pi-mono agent framework reference (github.com/badlogic/pi-mono). TRIGGER when: writing agent code using pi-ai/pi-agent-core/pi-coding-agent packages, defining tools with TypeBox schemas, implementing TUI or Web UI over an agent core, building extensions that hook into agent lifecycle, working with session/compaction/retry logic, implementing LLM provider abstractions, or any code that imports from @mariozechner/* packages.
UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient.
Active Directory 域渗透全链路指导技能。基于 GOAD (Game of Active Directory) 靶场实战经验, 涵盖从初始侦察、用户枚举、密码攻击、中继与投毒、ADCS证书攻击、MSSQL利用、提权、 横向移动、凭据提取、ACL滥用、委派攻击、域信任利用到域控拿下的完整渗透链。 当用户提到以下任何关键词时,务必触发此技能: AD渗透、域渗透、Active Directory、域控攻击、内网渗透、kerberoasting、AS-REP roasting、 NTLM relay、responder、bloodhound、certipy、ADCS、ESC1-ESC15、PetitPotam、 noPac、PrintNightmare、横向移动、pass the hash、golden ticket、silver ticket、 DCSync、secretsdump、mimikatz、委派攻击、delegation、ACL滥用、域信任、 forest trust、提权、SeImpersonate、KrbRelay、MSSQL提权、webshell、 凭据收集、密码喷洒、password spray、域枚举、SMB签名、coercer、 shadow credentials、certifried、RBCD、GPO abuse、LAPS、 即使用户没有明确说"域渗透",只要涉及Windows域环境的攻击场景都应使用此技能。
Help with ffuf-based Web parameter fuzzing. Use this skill whenever the user wants to fuzz Web request paths, query parameters, headers, POST bodies, JSON fields, or raw HTTP requests with ffuf, or when they ask for an ffuf command, wordlist choice, false-positive filtering, matcher/filter tuning, or replaying hits into Burp/ZAP.
Navigate the fuzzDicts repository and choose the right dictionary or payload list for authorized Web directory scanning, parameter fuzzing, upload bypass testing, subdomain enumeration, API discovery, credential spraying, and vuln-specific fuzzing. Use this skill whenever the user asks which wordlist to use, wants to browse or classify fuzz dictionaries, needs ffuf/wfuzz/feroxbuster/dirsearch/gobuster-ready file paths, or mentions this repository even if they do not explicitly ask for a skill.
CTF/靶场多层内网渗透指导与自动化脚本生成技能。基于 NPS C2 通道,覆盖从初始侦察、网段发现、 服务利用、Windows/Linux 提权、凭据收集与复用、域渗透(ADCS/noPac/Zerologon)、 云原生/K8s/Docker 逃逸到横向移动的完整渗透链,目标是拿到 FLAG 或域控权限。 触发场景:用户提到内网渗透、CTF内网、靶场、多层内网、横向移动、提权、凭据获取、mimikatz、 hash传递、域渗透、域控攻击、云原生渗透、Docker逃逸、K8s渗透、fscan扫描、服务利用、 Redis、Redis未授权、Redis利用、密码喷洒、ADCS、noPac、Zerologon、PrintSpoofer、Potato提权、SUID提权、 内网信息收集、网段发现、代理链搭建,或需要生成内网渗透自动化脚本时,都应使用此技能。 即使用户只是简单提到"内网"、"横向"、"拿域控"、"打靶场"等口语化表达也应触发。
JWT and OAuth token attack playbook. Use when validating token trust, signing algorithms, key handling, claim abuse, bearer flows, and OAuth account-binding weaknesses.
Help with authorized JWT assessment using ticarpi/jwt_tool. Use this skill whenever the user mentions `jwt_tool`, wants commands for JWT decoding, verification, secret cracking, claim tampering, playbook scans, `alg:none`, key confusion, JWKS spoofing or inline JWK injection, raw-request mode with `-r`, or needs to test bearer-token trust with a real HTTP request. Make sure to use it when the user asks how to audit or exploit JWT handling with `jwt_tool`, even if they only describe the token, headers, cookies, or a captured request and do not explicitly ask for a skill.