Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

coldvault.dev

coldvault.dev contient 17 skills collectées depuis rasata, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
17
Stars
2
mis à jour
2026-04-21
Forks
0
Couverture métier
3 catégories métier · 100% classifié
explorateur de dépôts

Skills dans ce dépôt

defensive-payload-analysis
Analystes en sécurité de l'information

Conduct a passive, read-only forensic analysis of a potentially malicious source-code tree. Use this skill when the user suspects a repository, archive, or directory contains hidden payloads, C2 code, obfuscated droppers, or compromised build configs (e.g. injected `tailwind.config.js`, trojaned `package.json` postinstall, suspicious base64 blobs). Produces a full report: attacker signature, payload location, statically decrypted IoCs (C2 IPs, ports, paths, XOR keys, drop paths, exfil endpoints).

2026-04-21
html-report-renderer
Développeurs web

Render reports/findings.json + reports/SUMMARY.md into a single-file, self-contained reports/SUMMARY.html whose visual quality matches the /reports/example-summary page on coldvault.dev. No external fonts, no JS framework, no network fetches — the user can double-click the file, email it, or host it anywhere.

2026-04-21
agentic-actions-auditor
Analystes en sécurité de l'information

Audit GitHub Actions / GitLab CI / CircleCI / Azure Pipelines workflows shipped in target/. Flags the high-risk patterns that have caused real-world supply-chain compromises (pwnrequest, pull_request_target, unpinned actions, secret exfiltration, script-injection via PR title/body).

2026-04-20
audit-context-building
Analystes en sécurité de l'information

Inventory the suspect repository (languages, frameworks, package managers, entry points, build system, CI) before any scan. Always run this first — subsequent skills depend on its output.

2026-04-20
constant-time-analysis
Analystes en sécurité de l'information

Inspect cryptographic code for timing leaks. Flags variable-time comparisons on secrets, early-exit loops, and library calls known to be variable-time. Limited static scope — the definitive check is micro-benchmarks on compiled binaries, but ~70% of timing bugs show up in source review.

2026-04-20
entry-point-analyzer
Analystes en sécurité de l'information

Map the attack surface of target/ — HTTP routes, CLI commands, exported library symbols, message-queue consumers, GitHub Actions triggers, IPC sockets. Produces reports/entry-points.md.

2026-04-20
insecure-defaults-hunter
Analystes en sécurité de l'information

Find default/weak/insecure configurations — weak crypto, TLS disabled, permissive CORS, debug mode in prod paths, unsafe deserialization switches, open S3 buckets, etc. These are the low-hanging fruit most noisy scanners miss.

2026-04-20
secrets-hunter
Analystes en sécurité de l'information

Find credentials, API keys, tokens, private keys, and high-entropy strings in target/. Combines gitleaks, trufflehog, detect-secrets, ggshield, and manual entropy grep. Triages each hit for live vs. test vs. revoked.

2026-04-20
security-review
Analystes en sécurité de l'information

Produce a PR-style security review of a diff (HEAD vs. base) inside target/, emitting findings in the Anthropic claude-code-security-review JSON schema. Use when the analyst only cares about what changed, not the whole repo.

2026-04-20
semgrep-rule-creator
Développeurs de logiciels

Author custom Semgrep rules on the fly to hunt for patterns specific to the current audit. Drops the rule into rules/semgrep/ and runs it against target/. Useful for variant analysis and for codifying a manual finding.

2026-04-20
snyk-sast
Analystes en sécurité de l'information

Snyk Code-parity workflow for static application security testing. Uses Semgrep with curated rulesets plus language-native analyzers to produce findings equivalent to Snyk Code's categories (injection, crypto, authn, etc.).

2026-04-20
snyk-sca
Analystes en sécurité de l'information

Snyk Open Source-parity workflow for software composition analysis. Produces a dependency vulnerability report using open-source tooling (osv-scanner, trivy, grype) plus the bundled snyk CLI if authenticated. Use when the analyst is familiar with the Snyk workflow and wants a drop-in replacement.

2026-04-20
static-analysis-orchestrator
Analystes en sécurité de l'information

Drives the per-language SAST fleet. Decides which analyzers to run based on audit-context-building output, merges SARIF, deduplicates, and produces a single ranked list in reports/sast-merged.sarif.

2026-04-20
supply-chain-risk-auditor
Analystes en sécurité de l'information

Evaluate third-party dependencies for known CVEs, typo-squats, malicious maintainers, install-time hooks, unusual registries, and git-URL dependencies. Combines lockfile parsing with OSV / Trivy / Snyk data.

2026-04-20
untrusted-code-isolation
Analystes en sécurité de l'information

Safety rails. Invoke whenever you are about to run a command that could execute code from target/. Enforces the zero-execution rule defined in CLAUDE.md §0.

2026-04-20
variant-analysis
Analystes en sécurité de l'information

Given a confirmed finding, search the whole target/ for semantically similar bugs. Applies the trailofbits variant-analysis approach — one root cause usually breeds siblings.

2026-04-20
yara-malware-hunter
Analystes en sécurité de l'information

Scan target/ (source AND binaries/assets) with YARA / YARA-X against curated rulesets (Yara-Rules community + Neo23x0 signature-base) plus project-specific rules in rules/yara/. Also handles capa for binary capability extraction.

2026-04-20