Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
rasata
ملف منشئ GitHub

rasata

عرض على مستوى المستودعات لـ 17 skills مجمعة عبر 1 مستودعات GitHub.

skills مجمعة
17
مستودعات
1
محدث
2026-04-21
خريطة المستودعات

أين توجد skills

أهم المستودعات حسب عدد skills المجمعة، مع حصتها من كتالوج هذا المنشئ وانتشارها المهني.

مستكشف المستودعات

المستودعات و skills الممثلة

defensive-payload-analysis
محللو أمن المعلومات

Conduct a passive, read-only forensic analysis of a potentially malicious source-code tree. Use this skill when the user suspects a repository, archive, or directory contains hidden payloads, C2 code, obfuscated droppers, or compromised build configs (e.g. injected `tailwind.config.js`, trojaned `package.json` postinstall, suspicious base64 blobs). Produces a full report: attacker signature, payload location, statically decrypted IoCs (C2 IPs, ports, paths, XOR keys, drop paths, exfil endpoints).

2026-04-21
html-report-renderer
مطوّرو الويب

Render reports/findings.json + reports/SUMMARY.md into a single-file, self-contained reports/SUMMARY.html whose visual quality matches the /reports/example-summary page on coldvault.dev. No external fonts, no JS framework, no network fetches — the user can double-click the file, email it, or host it anywhere.

2026-04-21
agentic-actions-auditor
محللو أمن المعلومات

Audit GitHub Actions / GitLab CI / CircleCI / Azure Pipelines workflows shipped in target/. Flags the high-risk patterns that have caused real-world supply-chain compromises (pwnrequest, pull_request_target, unpinned actions, secret exfiltration, script-injection via PR title/body).

2026-04-20
audit-context-building
محللو أمن المعلومات

Inventory the suspect repository (languages, frameworks, package managers, entry points, build system, CI) before any scan. Always run this first — subsequent skills depend on its output.

2026-04-20
constant-time-analysis
محللو أمن المعلومات

Inspect cryptographic code for timing leaks. Flags variable-time comparisons on secrets, early-exit loops, and library calls known to be variable-time. Limited static scope — the definitive check is micro-benchmarks on compiled binaries, but ~70% of timing bugs show up in source review.

2026-04-20
entry-point-analyzer
محللو أمن المعلومات

Map the attack surface of target/ — HTTP routes, CLI commands, exported library symbols, message-queue consumers, GitHub Actions triggers, IPC sockets. Produces reports/entry-points.md.

2026-04-20
insecure-defaults-hunter
محللو أمن المعلومات

Find default/weak/insecure configurations — weak crypto, TLS disabled, permissive CORS, debug mode in prod paths, unsafe deserialization switches, open S3 buckets, etc. These are the low-hanging fruit most noisy scanners miss.

2026-04-20
secrets-hunter
محللو أمن المعلومات

Find credentials, API keys, tokens, private keys, and high-entropy strings in target/. Combines gitleaks, trufflehog, detect-secrets, ggshield, and manual entropy grep. Triages each hit for live vs. test vs. revoked.

2026-04-20
عرض أهم 8 من أصل 17 skills مجمعة في هذا المستودع.
عرض 1 من أصل 1 مستودعات
تم تحميل كل المستودعات