Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

coldvault.dev

يحتوي coldvault.dev على 17 من skills المجمعة من rasata، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
17
Stars
2
محدث
2026-04-21
Forks
0
التغطية المهنية
3 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

defensive-payload-analysis
محللو أمن المعلومات

Conduct a passive, read-only forensic analysis of a potentially malicious source-code tree. Use this skill when the user suspects a repository, archive, or directory contains hidden payloads, C2 code, obfuscated droppers, or compromised build configs (e.g. injected `tailwind.config.js`, trojaned `package.json` postinstall, suspicious base64 blobs). Produces a full report: attacker signature, payload location, statically decrypted IoCs (C2 IPs, ports, paths, XOR keys, drop paths, exfil endpoints).

2026-04-21
html-report-renderer
مطوّرو الويب

Render reports/findings.json + reports/SUMMARY.md into a single-file, self-contained reports/SUMMARY.html whose visual quality matches the /reports/example-summary page on coldvault.dev. No external fonts, no JS framework, no network fetches — the user can double-click the file, email it, or host it anywhere.

2026-04-21
agentic-actions-auditor
محللو أمن المعلومات

Audit GitHub Actions / GitLab CI / CircleCI / Azure Pipelines workflows shipped in target/. Flags the high-risk patterns that have caused real-world supply-chain compromises (pwnrequest, pull_request_target, unpinned actions, secret exfiltration, script-injection via PR title/body).

2026-04-20
audit-context-building
محللو أمن المعلومات

Inventory the suspect repository (languages, frameworks, package managers, entry points, build system, CI) before any scan. Always run this first — subsequent skills depend on its output.

2026-04-20
constant-time-analysis
محللو أمن المعلومات

Inspect cryptographic code for timing leaks. Flags variable-time comparisons on secrets, early-exit loops, and library calls known to be variable-time. Limited static scope — the definitive check is micro-benchmarks on compiled binaries, but ~70% of timing bugs show up in source review.

2026-04-20
entry-point-analyzer
محللو أمن المعلومات

Map the attack surface of target/ — HTTP routes, CLI commands, exported library symbols, message-queue consumers, GitHub Actions triggers, IPC sockets. Produces reports/entry-points.md.

2026-04-20
insecure-defaults-hunter
محللو أمن المعلومات

Find default/weak/insecure configurations — weak crypto, TLS disabled, permissive CORS, debug mode in prod paths, unsafe deserialization switches, open S3 buckets, etc. These are the low-hanging fruit most noisy scanners miss.

2026-04-20
secrets-hunter
محللو أمن المعلومات

Find credentials, API keys, tokens, private keys, and high-entropy strings in target/. Combines gitleaks, trufflehog, detect-secrets, ggshield, and manual entropy grep. Triages each hit for live vs. test vs. revoked.

2026-04-20
security-review
محللو أمن المعلومات

Produce a PR-style security review of a diff (HEAD vs. base) inside target/, emitting findings in the Anthropic claude-code-security-review JSON schema. Use when the analyst only cares about what changed, not the whole repo.

2026-04-20
semgrep-rule-creator
مطوّرو البرمجيات

Author custom Semgrep rules on the fly to hunt for patterns specific to the current audit. Drops the rule into rules/semgrep/ and runs it against target/. Useful for variant analysis and for codifying a manual finding.

2026-04-20
snyk-sast
محللو أمن المعلومات

Snyk Code-parity workflow for static application security testing. Uses Semgrep with curated rulesets plus language-native analyzers to produce findings equivalent to Snyk Code's categories (injection, crypto, authn, etc.).

2026-04-20
snyk-sca
محللو أمن المعلومات

Snyk Open Source-parity workflow for software composition analysis. Produces a dependency vulnerability report using open-source tooling (osv-scanner, trivy, grype) plus the bundled snyk CLI if authenticated. Use when the analyst is familiar with the Snyk workflow and wants a drop-in replacement.

2026-04-20
static-analysis-orchestrator
محللو أمن المعلومات

Drives the per-language SAST fleet. Decides which analyzers to run based on audit-context-building output, merges SARIF, deduplicates, and produces a single ranked list in reports/sast-merged.sarif.

2026-04-20
supply-chain-risk-auditor
محللو أمن المعلومات

Evaluate third-party dependencies for known CVEs, typo-squats, malicious maintainers, install-time hooks, unusual registries, and git-URL dependencies. Combines lockfile parsing with OSV / Trivy / Snyk data.

2026-04-20
untrusted-code-isolation
محللو أمن المعلومات

Safety rails. Invoke whenever you are about to run a command that could execute code from target/. Enforces the zero-execution rule defined in CLAUDE.md §0.

2026-04-20
variant-analysis
محللو أمن المعلومات

Given a confirmed finding, search the whole target/ for semantically similar bugs. Applies the trailofbits variant-analysis approach — one root cause usually breeds siblings.

2026-04-20
yara-malware-hunter
محللو أمن المعلومات

Scan target/ (source AND binaries/assets) with YARA / YARA-X against curated rulesets (Yara-Rules community + Neo23x0 signature-base) plus project-specific rules in rules/yara/. Also handles capa for binary capability extraction.

2026-04-20