Scan Android APKs for Firebase misconfigurations and exposed credentials. Use when analyzing Android applications for insecure Firebase configurations, leaked API keys, open Realtime Database or Firestore instances, exposed Cloud Storage buckets, or misconfigured authentication settings.
Review security patches and fixes for completeness and correctness. Use when evaluating whether a security fix actually addresses the root cause, checking for fix bypasses, verifying regression tests cover the vulnerability, and ensuring the fix doesn't introduce new issues.
Create custom Semgrep rules for detecting security vulnerabilities and code patterns. Use when writing new Semgrep YAML rules, defining taint tracking sources/sinks, building pattern-based detections, or creating organization-specific security checks.
Search and analyze session logs (older/parent conversations) stored as JSONL files using jq and rg. Use when the user asks about prior chats, previous conversations, conversation history, what was said before, session costs, token usage, or tool usage breakdown across past sessions.
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.
Generate spectrograms and feature-panel visualizations from audio with the songsee CLI. Use when the user wants to visualize an audio file, create a spectrogram image, render mel or chroma panels, analyze frequency content, or produce a multi-panel audio feature grid from MP3 or WAV files.
Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection. Use when running static analysis scans, writing custom detection rules, or processing analysis results.
Atheris is a coverage-guided Python fuzzing framework built on libFuzzer for finding bugs, crashes, and security vulnerabilities in pure Python code and Python C extensions. It provides AddressSanitizer integration for detecting memory corruption, buffer overflows, and use-after-free errors. Assists with writing fuzz harnesses, configuring sanitizers, managing corpora, running fuzzing campaigns, and setting up Docker-based fuzzing environments. Covers instrumentation of Python imports, parallel fuzzing with workers, corpus minimization, and troubleshooting common issues like LD_PRELOAD configuration and compiler flag setup.
Guides the agent through CodeQL static analysis, including creating databases, writing custom QL queries, running interprocedural data flow and control flow analysis, detecting security vulnerabilities, setting up GitHub Actions code scanning, and managing query packs. Covers C, C++, Go, Java, Kotlin, JavaScript, TypeScript, Python, Ruby, Swift, and SARIF output processing.
Guides developers through detecting and preventing side-channel attacks, timing leaks, and constant-time violations in cryptographic implementations. Covers techniques for identifying timing side channels in crypto code, including cache-timing attacks, secret-dependent branching, and microarchitectural leakage. Applies formal verification, statistical analysis (dudect), and dynamic tracing (timecop) to audit crypto primitives for timing vulnerabilities and ensure constant-time execution.
The agent uses coverage analysis to measure which code paths, branches, and functions are exercised during fuzzing campaigns. It generates LLVM and GCC coverage reports, identifies uncovered code blocks, detects magic value checks that block fuzzer progress, and tracks coverage trends over time. The agent applies this technique when assessing harness effectiveness, diagnosing coverage plateaus, comparing differential coverage between campaigns, or integrating coverage instrumentation into CMake and Rust builds using llvm-cov, gcovr, and cargo-fuzz coverage toolchains.
Semgrep is a fast, lightweight static analysis tool for finding bugs, security vulnerabilities, and enforcing code standards across a codebase. The agent should use this skill when asked to run static analysis, scan code for security issues, detect code patterns or anti-patterns, write or test custom Semgrep rules, set up SAST in CI/CD pipelines, triage scan findings, suppress false positives, or perform a rapid security audit without building the project.
Find variants of known vulnerabilities across a codebase. Use when a vulnerability has been found and you need to search for similar patterns elsewhere, when performing systematic variant hunting after a security advisory, or when generalizing a specific bug into a broader detection query.
Check Screenpipe health status, process state, and diagnose common issues
Retrieve and analyze Screenpipe CLI backend logs and desktop app logs for debugging
Query user feedback logs submitted via the app's "send logs" button. Use when debugging user-reported issues, searching for crash patterns, or reviewing feedback.
Extract cognitive patterns and thinking fingerprints from any text. Use this skill when the user wants to analyze how someone thinks, understand cognitive style, profile writing or speech patterns, compare thinking styles between people, asks "what's my thinking style", "analyze how this person reasons", "cognitive profile", "thinking pattern", "DHDNA", "digital DNA", or wants to understand the mind behind any text. Also trigger when the user provides text and wants deeper insight into the author's reasoning patterns, decision-making style, or cognitive signature.
Create professional infographics using Nano Banana Pro AI with smart iterative refinement. Uses Gemini 3 Pro for quality review. Integrates research-lookup and web search for accurate data. Supports 10 infographic types, 8 industry styles, and colorblind-safe palettes.
Comprehensive toolkit for creating, analyzing, and visualizing complex networks and graphs in Python. Use when working with network/graph data structures, analyzing relationships between entities, computing graph algorithms (shortest paths, centrality, clustering), detecting communities, generating synthetic networks, or visualizing network topologies. Applicable to social networks, biological networks, transportation systems, citation networks, and any domain involving pairwise relationships.
GPU-accelerate Python code using CuPy, Numba CUDA, Warp, cuDF, cuML, cuGraph, KvikIO, cuCIM, cuxfilter, cuVS, cuSpatial, and RAFT. Use whenever the user mentions GPU/CUDA/NVIDIA acceleration, or wants to speed up NumPy, pandas, scikit-learn, scikit-image, NetworkX, GeoPandas, or Faiss workloads. Covers physics simulation, differentiable rendering, mesh ray casting, particle systems (DEM/SPH/fluids), vector/similarity search, GPUDirect Storage file IO, interactive dashboards, geospatial analysis, medical imaging, and sparse eigensolvers. Also use when you see CPU-bound Python code (loops, large arrays, ML pipelines, graph analytics, image processing) that would benefit from GPU acceleration, even if not explicitly requested.
Search the web, extract URL content, and run deep research using the Parallel Chat API and Extract API. Use for ALL web searches, research queries, and general information gathering. Provides synthesized summaries with citations.
Full-featured computational pathology toolkit. Use for advanced WSI analysis including multiplexed immunofluorescence (CODEX, Vectra), nucleus segmentation, tissue graph construction, and ML model training on pathology data. Supports 160+ slide formats. For simple tile extraction from H&E slides, histolab may be simpler.
Perform AI-powered web searches with real-time information using Perplexity models via LiteLLM and OpenRouter. This skill should be used when conducting web searches for current information, finding recent scientific literature, getting grounded answers with source citations, or accessing information beyond the model knowledge cutoff. Provides access to multiple Perplexity models including Sonar Pro, Sonar Pro Search (advanced agentic search), and Sonar Reasoning Pro through a single OpenRouter API key.
Triage a dotnet/runtime GitHub issue with duplicate search, label check, reproduction, and ecosystem research, then recommend KEEP/CLOSE/NEEDS INFO. Use when asked to triage, evaluate, assess, or check a specific GitHub issue. Also use when asked "is this a duplicate", "should we close this", "check this issue", "what do you think about this issue", or when given a dotnet/runtime issue URL or number and asked for an opinion. Handles bug reports, API proposals, enhancements, performance regressions, and questions.
