원클릭으로
lab-notebook
Use after every NSS scan, investigation, or triage. Write lab notebook entry comparing this run to prior runs.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Use after every NSS scan, investigation, or triage. Write lab notebook entry comparing this run to prior runs.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Practitioner-elevated asset tracing patterns from SlowMist Crypto-Asset-Tracing-Handbook. Provides canonical property tables for obfuscation patterns (peel chains, mixers, bridge hops), address behavior clustering/risk profiling, cross-chain reconstruction workflows. Hard-first on behavioral + flow invariants. Integrates with codegraph-x-ray, deep-dive-handoff, and bounty forensics. Includes reference implementation for mixer deposit/withdrawal clustering. Trigger: alpha-miner on tracing handbook or similar.
Drop-in skill adapted from Glider query engine for static analysis, taint tracking, CFG/DFG traversal in bug bounty. Supports lazy reference loading, creativity layer for audited targets, integrates with bounty-loop. EVM priority with Solana compatibility.
Use for mining validator/runtime/cache/storage-key coherence bugs in blockchain clients, VMs, program loaders, bridge runtimes, and execution harnesses. Hard-first on stale cache, recycled identifier, partial flush, epoch/generation drift, mempool/order-dependent runtime state, and storage-key confusion. Trigger on runtime cache invariant, stale cache bug, VM storage confusion, client cache coherence, Aptos-style hijack, validator-local state, epoch-boundary bug, or when alpha-miner extracts runtime/client exploit engineering.
Cross-references a graphified target codebase (codegraph-x-ray output) against the local AuditVault corpus to surface structurally analogous historical vulnerabilities. Run after codegraph-x-ray has completed and produced invariants.md and property_candidates.md. Produces ranked pattern-match hits with per-finding graph anchor evidence. Pattern matches are advisory signals only — never evidence of exploitability and never a substitute for live reproduction or submission-gate validation.
Combines structured codegraph intelligence with rigorous invariant synthesis. Enforces high-quality usage of codegraph to identify the Primary Target Subsystem, then applies ordered structural invariant discovery with strict verification gates. Produces categorized invariants and high-quality property candidates ready for ultrafuzz-discovery. Trigger on codegraph-x-ray, x-ray with codegraph, invariant synthesis, primary subsystem invariants.
Optional accelerator and scaffolder for ultrafuzz-discovery. Brings parallel specialized invariant discovery agents, automated harness/handler scaffolding, coverage-driven refinement loops, property tagging, and reproducible test generation helpers from high-quality EVM fuzz patterns. Designed to speed up property fan-in and executable attempts phases while preserving NSS rigor, fresh-context pass@k, adjudication, and Crucible usage. Trigger on fuzz-scaffolder, accelerate invariant discovery, generate fuzz harness, scaffold handlers.
| name | lab-notebook |
| description | Use after every NSS scan, investigation, or triage. Write lab notebook entry comparing this run to prior runs. |
Hermes is the lab notebook. The Python pipeline is the instrument; you record what was tried, what differed, and what it means.
Mandatory after:
nss-hipif-chain (primary daily cron) / nss-hipif-chain-run.py deterministic chainnss-bounty-loop tick inside HIPIF depth/hunt subgoalsbounty loop, investigate, or run sessions worth keepingUse the memory tool to append to MEMORY.md in this profile. Update sections: Active campaigns, Lessons/Gotchas, Open questions.
Write a dated entry:
data/security_results/lab_notebook/YYYY-MM-DD-<slug-or-scan>.md
# Lab entry — YYYY-MM-DD
## Trigger
cron: nss-hipif-chain | nss-bounty-loop | manual | ...
## Scan queue (dry-run top 3)
- slug: grade, scan_grade3_plus, submittable_candidate, analogue
## Investigated
- [slug]: config path, proposals file, campaign_id
## Delegate proposals vs last run
- New templates/params: ...
- Repeated (same as last): ...
- Rejected by validate_hypothesis: ...
## Engine outcome
- Findings: N | max grade: G | novel vs catalogue: ...
- findings_store campaign stats (if available): ...
## Same vs different
Explicit: did we probe differently, or rerun the same assay?
## Night Shift handoff (Day Shift sessions)
- Cron OK to run: ...
- Cron skip / deprioritize: ... (avoid duplicate assays Day Shift already completed)
- Open questions for Kate: ...
## Next action
One concrete step.
## Skill/recon updates
- Gotcha to add: ...
- recon.json change: ...
Before writing, read when available:
lab_notebook/*.md for same slugdata/security_results/hermes_proposals/ (last 2 JSON files)knowledge --campaign <id> --statsbounty_scan/latest.json or immunefi_scan/latest.json (scan-only entries)loop/state.json (saturated slugs, RSI: cooldown, refinement queue)knowledge/improvement_ledger.jsonl (RSI actions)