Computer Vision

recon-nmap

Network reconnaissance and security auditing using Nmap for port scanning, service enumeration, and vulnerability detection. Use when: (1) Conducting authorized network reconnaissance and asset discovery, (2) Enumerating network services and identifying running versions, (3) Detecting security vulnerabilities through NSE scripts, (4) Mapping network topology and firewall rules, (5) Performing compliance scanning for security assessments, (6) Validating network segmentation and access controls.

sca-blackduck

Software Composition Analysis (SCA) using Synopsys Black Duck for identifying open source vulnerabilities, license compliance risks, and supply chain security threats with CVE, CWE, and OWASP framework mapping. Use when: (1) Scanning dependencies for known vulnerabilities and security risks, (2) Analyzing open source license compliance and legal risks, (3) Identifying outdated or unmaintained dependencies, (4) Integrating SCA into CI/CD pipelines for continuous dependency monitoring, (5) Providing remediation guidance for vulnerable dependencies with CVE and CWE mappings, (6) Assessing supply chain security risks and third-party component threats.

sca-trivy

Software Composition Analysis (SCA) and container vulnerability scanning using Aqua Trivy for identifying CVE vulnerabilities in dependencies, container images, IaC misconfigurations, and license compliance risks. Use when: (1) Scanning container images and filesystems for vulnerabilities and misconfigurations, (2) Analyzing dependencies for known CVEs across multiple languages (Go, Python, Node.js, Java, etc.), (3) Detecting IaC security issues in Terraform, Kubernetes, Dockerfile, (4) Integrating vulnerability scanning into CI/CD pipelines with SARIF output, (5) Generating Software Bill of Materials (SBOM) in CycloneDX or SPDX format, (6) Prioritizing remediation by CVSS score and exploitability.

network-netcat

Network utility for reading and writing data across TCP/UDP connections, port scanning, file transfers, and backdoor communication channels. Use when: (1) Testing network connectivity and port availability, (2) Creating reverse shells and bind shells for authorized penetration testing, (3) Transferring files between systems in restricted environments, (4) Banner grabbing and service enumeration, (5) Establishing covert communication channels, (6) Testing firewall rules and network segmentation.

container-grype

Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.

vulnerability-management

melodic-software/claude-code-plugins

Vulnerability lifecycle management including CVE tracking, CVSS scoring, risk prioritization, remediation workflows, and coordinated disclosure practices

업데이트 12h ago

bootc

bootc VM management via bcvk (bootc virtualization kit). Run bootablecontainers as VMs for testing. Supports ephemeral (quick test) andpersistent modes. Use when users need to test bootable container imagesas virtual machines.

atrawog/bazzite-ai

업데이트 23h ago

install

Development tool installation dispatcher for bazzite-ai. Installs Claude Code,pixi, chunkhound, bcvk, linters, flatpaks, and more. Use when users need toinstall standalone developer tools (not services with lifecycle management).

atrawog/bazzite-ai

업데이트 16h ago

career-helper

End-to-end career support for job seekers at all levels. Optimizes LinkedIn profiles, rewrites CVs for ATS systems, provides interview preparation with cited answers, researches companies and roles, identifies hiring managers and networking opportunities. When Claude needs to optimize LinkedIn profiles, rewrite CVs for ATS, prepare for interviews, research companies and roles, identify hiring managers, or support job applications and career transitions.

Zal4DW/career-helper

업데이트 12h ago

analysis-swarm

Multi-perspective code analysis using three AI personas (RYAN methodical analyst, FLASH rapid innovator, SOCRATES questioning facilitator) to balance thoroughness with pragmatism. Use when complex code decisions need comprehensive analysis from multiple viewpoints, or when avoiding single-perspective blind spots is critical.

d-o-hub/rust-self-learning-memory

업데이트 21h ago

brainstorming

IMMEDIATELY USE THIS SKILL when creating or develop anything and before writing code or implementation plans - refines rough ideas into fully-formed designs through structured Socratic questioning, alternative exploration, and incremental validation

tilework-tech/nori-cli

업데이트 2h ago

fullstory-analytics-events

Comprehensive guide for implementing Fullstory's Analytics Events API (trackEvent) for web applications. Teaches proper event naming, property structuring, type handling, and e-commerce event patterns. Includes detailed good/bad examples for funnel tracking, feature usage, conversion events, and SaaS subscription flows to help developers capture meaningful business events for analytics and segmentation.

fullstorydev/fs-skills

업데이트 9m ago

dependency-security-scanning

依存関係の脆弱性スキャン、CVE評価、レポート作成を体系化するスキル。SCAの運用と修正計画の整理を支援する。Anchors:• OWASP Dependency-Check / 適用: 依存スキャン / 目的: 検出の標準化• CVSS v3.1 Specification / 適用: 重大度評価 / 目的: 優先度の整合性• Web Application Security / 適用: 脅威評価 / 目的: リスク判定の一貫性Trigger:Use when scanning dependencies for vulnerabilities, evaluating CVE reports, producing audit reports, or planning remediation.dependency scan, CVE, CVSS, SCA, supply chain security, audit report

daishiman/AIWorkflowOrchestrator

업데이트 9m ago

scanning-for-vulnerabilities