with one click
Hub_Dev
Hub_Dev contains 13 collected skills from Matt-Ung, with repository-level occupation coverage and site-owned skill detail pages.
Skills in this repository
Use when a task needs Mandiant capa through the local `runCapa` or `capaHelp` MCP tools, especially when forming a valid capa command string, choosing output mode, or avoiding path-quoting mistakes.
Use when a task needs the local YARA MCP tools `yaraScan`, `yaraScanInline`, `yaraWriteRule`, `yaraListRules`, or `yaraHelp`, including choosing whether to scan with a saved rule file, inline rule text, or persist a rule into the standardized generated-artifact YARA directory.
Use when writing, reviewing, or explaining YARA rule syntax, or when preparing `rule_text` for `yaraScanInline` or `yaraWriteRule` so the rule can be saved into the standardized generated-artifact YARA directory.
Use when a task should persist reusable helper files such as Python deobfuscation scripts, Java helpers, reports, or Ghidra-supporting snippets into the standardized agent artifact directory tree.
Use when the task requires emitting a patched binary copy through the local MCP tool lane, especially for short instruction patches or explicit byte replacements.
Use when a task would benefit from a secondary model call through the local MCP tool lane, especially for Hugging Face or OpenAI-compatible inference, decompilation cleanup, classification, or comparing competing interpretations.
Use when a task needs the local `binwalkScan`, `listBinwalkExtraction`, or `binwalkHelp` MCP tools to scan a file for embedded content, optionally extract it, or inspect extraction results.
Use when a task needs FLOSS through the local `runFloss` or `flossHelp` MCP tools, especially when forming a valid FLOSS command string, choosing flags, or handling quoted paths.
Use when a task needs the local `gitleaksScan`, `gitleaksScanContent`, or `gitleaksHelp` MCP tools to scan repositories, directories, or inline content for exposed secrets.
Use when a task needs the local `resolve_hash_in_hashdb_to_plain` MCP tool to look up hashed API names or constants in HashDB.
Use when a task needs the local `searchsploitSearch`, `searchsploitExamine`, or `searchsploitHelp` MCP tools to search Exploit-DB offline or inspect a specific exploit entry.
Use when a task needs the local `callStrings` MCP tool to run the `strings` utility on a file and get a quick preview of extracted strings.
Use when a task needs the local `trivyScan` or `trivyHelp` MCP tools to scan a filesystem path, repo, config, SBOM, or image for vulnerabilities and misconfigurations.