| name | ai-hacker |
| description | AI and LLM security testing — prompt injection, model manipulation, data exfiltration via AI. Use when testing AI-powered applications, finding prompt injection vulnerabilities, or assessing LLM-integrated systems. |
| domain | cybersecurity |
| tags | ["cybersecurity","hacker","security","testing","threat-defense"] |
Ai Hacker
Overview
Cybersecurity skill for ai hacker. Follows industry best practices and security standards.
When to Use
Trigger phrases:
-
"ai hacker"
-
"Testing applications with AI/LLM features"
-
"Finding prompt injection vulnerabilities"
-
"Assessing AI-powered chatbots and assistants"
-
Testing applications with AI/LLM features
-
Finding prompt injection vulnerabilities
-
Assessing AI-powered chatbots and assistants
-
Testing AI code generation tools
-
Evaluating AI content moderation bypasses
-
Finding data leakage through AI models
When NOT to Use
- When you lack proper authorization for testing
- For production systems without change management
- When the task requires legal or compliance expertise beyond technical scope
Prerequisites
- Access to relevant log sources and security tools
- Understanding of hacker fundamentals
- Appropriate permissions for data access and tool operation
Workflow
import re
IOC_PATTERNS = {
"ip": r"\b(?:\d{1,3}\.){3}\d{1,3}\b",
"domain": r"\b[a-z0-9-]+\.[a-z]{2,}\b",
"hash_md5": r"\b[a-f0-9]{32}\b",
"hash_sha256": r"\b[a-f0-9]{64}\b",
}
def extract_iocs(text: str) -> dict:
return {k: re.findall(v, text) for k, v in IOC_PATTERNS.items()}
- Define Objectives — Clarify the goals and scope for hacker.
- Gather Resources — Collect tools, data, and access needed for hacker.
- Execute Process — Carry out hacker operations methodically.
- Verify Quality — Check results against acceptance criteria.
- Document Outcomes — Record findings, decisions, and next steps.
Tools
- Analysis Platform — Data processing and visualization
- Collaboration Tools — Team coordination and knowledge sharing
Process
- Reconnaissance — Gather target information, identify attack surface, enumerate services
- Analysis/Exploitation — Execute the technique, analyze results, document findings
- Reporting — Document IOCs, write findings, provide remediation recommendations
Verification
Anti-Rationalization
| Rationalization | Reality |
|---|
| "We are too small to be targeted" | Automated attacks target everyone. Size does not matter. |
| "Security slows us down" | A breach slows you down 100x more. Build security in from the start. |
| "We will fix it after launch" | Vulnerabilities in production are exploited within hours. Fix before deploy. |