Guidance for bypassing HTML/JavaScript sanitization filters in security testing contexts. This skill should be used when tasked with finding XSS filter bypasses, testing HTML sanitizers, or exploiting parser differentials between server-side filters and browsers. Applies to CTF challenges, authorized penetration testing, and security research involving HTML injection and JavaScript execution through sanitization bypasses.
Debugging crashes related to custom memory heap implementations, particularly release-only crashes involving static destruction order, use-after-free during program shutdown, and memory lifecycle issues between custom allocators and standard library internals. This skill should be used when debugging segfaults or memory corruption that only occur in release/optimized builds, involve custom memory allocators or heap managers, or manifest during static object destruction after main() returns.
Guidance for reverse engineering graphics rendering programs (ray tracers, path tracers) from binary executables. This skill should be used when tasked with recreating a program that generates images through ray/path tracing, particularly when the goal is to achieve pixel-perfect or near-pixel-perfect output matching. Applies to tasks requiring binary analysis, floating-point constant extraction, and systematic algorithm reconstruction.
Guide for debugging and fixing bugs in the OCaml garbage collector runtime, particularly issues in memory management code like sweeping, pool management, and run-length compression. This skill should be used when encountering segfaults during OCaml bootstrap, debugging crashes in runtime/shared_heap.c or similar GC code, or investigating pointer arithmetic bugs in memory allocator implementations.
This skill provides guidance for reverse engineering compiled binaries to produce equivalent source code. It applies when tasks require analyzing executables, extracting algorithms and constants, and recreating identical program behavior in source form. Use when the goal is byte-for-byte or pixel-perfect reproduction of binary output.
Guide for debugging crashes related to custom memory heaps, particularly use-after-free issues caused by static destruction ordering, DEBUG vs RELEASE discrepancies, and custom allocator lifecycle problems. This skill should be used when investigating crashes that occur only in RELEASE builds, memory-related crashes involving custom allocators, static initialization/destruction order issues, or use-after-free bugs in C++ applications.
Guide for implementing metacircular evaluators—interpreters that can interpret themselves. This skill should be used when building self-interpreting Scheme-like evaluators, debugging multi-level interpretation issues, or implementing language features like environments, closures, and special forms. Focuses on incremental development, continuous metacircular testing, and systematic debugging of nested interpretation failures.
Guide for debugging and fixing bugs in the OCaml garbage collector, particularly memory management issues in the runtime's sweeping and allocation code. This skill applies when working on OCaml runtime C code, investigating segfaults in GC operations, or fixing pointer arithmetic bugs in memory managers with size-classed pools and run-length encoding.
This skill provides guidance for XSS filter bypass tasks where the goal is to craft HTML payloads that execute JavaScript despite sanitization filters. Use this skill when tasks involve bypassing HTML sanitizers (like BeautifulSoup), exploiting parser differentials between server-side sanitizers and browsers, or security testing/CTF challenges involving XSS filter evasion.
Guidance for extracting secrets from protected or obfuscated binaries through systematic static and dynamic analysis. This skill should be used when tasks involve reverse engineering executables, extracting hidden flags or keys, analyzing binary protections, or decoding obfuscated data within compiled programs.
This skill provides guidance for extracting secrets from vulnerable executables. It should be used when tasks involve binary analysis, reverse engineering executables to find hidden flags/secrets, or exploiting buffer overflows and other vulnerabilities to extract protected data. Applicable to CTF challenges, security research, and authorized penetration testing scenarios.
Guidance for extracting and processing data from ELF (Executable and Linkable Format) binary files. This skill should be used when tasks involve parsing ELF headers, reading program segments, extracting memory contents, or converting binary data to structured formats like JSON. Applicable to reverse engineering, binary analysis, and memory dump extraction tasks.
Optimize web performance for faster loading and better user experience. Use when asked to "speed up my site", "optimize performance", "reduce load time", "fix slow loading", "improve page speed", or "performance audit".
Expert code review specialist. Use when reviewing code for quality, security, maintainability, or when examining recent changes
This skill captures and analyzes tmux pane content for debugging. Triggers: "debug tmux", "capture tmux output", "check other session", "tmux pane content", "what's in that terminal", "inspect background process", "tmux scrollback". Captures screen content from tmux panes to debug sessions or monitor processes.
Internal skill. Use cc10x-router for all development tasks.
Comprehensive web quality audit covering performance, accessibility, SEO, and best practices. Use when asked to "audit my site", "review web quality", "run lighthouse audit", "check page quality", or "optimize my website".
Optimize Core Web Vitals (LCP, INP, CLS) for better page experience and search ranking. Use when asked to "improve Core Web Vitals", "fix LCP", "reduce CLS", "optimize INP", "page experience optimization", or "fix layout shifts".
Guidelines for analyzing and optimizing application performance (N+1, caching, Computed properties).
Four-phase debugging framework that ensures root cause investigation before attempting fixes. Never jump to solutions.
Automated security checklist and audit for Laravel/Filament applications, focusing on XSS, CSP, and IDOR.
Declare variables in smallest possible scope, initialize close to first use, minimize span and live time
Systematically trace bugs backward through call stack to find original trigger
