一键导入
day-shift-cycle
Use at Day Shift session open and close — read plan, execute blocks, verify, self-audit, hand off to Night Shift, write next session plan.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Use at Day Shift session open and close — read plan, execute blocks, verify, self-audit, hand off to Night Shift, write next session plan.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Practitioner-elevated asset tracing patterns from SlowMist Crypto-Asset-Tracing-Handbook. Provides canonical property tables for obfuscation patterns (peel chains, mixers, bridge hops), address behavior clustering/risk profiling, cross-chain reconstruction workflows. Hard-first on behavioral + flow invariants. Integrates with codegraph-x-ray, deep-dive-handoff, and bounty forensics. Includes reference implementation for mixer deposit/withdrawal clustering. Trigger: alpha-miner on tracing handbook or similar.
Drop-in skill adapted from Glider query engine for static analysis, taint tracking, CFG/DFG traversal in bug bounty. Supports lazy reference loading, creativity layer for audited targets, integrates with bounty-loop. EVM priority with Solana compatibility.
Use for mining validator/runtime/cache/storage-key coherence bugs in blockchain clients, VMs, program loaders, bridge runtimes, and execution harnesses. Hard-first on stale cache, recycled identifier, partial flush, epoch/generation drift, mempool/order-dependent runtime state, and storage-key confusion. Trigger on runtime cache invariant, stale cache bug, VM storage confusion, client cache coherence, Aptos-style hijack, validator-local state, epoch-boundary bug, or when alpha-miner extracts runtime/client exploit engineering.
Cross-references a graphified target codebase (codegraph-x-ray output) against the local AuditVault corpus to surface structurally analogous historical vulnerabilities. Run after codegraph-x-ray has completed and produced invariants.md and property_candidates.md. Produces ranked pattern-match hits with per-finding graph anchor evidence. Pattern matches are advisory signals only — never evidence of exploitability and never a substitute for live reproduction or submission-gate validation.
Combines structured codegraph intelligence with rigorous invariant synthesis. Enforces high-quality usage of codegraph to identify the Primary Target Subsystem, then applies ordered structural invariant discovery with strict verification gates. Produces categorized invariants and high-quality property candidates ready for ultrafuzz-discovery. Trigger on codegraph-x-ray, x-ray with codegraph, invariant synthesis, primary subsystem invariants.
Optional accelerator and scaffolder for ultrafuzz-discovery. Brings parallel specialized invariant discovery agents, automated harness/handler scaffolding, coverage-driven refinement loops, property tagging, and reproducible test generation helpers from high-quality EVM fuzz patterns. Designed to speed up property fan-in and executable attempts phases while preserving NSS rigor, fresh-context pass@k, adjudication, and Crucible usage. Trigger on fuzz-scaffolder, accelerate invariant discovery, generate fuzz harness, scaffold handlers.
| name | day-shift-cycle |
| description | Use at Day Shift session open and close — read plan, execute blocks, verify, self-audit, hand off to Night Shift, write next session plan. |
Session-based operator workflow for Cursor (Day Shift). Complements Hermes cron (Night Shift).
cd /home/kt/projects/rtp/night-shift-security
git pull --ff-only
Read in order:
data/security_results/day_shift/current.md — active plan and block checkboxesdata/security_results/lab_notebook/*.md — newest firstSPEC.md (the operator command cookbook has been folded into SPEC.md §15 from the v4.2-era BOUNTY_RUN.md, which was retired on 2026-06-20)~/.hermes/profiles/night-shift/cron/output/ — last nss-hipif-chain run (if present)data/security_results/intel/latest.md — optional, ≤5 bulletsIf current.md missing or Status: done, promote next.md → current.md or bootstrap from SPEC Next Focus.
[x] in current.md as each completesAwait; log exit codes in plan file.venv/bin/python -m pytest
Plus block-specific proof (examples):
export SOLANA_MAINNET_RPC_URL=http://127.0.0.1:18989
export SOLANA_USE_VALIDATOR=1
SOLANA_EXPLOIT_ID=mango-markets-2022 ./solana/run_validator_test.sh
| Check | Pass criterion |
|---|---|
| Trust boundary | No gate bypass; proposals untrusted until pipeline validates |
| Provenance | Lab notebook includes same vs different |
| Ultrafuzz | Discovery/harness/fuzzing claims used ultrafuzz-discovery; Solana invariant sequence fuzzing prefers Crucible when feasible; real fuzzing is separated from fixed replay |
| SPEC | Shipped work reflected in SPEC if material |
| Diff discipline | Changes serve session blocks only |
| Handoff | Night Shift section filled in plan |
Record in plan: Audit: pass | fix_deferred | blocked
lab-notebook — repo entry under data/security_results/lab_notebook/Status: done in current.mdmv current.md → data/security_results/day_shift/archive/YYYY-MM-DD-<slug>.mddata/security_results/day_shift/next.md (next session plan)next.md → current.md when Kate says start next session (or leave next.md queued)data/security_results/intel/latest.md if intel slice ran## Night Shift handoff
- Cron OK: nss-hipif-chain daily 04:00 (agent + hipif skill; deterministic fallback if no OAuth)
- Cron skip / deprioritize: saturated slugs in loop/state.json; assays Day Shift already completed
- Platform: weekly platform sync --all; platform diff before external submit
- Open questions for Kate: ...
Single message to Kate: blockers, policy gates, priority forks only.
solana/x402-proxy/.wallet/id.json