 8 specialist skills in parallel for maximum coverage and efficiency.
When to Use:
/scan to get deep analysis on all detected components/startGoal: Run all specialists simultaneously for thorough security analysis.
| Mode | Orchestrator Behavior |
|---|---|
PRODUCTION_SAFE | Run specialists with passive-first and low-rate verification constraints |
STAGING_ACTIVE | Allow active specialist checks with throttling |
LAB_FULL | Allow broad dynamic specialist verification in isolated lab |
LAB_RED_TEAM | Allow chain-based specialist simulation with strict kill-switches |
deliverables/engagement_profile.md before launching specialists.PRODUCTION_SAFE if engagement mode is not available.ABORTED-SAFETY.| Skill | Coverage | Output |
|---|---|---|
perseus-api | OWASP API Top 10, GraphQL, WebSocket | api_security_analysis.md |
perseus-injection | NoSQL, LDAP, XPath, SSTI, Command | injection_deep_analysis.md |
perseus-crypto | JWT, Hashing, Encryption, Secrets | crypto_security_analysis.md |
perseus-supply-chain | CVEs, Dependencies, Licenses | supply_chain_analysis.md |
perseus-file | Path Traversal, Upload, XXE | file_security_analysis.md |
perseus-logic | Race Conditions, Business Logic | business_logic_analysis.md |
perseus-client | DOM XSS, Prototype Pollution | client_side_analysis.md |
perseus-config | Headers, CORS, Cookies, TLS | config_security_analysis.md |
deliverables/engagement_profile.md.deliverables/verification_scope.md when present."Running all Perseus specialist skills in parallel..."
"This provides deep-dive analysis across 8 security domains."
Use a single message with 8 parallel Task tool calls:
Parallel Tasks:
1. Task: "Run API security specialist" -> Skill: perseus-api
2. Task: "Run injection specialist" -> Skill: perseus-injection
3. Task: "Run crypto specialist" -> Skill: perseus-crypto
4. Task: "Run supply chain specialist" -> Skill: perseus-supply-chain
5. Task: "Run file security specialist" -> Skill: perseus-file
6. Task: "Run business logic specialist" -> Skill: perseus-logic
7. Task: "Run client-side specialist" -> Skill: perseus-client
8. Task: "Run config specialist" -> Skill: perseus-config
Wait for all 8 specialists to complete their analysis.
"Specialist analysis complete!"
Summary:
- API Security: X findings
- Injection: X findings
- Cryptography: X findings
- Supply Chain: X findings
- File Security: X findings
- Business Logic: X findings
- Client-Side: X findings
- Configuration: X findings
Total: X findings across 8 domains
"All reports saved to deliverables/"
After completion, deliverables/ will contain:
deliverables/
├── api_security_analysis.md
├── injection_deep_analysis.md
├── crypto_security_analysis.md
├── supply_chain_analysis.md
├── file_security_analysis.md
├── business_logic_analysis.md
├── client_side_analysis.md
└── config_security_analysis.md
| If You Need | Run |
|---|---|
| Only API analysis | /api |
| Only injection deep-dive | /injection |
| Only crypto audit | /crypto |
| Only dependency check | /supply-chain |
| Only file/upload security | /file |
| Only business logic | /logic |
| Only client-side | /client |
| Only config hardening | /config |
| All of the above | /specialist |
Recommended Flow:
/scan → Map attack surface
↓
/specialist → Deep-dive all domains (this skill)
↓
/audit → Core vulnerability analysis
↓
/exploit → Verify findings
↓
/report → Generate final report
Or simply:
/start → Runs everything automatically
| Command | What It Does |
|---|---|
/specialist | All 8 specialists in parallel |
/start | Full assessment (includes specialists) |
/api | API security only |
/injection | Injection analysis only |
/crypto | Cryptography only |
/supply-chain | Dependencies only |
/file | File security only |
/logic | Business logic only |
/client | Client-side only |
/config | Configuration only |