تشغيل أي مهارة في Manus بنقرة واحدة

attack-path-analysis

Use when Codex is already in the attack-path-analysis phase of a security scan or the user explicitly asks to trace a security finding from source to sink and calibrate severity. Do not use as the primary trigger for full PR, commit, branch, patch, or repository scans.

تشغيل في Manus

نظرة عامة

أمر التثبيت

npx skills add https://github.com/MaTriXy/plugins --skill attack-path-analysis

انسخ والصق هذا الأمر في Claude Code لتثبيت المهارة

المصدر

MaTriXy/plugins

النجوم٠

التفرعات٠

آخر تحديث٣٠ أبريل ٢٠٢٦ في ١٧:٢١

مستكشف الملفات

4 ملفات

SKILL.md

readonly

المزيد من هذا المستودع

نفس المستودع

slack

MaTriXy/plugins

Read Slack context, route to the right Slack workflow, and prepare or perform Slack writes that match the user's intent.

2026-05-180

heygen-avatar

MaTriXy/plugins

Create a persistent HeyGen avatar — a reusable face + voice identity for the agent, the user, or any named character — powered by HeyGen Avatar V technology. Prompt-based creation by default (description → HeyGen builds it); photo upload is optional for real-person digital twins. Use when: (1) giving the agent a face + voice so it can present videos ("bring yourself to life", "create your avatar", "give yourself an avatar", "design a presenter", "set up an avatar", "let's make an avatar"), (2) the user wants to appear in videos as themselves ("create my avatar", "I want my face in a video", "digital twin of me", "build me an avatar"), (3) building a named character presenter ("create an avatar called Cleo", "design a character named X"), (4) establishing HeyGen identity before making videos — the correct FIRST step when no avatar exists yet. Chain signal: when the user says both an identity/avatar action AND a video action in the same request ("create an avatar AND make a video", "set up identity THEN create

2026-05-110

heygen-video

MaTriXy/plugins

Generate HeyGen presenter videos via the v3 Video Agent pipeline — handles Frame Check (aspect ratio correction), prompt engineering, avatar resolution, and voice selection. Required for any HeyGen video generation. Replaces deprecated endpoints with v3. Use when: (1) generating any HeyGen video (via API or otherwise), (2) sending a personalized video message (outreach, update, announcement, pitch, knowledge), (3) creating a HeyGen presenter-led explainer, tutorial, or product demo with a human face, (4) "make a video of me saying...", "send a video to my leads", "record an update for my team", "create a video pitch", "make a loom-style message", "I want to appear in this video", "generate a HeyGen video", "make a talking head video". Accepts avatar_id from heygen-avatar for identity-first HeyGen videos, or uses a stock presenter. Returns video share URL + HeyGen session URL for iteration. Chain signal: when the user wants to create/design an avatar AND make a video in the same request, run heygen-avatar firs

2026-05-110

finding-discovery

MaTriXy/plugins

Use when Codex is already in the finding-discovery phase of a security scan or the user explicitly asks to discover candidate security findings in a repository or code change. Do not use as the primary trigger for full PR, commit, branch, patch, or repository scans.

2026-04-300

security-scan

MaTriXy/plugins

Use when the user asks for a full security scan or security code review of a pull request, commit, branch, patch, working-tree diff, or repository. Run distinct phases: threat modeling, finding discovery, validation, attack-path analysis, and final markdown output.

2026-04-300

validation

MaTriXy/plugins

Use when Codex is already in the validation phase of a security scan or the user explicitly asks to determine whether one or more candidate security findings are valid. Do not use as the primary trigger for full PR, commit, branch, patch, or repository scans.

2026-04-300

المصدر

MaTriXy

MaTriXy/plugins

فتح مستودع GitHub عرض مستودعات المنشئ

أمر التثبيت

تنزيل

تشغيل في Manus

مفيد لـSOC

محللو أمن المعلوماتمهن الحاسوب والرياضيات15-1212L4

name	attack-path-analysis
description	Use when Codex is already in the attack-path-analysis phase of a security scan or the user explicitly asks to trace a security finding from source to sink and calibrate severity. Do not use as the primary trigger for full PR, commit, branch, patch, or repository scans.
metadata	{"short-description":"Analyze attack paths and severity"}

Security Attack Path Analysis

Objective

Turn validated or still-plausible findings into explicit attacker stories, structured attack-path analysis facts, severity calibration, and a final reportability decision grounded in the threat model.

Artifact Resolution

The path references in this skill are the default locations for this phase. If the user explicitly provides a different path for a required input or output, use the user-provided path instead of the corresponding default path referenced in this skill. If a required input is still missing, stop and ask the user for it before continuing. Use the shared scan artifact path conventions in ../../references/scan-artifacts.md.

Workflow

Load the per-scan threat model path from ../../references/scan-artifacts.md as the repo-specific threat-model source of truth. Start from this along with the potential findings. Both inputs are required for this workflow.
- For repository-wide scans, include validation closure rows marked reportable or survives: yes even if they were not assigned polished candidate numbers during discovery.
Determine whether the affected code is in scope for the repository threat model and whether it belongs to a real product surface or real production workflow.
Build a factual attack path using repository evidence only:
- service mapping
- exposure and entry points
- identity, privilege, and trust boundaries
- secrets handling and sensitive-data flow
- reachability
- existing controls and mitigations
Before finalizing scope or reportability-driving facts, identify the strongest repository counterevidence against the key scoping fields and explain why it is or is not dispositive.
Calibrate impact and likelihood from the repository evidence.
Apply a separate final policy-adjustment pass mechanically using those facts and the calibrated severity.
Drop any candidate whose final policy decision is ignore.

Scope and Attack Path Checklist

Use this checklist before finalizing the attack-path facts or policy decision:

Determine whether the finding is actually a real security vulnerability rather than a correctness bug or false positive.
Determine whether the affected code belongs to a real product surface or meaningful production workflow.
Map the relevant service, component, or workflow context from repository evidence.
Establish exposure and entry points from repository evidence such as listeners, ingress, load balancers, service ports, manifests, routing, or network policy.
Establish identities, privileges, and trust boundaries that matter for the path.
Establish whether sensitive data, secrets references, or privileged control paths are involved.
Determine whether a realistic attacker can actually reach and use the issue from an in-scope attack surface.
Identify the strongest repository counterevidence against the scoping and reportability-driving fields before finalizing them.
Lower confidence or keep fields unknown when repository evidence is incomplete; do not automatically suppress a finding solely because deployment evidence is missing.

Counterevidence Checklist

For the most interpretive fields, explicitly ask what repository evidence suggests the opposite and why it does or does not defeat the finding:

In-Scope Status According to the Threat Model
Vector
Auth Scope
Exposure
Cross-Boundary Behavior
Preconditions
Impact Surface

Look specifically for repository evidence that the path is:

out of scope
internal-only
admin-only
not cross-boundary
not attacker-reachable
not meaningfully reportable

Severity and Policy Checklist

Apply severity and policy calibration using references/severity-policy.md.

Output Contract

For each surviving finding include:

title
candidate id, instance key, and ledger row id when provided
affected lines from validation, preserving labeled entrypoint/wrapper, root_control, sink, and concrete_implementation locations
attack path steps
rendered attack-path facts
counterevidence summary and challenges
severity calibration
final policy decision
enough reasoning that a later reader can understand why the finding survived or was suppressed

Render attack-path facts using references/attack-path-facts.md.

Hard Rules

Prefer repository evidence first, but use network connectivity when it materially helps confirm deployment context, reachable surfaces, or other reportability-relevant facts.
Do not invent attack chains that the code does not support.
Do not drop exact affected locations while converting validated findings into attack paths. Repository-wide seeded/root-control rows that survive validation must keep their root-control file:line even when a wrapper, route, or transport is easier to explain.
Do not skip a reportable validation row because a neighboring same-family finding has a cleaner story. Either produce attack-path facts for that exact row or make an explicit final policy decision with repository counterevidence.
Missing public-ingress evidence is not by itself dispositive counterevidence.
Keep attack-path analysis, severity calibration, and final policy suppression as separate sub-stages.
Use the final policy-adjustment matrix mechanically rather than re-arguing severity from scratch after the facts are set.
Save a final visible report using the attack-path analysis report path from ../../references/scan-artifacts.md.

-- Considerations for attack path --

A finding should count as a real security issue if a realistic attacker could use it from a reasonable attack surface relevant to the product, especially if it is something that is part of the thread model.
The attack surface should generally be one that is plausibly exposed to end users / external actors (or another actor explicitly in scope in the threat model), not an arbitrary internal-only or contrived path.

-- Considerations for severity / criticality re-rating --

For high and above, the impact must be materially security-relevant (for example: account takeover, auth bypass, meaningful privilege escalation, significant sensitive data exposure/exfiltration, credible RCE, or similarly severe compromise), not simply a bug or strange behavior
For a finding to remain high or critical, the exploitation path and impact should be clear enough that a professional security reviewer would not need a long speculative argument to justify it.
Do not treat ordinary code bugs as high/critical security issues just because they are bugs or because the scanner labeled them that way.
Do not keep critical based on contrived, highly speculative, or edge-case-only exploit stories unless the threat model explicitly supports those conditions. Critical DEMANDS attention implying an immediate likely threat.
Do not keep high/critical for strange configurations or odd codebase behaviors unless there is clear evidence that an in-scope attacker can realistically exploit them for major impact.
Do not rely on unusual operator mistakes, internal-only access, or non-attacker-reachable code paths to justify severe external impact unless the repository threat model says those actors/paths are in scope.
If the issue is a real bug but not actually a security vulnerability, classify it as ignore (or if you have to low) for criticality purposes.
If there actually provable that there is no bug at all (the description is entirely wrong or made up and you actually got that real proof that it is so), then label it as ignore for criticality to mark a false-positive.

Non-exhaustive examples of vulnerabilities that often support critical when evidenced in code and context:

Credible RCE or arbitrary code execution (command injection, LFI exec, trivial memory corruption exploits, etc); Requires actual proof that attacker input cause this from in-scope attack surface
Real XSS with meaningful proven impact (for example session/token theft, account compromise, privileged action execution, etc)
Account takeover or strong authentication bypass, especially if it is 0-click
Missing authorization checks / authorization bypass / tenant-boundary break (trivial IDOR, easy to swap out org or use ids with no authz, etc)
Severe sensitive data leak (LFI, path traversal, bad scoping of file downloads, access to data without authorization, trivial side-channels) with realistic attacker access (proof the attacker can read secrets, PII, signing keys, credential stores, private keys, classified or highly confidential information (model weights etc))
Trivial memory corruption exploits with known exploit patterns which require little effort to exploit
SQL or other Database or query injection with clear proof of path from attacker input from in-scope attack surface and impact of the injection (leaks sensitive data, inserts dangerous records)
Sandbox, container, VM, browser, or interpreter escape that breaks an intended isolation boundary
Server-side-template-injection when it leads to RCE or leaking of secrets; with actual proof that the templating library can be exploited to do this (RCE escape or secrets/credentials in scope); with actual proof that this can be reached from in-scope attack surface
Arbitrary file write in executable, startup, config, or firmware paths with a realistic path to persistence or code execution. Requires proof that an attacker can actually trigger this from in-scope attack surface.
Logic flaws that allow irreversible or broad compromise of integrity at scale, such as unauthenticated deletion of other users' data, cross-tenant tampering with sensitive records, or unauthorized modification of security-critical configuration, when the impact is clearly demonstrated and severe enough to be compromise-equivalent; when there is actual proof that this logic can be exercised from in-scope attack-surface.
etc, other bugs not listed which follow this level of critical severity and impact; with actual proof that these bugs are reachable from in-scope attack-surface.

Non-exhaustive examples of vulnerabilities that often support high when evidenced in code and context:

Sever Side Request Forgery where there is actual proof of both 1. Attacker can control the url being requested (bypassing protections around that) from in-scope attack-surface and 2. That there are likely other local/lan/cloud services which can be reached to show actual impact. Be careful with reporting webhooks unless there is clear proof that it is dangerous.
Exploitable memory corruption with clear, major impact or ease of exploitation
Arbitrary file read that exposes less-sensitive user data or source code (if you have actual proof it reveals env secrets, then it is critical)
Arbitrary file write in executable, startup, config, or firmware paths with a realistic path to persistence or code execution
CSRF when it enables important state-changing actions such as credential changes, permission changes, payment / billing changes, security-setting changes, or other materially harmful actions, and the victim interaction required is realistic, and is not mitigated by any of these : same-site strict cookies, auth headers, csrf tokens, PUT/PATCH/DELETE, enforced json request body content type.
Hardcoded or default credentials that are valid and reachable and give meaningful access, but not sufficiently broad or privileged to justify high.
Cryptographic failures that allow signature forgery, token forgery, trusted artifact forgery, secure-channel bypass, or decryption of highly sensitive data in a way that directly enables compromise; with actual proof that these are practical attacks and reachable and doable from in-scope attack-surface.
Supply-chain or update-channel compromise that allows malicious code or malicious trusted artifacts to be delivered to users, servers, agents, or endpoints, including signing bypass or package source substitution with real impact. This should focus on actual supply-chain risk and risk around CI actions, not just "does npm report outdated packages"
Authorization bypass, IDOR, or privilege escalation that exposes or modifies meaningful sensitive data or privileged functionality, but is narrower in scope, limited to a smaller set of objects, limited to same-tenant boundaries, or otherwise less catastrophic than the critical cases above.
XXE with clear proof that an attacker can control the XML document through in-scope attack-surface and that the XML engine is vulnerable to XXE
etc, other bugs not listed which follow this level of high severity and impact; with actual proof that these bugs are reachable from in-scope attack-surface.
Dangerous upload / file handling issues that enable stored active content, trusted-origin script execution, or meaningful content-type confusion with real security impact; with actual proof that both the upload and access are reachable through in-scope attack-surface.
Deserialization, SSTI, plugin abuse, macro / template abuse, or interpreter abuse where dangerous primitives are clearly reachable and impactful, but code execution or compromise is not fully proven to the standard needed for critical.

Strong factors that often push a plausible high up to critical:

Unauthenticated or near-unauthenticated reachability from the internet or other broad in-scope surfaces.
0-click or extremely low-friction exploitation.
Cross-tenant / cross-boundary impact rather than same-user or same-tenant impact.
Direct compromise of signing, identity, control-plane, or cloud credentials.
Realistic persistence, mass exploitation, wormability, or compromise of many victims at once.
Clear proof of code execution, full account takeover, or crown-jewel secret access rather than only a plausible path.

Examples that usually should not remain high/critical without very strong proof of it leading to the class of vulnerabilities above:

Generic correctness/reliability bugs
Strange edge cases with unclear attacker value
Low-impact information leaks
Internal-only defects without realistic attacker reachability
The report shows a bug class in isolation, but not a realistic exploit path.
The issue requires the attacker to already have privileged, admin, root, console, shell, or code-execution access.
"Could maybe matter if chained with many assumptions" arguments
Self-XSS, reflected XSS with only an alert-box proof, or XSS without demonstrated access to sensitive data, session material, privileged actions, or comparable real impact.
SQLi or other injection claims with no demonstrated attacker control, no shown sink reachability, or only speculative impact.
CSRF on low-impact actions, cosmetic actions, logout, preferences, or actions requiring unrealistic victim behavior.
Open redirect, clickjacking, user enumeration, rate-limit weakness, banner leakage, version disclosure, directory listing, stack traces, internal hostnames, or basic error-message leakage, unless they are shown as part of a serious exploit chain.
Memory corruption that is theoretical, non-triggerable from in-scope input, or not plausibly exploitable in the target environment.
Missing headers, cookie flags, CSP weaknesses, TLS observations, or crypto hygiene issues without a concrete exploit path and meaningful demonstrated impact.
Reports that effectively say "this could be dangerous if combined with something else" but do not show the something else.
Denial of service that is transient, single-user, self-targeting, easy to mitigate, requires disproportionate attacker resources, or does not create severe and realistic business / safety impact.
Authz findings that require already having the same privilege as the victim, or only expose trivial metadata.
Bugs that already require admin/root/shell access unless the privilege-escalation delta itself is the issue being reported.
Arbitrary file read limited to public files, low-sensitivity files, or source fragments with no realistic security consequence.

High/Critical acceptance checklist (all should be true, unless the threat model strongly justifies an exception):

In-scope component
Realistic attacker
Reasonable in-scope attack surface
Credible exploitation path (not simply speculation)
Major security impact
Would likely be accepted as high/critical (not informational/low) in serious audit or bug bounty triage by a major auditing firm who puts their reputation on the line.