Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

coldvault.dev

coldvault.dev 收录了来自 rasata 的 17 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
17
Stars
2
更新
2026-04-21
Forks
0
职业覆盖
3 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

defensive-payload-analysis
信息安全分析师

Conduct a passive, read-only forensic analysis of a potentially malicious source-code tree. Use this skill when the user suspects a repository, archive, or directory contains hidden payloads, C2 code, obfuscated droppers, or compromised build configs (e.g. injected `tailwind.config.js`, trojaned `package.json` postinstall, suspicious base64 blobs). Produces a full report: attacker signature, payload location, statically decrypted IoCs (C2 IPs, ports, paths, XOR keys, drop paths, exfil endpoints).

2026-04-21
html-report-renderer
网页开发工程师

Render reports/findings.json + reports/SUMMARY.md into a single-file, self-contained reports/SUMMARY.html whose visual quality matches the /reports/example-summary page on coldvault.dev. No external fonts, no JS framework, no network fetches — the user can double-click the file, email it, or host it anywhere.

2026-04-21
agentic-actions-auditor
信息安全分析师

Audit GitHub Actions / GitLab CI / CircleCI / Azure Pipelines workflows shipped in target/. Flags the high-risk patterns that have caused real-world supply-chain compromises (pwnrequest, pull_request_target, unpinned actions, secret exfiltration, script-injection via PR title/body).

2026-04-20
audit-context-building
信息安全分析师

Inventory the suspect repository (languages, frameworks, package managers, entry points, build system, CI) before any scan. Always run this first — subsequent skills depend on its output.

2026-04-20
constant-time-analysis
信息安全分析师

Inspect cryptographic code for timing leaks. Flags variable-time comparisons on secrets, early-exit loops, and library calls known to be variable-time. Limited static scope — the definitive check is micro-benchmarks on compiled binaries, but ~70% of timing bugs show up in source review.

2026-04-20
entry-point-analyzer
信息安全分析师

Map the attack surface of target/ — HTTP routes, CLI commands, exported library symbols, message-queue consumers, GitHub Actions triggers, IPC sockets. Produces reports/entry-points.md.

2026-04-20
insecure-defaults-hunter
信息安全分析师

Find default/weak/insecure configurations — weak crypto, TLS disabled, permissive CORS, debug mode in prod paths, unsafe deserialization switches, open S3 buckets, etc. These are the low-hanging fruit most noisy scanners miss.

2026-04-20
secrets-hunter
信息安全分析师

Find credentials, API keys, tokens, private keys, and high-entropy strings in target/. Combines gitleaks, trufflehog, detect-secrets, ggshield, and manual entropy grep. Triages each hit for live vs. test vs. revoked.

2026-04-20
security-review
信息安全分析师

Produce a PR-style security review of a diff (HEAD vs. base) inside target/, emitting findings in the Anthropic claude-code-security-review JSON schema. Use when the analyst only cares about what changed, not the whole repo.

2026-04-20
semgrep-rule-creator
软件开发工程师

Author custom Semgrep rules on the fly to hunt for patterns specific to the current audit. Drops the rule into rules/semgrep/ and runs it against target/. Useful for variant analysis and for codifying a manual finding.

2026-04-20
snyk-sast
信息安全分析师

Snyk Code-parity workflow for static application security testing. Uses Semgrep with curated rulesets plus language-native analyzers to produce findings equivalent to Snyk Code's categories (injection, crypto, authn, etc.).

2026-04-20
snyk-sca
信息安全分析师

Snyk Open Source-parity workflow for software composition analysis. Produces a dependency vulnerability report using open-source tooling (osv-scanner, trivy, grype) plus the bundled snyk CLI if authenticated. Use when the analyst is familiar with the Snyk workflow and wants a drop-in replacement.

2026-04-20
static-analysis-orchestrator
信息安全分析师

Drives the per-language SAST fleet. Decides which analyzers to run based on audit-context-building output, merges SARIF, deduplicates, and produces a single ranked list in reports/sast-merged.sarif.

2026-04-20
supply-chain-risk-auditor
信息安全分析师

Evaluate third-party dependencies for known CVEs, typo-squats, malicious maintainers, install-time hooks, unusual registries, and git-URL dependencies. Combines lockfile parsing with OSV / Trivy / Snyk data.

2026-04-20
untrusted-code-isolation
信息安全分析师

Safety rails. Invoke whenever you are about to run a command that could execute code from target/. Enforces the zero-execution rule defined in CLAUDE.md §0.

2026-04-20
variant-analysis
信息安全分析师

Given a confirmed finding, search the whole target/ for semantically similar bugs. Applies the trailofbits variant-analysis approach — one root cause usually breeds siblings.

2026-04-20
yara-malware-hunter
信息安全分析师

Scan target/ (source AND binaries/assets) with YARA / YARA-X against curated rulesets (Yara-Rules community + Neo23x0 signature-base) plus project-specific rules in rules/yara/. Also handles capa for binary capability extraction.

2026-04-20