Skip to main content
Run any Skill in Manus
with one click
whisper-sec
GitHub creator profile

whisper-sec

Repository-level view of 9 collected skills across 3 GitHub repositories.

skills collected
9
repositories
3
updated
2026-07-13
repository explorer

Repositories and representative skills

ci-cd-pipeline
software-developers

How to use, troubleshoot, and optimize the whisper-opencti CI/CD pipeline — local checks, GitHub Actions workflows, Docker builds, and releases

2026-07-13
opencti-connector
software-developers

Core conventions for building and modifying OpenCTI internal-enrichment connectors in this repo — the enrichment pipeline, connectors-sdk configuration, scope/TLP/playbook gates, the bundle-send contract, and the project's hard constraints. Use when implementing, reviewing, or debugging connector logic.

2026-07-13
opencti-contribution
software-developers

Process for contributing an OpenCTI connector upstream to OpenCTI-Platform/connectors — template structure, the connectors-sdk + pycti requirements, config-schema generation, conventional + signed commits, and the fork PR workflow. Use when preparing or updating an upstream PR.

2026-07-13
connector-validation
software-quality-assurance-analysts-and-testers

Runbook for validating an OpenCTI connector locally — lint (isort/black/flake8 + STIX-ID pylint), pytest, Docker build, dev-stack end-to-end enrichment, and the qa-handoff TC matrix. Use before opening or updating a PR, or whenever connector behavior changes.

2026-07-05
stix-id-generation
software-developers

Rules for generating deterministic STIX 2.1 IDs in OpenCTI connectors — SCOs use the stix2 library's built-in IDs, SDOs/relationships/notes use pycti.*.generate_id. Never use a custom UUID namespace. Use whenever creating or reviewing STIX object construction.

2026-07-05
whisper-brand-protection
information-security-analysts

Run typosquatting and brand-protection sweeps with the WhisperGraph MCP server. Use when the user wants to find lookalike or typosquatted domains of a brand, asks which fake domains impersonate their company, or mentions brand protection, domain monitoring, phishing-domain discovery, or takedown preparation. Generates registered lookalikes with the domain_variants tool, screens which are weaponized against threat feeds, pivots to the registrant via WHOIS, and formats a prioritized monitoring and takedown report.

2026-05-14
whisper-cypher
database-architects

Write efficient, valid Cypher queries against the WhisperGraph MCP server's internet graph (20 node labels, 29 edge types covering DNS, BGP, WHOIS, GeoIP, email, and threat intelligence). Use when the user wants to query, analyze, or explore WhisperGraph, asks how to traverse the graph, hits a query that was rejected or timed out, asks about the schema or edge directions, or needs analytical or aggregate graph questions answered. Bundles the full schema reference, a validated query cookbook organized by analyst persona, and the server's seven validation rules so queries return in milliseconds instead of being rejected.

2026-05-14
whisper-investigate
information-security-analysts

Investigate IPs, domains, hostnames, ASNs, or CIDRs for threats using the WhisperGraph MCP server's internet infrastructure graph (7.4B nodes, 39B edges, 5.6M threat-intel edges across DNS, BGP, WHOIS, web links, and threat feeds). Use when the user asks whether an IP or domain is malicious, says to investigate an indicator, asks who is behind a domain, wants to pivot from an IOC, or mentions threat triage, IOC enrichment, WHOIS or BGP history, or attack-surface mapping from an indicator. Chains the explain_indicator, whisper_history, and query tools in the right order and avoids Cypher patterns that time out on billion-node labels.

2026-05-14
Showing 3 of 3 repositories
All repositories loaded