Skip to main content
Run any Skill in Manus
with one click
GitHub repository

gemini-security-skills

gemini-security-skills contains 24 collected skills from Masriyan, with repository-level occupation coverage and site-owned skill detail pages.

skills collected
24
Stars
1
updated
2026-05-21
Forks
0
Occupation coverage
6 occupation categories · 100% classified
repository explorer

Skills in this repository

threat-intel-fusion
information-security-analysts

Threat intelligence fusion skill for collecting, normalizing, deduplicating, enriching, and operationalizing IOCs and TTPs from OTX, MISP, abuse.ch, VirusTotal, Shodan, GreyNoise, Censys, CISA KEV, NVD, vendor blogs, and internal telemetry. Use to build STIX/TAXII feeds, ATT&CK-mapped actor profiles, prioritized blocklists, and detection-ready intel packages.

2026-05-21
ai-redteam
information-security-analysts

AI and LLM red-teaming skill for evaluating prompt injection, jailbreak, data exfiltration, tool abuse, agent hijack, RAG poisoning, model denial of service, and unsafe tool-use chains in Gemini, Claude, GPT, and open-weight models. Use to build evaluation harnesses, attack corpora, defensive guardrails, and red-team reports for AI systems you own or are authorized to test.

2026-05-21
api-security-automation
information-security-analysts

API security automation skill for REST, GraphQL, gRPC, and WebSocket APIs. Covers OpenAPI/AsyncAPI ingestion, authenticated fuzzing, OWASP API Top 10 (BOLA, BFLA, mass assignment, SSRF), schema diffing, GraphQL introspection abuse, JWT and OAuth misuse, rate-limit and replay testing. Use to automate API assessments with safe, scoped, evidence-backed findings.

2026-05-21
bug-bounty-workflow
information-security-analysts

Bug bounty workflow skill for program scope mapping, recon-to-report automation, deduplication against prior submissions, and high-signal reporting on HackerOne, Bugcrowd, Intigriti, YesWeHack, and self-hosted programs. Use to organize bounty work end to end while staying inside program rules.

2026-05-21
cloud-security-automation
information-security-analysts

Cloud security posture skill for AWS, Azure, GCP, and multi-cloud. Covers IAM least-privilege, key and secret hygiene, network exposure, data protection, logging coverage, IaC scanning (Terraform, CloudFormation, Bicep, Pulumi), CSPM remediation, and landing-zone hardening. Use for misconfig discovery, IaC review, and automated drift-and-fix workflows on cloud accounts you own.

2026-05-21
detection-engineering
information-security-analysts

Detection engineering skill for writing, testing, and tuning Sigma, YARA, YARA-L, Suricata, Snort, Zeek, KQL, SPL, EQL, Chronicle, and Elastic detection rules. Covers ATT&CK coverage mapping, telemetry gap analysis, false-positive tuning, detection-as-code pipelines, and validation with Atomic Red Team and Caldera. Use to design durable detections backed by tests.

2026-05-21
forensics-triage
information-security-analysts

Digital forensics and incident response triage skill for disk, memory, network, cloud, and endpoint artifacts. Covers Volatility 3, Velociraptor, KAPE, Plaso, Autopsy, Chainsaw, Hayabusa, Zeek, Arkime, EVTX, AWS/Azure/GCP audit logs, and timeline reconstruction. Use to extract IOCs, build incident timelines, and produce defensible analyst reports.

2026-05-21
gemini-tool-orchestrator
information-security-analysts

Natural-language orchestration of security tools through Gemini. Translates intent ("scan this scope for exposed admin panels") into safe, parameterized tool pipelines using nmap, masscan, naabu, httpx, nuclei, ffuf, gobuster, subfinder, amass, dnsx, katana, gau, semgrep, trivy, checkov, gitleaks, syft, grype, and custom scripts. Use when the user wants Gemini to drive a chain of CLI tools end to end with guardrails.

2026-05-21
kubernetes-security
information-security-analysts

Kubernetes and container security skill for cluster hardening, RBAC review, admission control (OPA Gatekeeper, Kyverno), Pod Security Standards, network policies, secrets management, runtime defense (Falco, Tetragon), image supply chain (cosign, SLSA, in-toto), and CIS benchmark compliance. Use to assess and harden clusters you operate.

2026-05-21
osint-recon-automation
information-security-analysts

OSINT and reconnaissance automation skill for passive collection, pivoting, deduplication, and graph-based analysis using subfinder, amass, dnsx, chaos, crt.sh, github-dorks, waybackurls, gau, gitleaks, trufflehog, theHarvester, h8mail, holehe, sherlock, Shodan, Censys, FOFA, and Hunter. Use for asset discovery, exposure monitoring, and authorized reconnaissance only.

2026-05-21
purple-team-automation
information-security-analysts

Purple team automation skill that links offensive emulation (Atomic Red Team, Caldera, Stratus Red Team, Leonidas) with detection validation, telemetry-gap analysis, and continuous control testing. Use to design adversary emulation plans tied to MITRE ATT&CK, execute safe tests in lab or controlled environments, and produce evidence-backed detection coverage reports.

2026-05-21
smart-contract-audit
information-security-analysts

Smart contract and Web3 security audit skill for Solidity, Vyper, Move, and Cairo. Covers reentrancy, access control, oracle manipulation, MEV/sandwich exposure, signature replay, upgrade safety, ERC token edge cases, bridge risk, and DeFi invariants. Tooling includes Slither, Mythril, Echidna, Foundry, Halmo, Certora, and custom invariant tests. Use for design review, code audit, and incident analysis on contracts you own or are authorized to assess.

2026-05-21
assembly-programming
computer-programmers

Assembly programming and low-level debugging skill for reading, writing, explaining, optimizing, and reviewing assembly across x86, x86-64, ARM, AArch64, RISC-V, calling conventions, ABI boundaries, inline assembly, disassembly, stack frames, registers, and binary-level behavior. Use for .s/.asm files, compiler output, reverse-engineering snippets, low-level performance, and crash analysis.

2026-05-09
claude-mythos-emulation
writers-and-authors

Assistant-behavior design skill for approximating a Claude-like analytical, careful, conversational style without claiming to be Claude or Anthropic. Use when the user asks to duplicate, emulate, adapt, or recreate a Claude-style "mythos" or persona for prompts, agent specs, writing style, reasoning discipline, safety posture, or UX behavior.

2026-05-09
cybersecurity-partner
information-security-analysts

Cybersecurity partner skill for acting as a practical security collaborator across architecture review, threat modeling, secure design, risk prioritization, defensive planning, vulnerability remediation, incident readiness, security roadmaps, and technical decision support. Use when the user wants an ongoing security advisor, reviewer, or second set of eyes.

2026-05-09
devsecops
information-security-analysts

DevSecOps skill for securing CI/CD pipelines, infrastructure as code, containers, Kubernetes, cloud deployments, secrets handling, dependency management, SAST/DAST/SCA, release gates, supply-chain controls, SBOMs, policy-as-code, and secure SDLC workflows. Use for pipeline hardening, deployment risk reviews, security automation, and remediation planning.

2026-05-09
exploit-development
information-security-analysts

Authorized exploit development and vulnerability research skill for lab environments, CTFs, owned software, crash analysis, memory corruption, exploitability assessment, fuzzing results, proof-of-concept design, and remediation. Use for defensive validation and education; avoid real-world weaponization, stealth, persistence, evasion, or unauthorized targets.

2026-05-09
go-programming
software-developers

Go software engineering skill for designing, implementing, debugging, testing, reviewing, and refactoring Go applications, CLIs, APIs, services, concurrency code, modules, and tooling. Use for .go files, go.mod/go.sum, goroutines/channels, interfaces, error handling, performance profiling, race fixes, and idiomatic Go architecture.

2026-05-09
malware-reverse-engineering
information-security-analysts

Malware reverse engineering and suspicious artifact analysis skill for defensive triage, static analysis, dynamic analysis planning, unpacking strategy, indicators of compromise, behavior summaries, YARA/Sigma ideas, and remediation guidance. Use for suspicious binaries, scripts, documents, logs, memory artifacts, sandbox reports, and malware family analysis in isolated environments.

2026-05-09
multilingual
interpreters-and-translators

Multilingual communication, translation, localization, and language quality skill for translating, rewriting, localizing, summarizing, tone-matching, and reviewing content across languages. Use for multi-language prompts, UI strings, documentation, cultural adaptation, terminology consistency, bilingual output, language detection, and Indonesian/English or other cross-language workflows.

2026-05-09
offensive-security
information-security-analysts

Authorized offensive security skill for ethical penetration testing, red-team planning, vulnerability validation, reconnaissance of owned assets, web/API/mobile/cloud assessment, report writing, remediation guidance, and lab-based security testing. Use only for systems the user owns or is authorized to test; focus on safe, scoped, legal assessment and defensive improvement.

2026-05-09
prompt-enhancement
technical-writers

Prompt engineering and task-specification skill for improving prompts, agent instructions, system messages, evaluation prompts, coding-agent tasks, multi-step workflows, and LLM output reliability. Use when rewriting vague prompts, adding constraints, reducing ambiguity, improving safety, creating reusable prompt templates, or converting goals into actionable agent instructions.

2026-05-09
python-programming
software-developers

Python engineering skill for implementing, debugging, testing, packaging, typing, reviewing, and refactoring Python applications, scripts, APIs, automation, data processing, CLIs, and libraries. Use for .py files, pyproject.toml, requirements files, pytest, async Python, type hints, packaging, dependency management, and Python performance or reliability work.

2026-05-09
soc-operations
information-security-analysts

Security Operations Center skill for alert triage, detection engineering, incident response, log analysis, threat hunting, SIEM queries, EDR investigation, timeline building, IOC handling, escalation notes, containment recommendations, and analyst-ready reporting. Use for blue-team operations, suspicious event analysis, and defensive cybersecurity workflows.

2026-05-09