The library

hunt-dom · Use for hunt client-side dom vulnerabilities — dom clobbering (overwrite js globals via html injection), postmessage hijacking (missing origin check), service worker abuse (intercept requests from same-origin script), css injection/exfiltration (attribute selectors → token char-by-char via oob), client-side template injection, dangerouslysetinnerhtml. grounded in named public research: gareth heyes / portswigger dom-clobbering + dom-invader, michał bentkowski dompurify clobbering bypasses, jquery htmlprefilter xss (cve-2020-11022 / cve-2020-11023), d0nut css-exfil research. use when hunting dom-xss, client-side auth bypass, or token exfiltration without server-side interaction.

rechtsabteilung-pe-closing-continuation-fund · PE teams needing audit-ready closing documentation with live German legal norm verification instead of templated checklists.

people-audit · Teams tracking hundreds of contacts who need to know which relationships are stale before reaching out.

hunt-file-upload · Security auditors hunting RCE on PHP/JSP/ASPX stacks with publicly-exploitable file-processing chains.

meeting-prep · Executives preparing for 1:1s and meetings who need contextual briefings without manually grep-ing notes.

hunt-graphql · Bug bounty hunters on platform APIs (GitHub, Shopify, Stripe tier) where GraphQL mutations interact with REST APIs.

smart-device-agb-redlinen-beschwerde · German consumer advocates needing to verify statutory deadlines and evidence requirements in smart-device complaints.

hunt-grpc · Security teams hunting microservice architecture vulns where edge-proxy auth is bypassed by reaching backend directly.

hunt-host-header · Security researchers hunting account-takeover on apps behind CDN/reverse proxy where Host is unkeyed in cache.

bug-investigation · Teams enforcing TDD discipline to prevent regressions and verify actual bug fix.

hunt-http-smuggling · Bug bounty hunters on older deployments (HAProxy <2.4, legacy F5, Citrix ADC) or AWS ALB+origin chains with H2 downgrade.

expo-deployment · Use for expo-deployment tasks and operations.

hunt-idor · Use when hunting idor on any target.

jest-generator · Use for jest-generator tasks and operations.

html-ppt-product-launch · Use when announcing a product, launching a feature, or doing a keynote-style reveal.

hunt-k8s · Testing container orchestration for auth bypass and RCE.

hunt-laravel · Testing PHP Laravel apps for CVE-2021-3129 Ignition.

digital-humanities-guide · Analyzing historical texts and correspondence networks.

hunt-ldap · Penetrating directory-backed authentication systems.

design-index · Creating table of contents for design docs.

hunt-lfi · Extracting secrets via path traversal and filter chains.

api-doc-comments · Documenting smart contract ABIs where generated docs must be client-accessible and precise.

code-sanitizer · Ensuring consistent code style across a data pipeline before completion checklist.

git-workflow · Submitting feature patterns to upstream community repositories with clean history.

hunt-mfa-bypass · Hunting account takeover chains where MFA enforcement is incomplete or bypassable.

benutzungsschonfrist-und-rechtserhaltende-benutzung · Preparing evidence bundles to defend luxury/fashion trademarks against non-use revocation.

hunt-misc · Discovering account boundary violations in multi-tenant SaaS with role-based access.

clickhouse-query · Debugging event analytics on replica clusters without writing custom export code.

android-di-koin · Setting up DI scoping per feature layer without manual constructor plumbing.

hunt-nextjs · Bypassing Server Actions auth or exploiting Image Optimizer SSRF on Next.js hosts.

evaluating-llms · Validating agent responses against business rules without manual test review.

hunt-nodejs · Chaining prototype pollution to RCE on Express apps with unsafe merge operations.

omnichannel-fulfillment-allocator · Minimizing fulfillment cost per order in multi-warehouse, multi-channel retail.

hunt-nosqli · Extracting data from NoSQL services when parametrized queries are not used.

spark-architect · Building ETL jobs that process terabytes without driver memory issues.

hunt-ntlm-info · Lateral movement in Windows domains when Kerberos is unavailable.

hunt-oauth · Stealing user sessions or escalating privileges via OAuth flow manipulation.

hunt-open-redirect · Creating low-friction phishing links when the target's own domain is trusted.

security-scan · Baseline security assessment before manual penetration testing.

hunt-race-condition · Bypassing single-use limits (OTP, tokens) via parallel submission before invalidation.

mobile-architect · Scaling Android/iOS apps to 10+ features without DI complexity explosion.

skill-usage-audit · Verifying governance compliance across codebases without manual file inspection.

hunt-saml · Discovering saml vulnerabilities when generic scanners miss domain-specific chains.

vibecode-brand-design · Ensuring visual consistency across branded UI components at scale.

compound-agent-doc-gardener · Orchestrating multi-step task flows with guaranteed validation and tracking.

hunt-session · Discovering session vulnerabilities when generic scanners miss domain-specific chains.

hunt-sharepoint · Discovering sharepoint vulnerabilities when generic scanners miss domain-specific chains.

cy-execute-task · Orchestrating multi-step task flows with guaranteed validation and tracking.

hunt-source-leak · Discovering source leak vulnerabilities when generic scanners miss domain-specific chains.

turboquant-pytorch · Implementing turboquant pytorch workflows that require automation.