The library

llm-pipeline · Extracting structured knowledge from unstructured messaging with high-signal batching.

hunt-sqli · Discovering sqli vulnerabilities when generic scanners miss domain-specific chains.

hunt-ssrf · Discovering ssrf vulnerabilities when generic scanners miss domain-specific chains.

upgrade-deps · Implementing upgrade deps workflows that require automation.

hunt-ssti · Discovering ssti vulnerabilities when generic scanners miss domain-specific chains.

industrial · Implementing industrial workflows that require automation.

openspec-sync-specs · Implementing openspec sync specs workflows that require automation.

hunt-subdomain · Discovering subdomain vulnerabilities when generic scanners miss domain-specific chains.

mcp-server-patterns · Implementing mcp server patterns workflows that require automation.

hunt-tls-network · Discovering tls network vulnerabilities when generic scanners miss domain-specific chains.

hunt-websocket · Discovering websocket vulnerabilities when generic scanners miss domain-specific chains.

using-git-worktrees · When feature work requires complete isolation from current workspace without branch switching.

genomics-sv-detection · When you have SV VCF output from Manta/Delly/Sniffles and need aggregated counts and size bins.

assets-find-built-in · When searching Unity built-in resources by name without needing GUIDs or exact paths.

hunt-xxe · When hunting XXE on XML-heavy endpoints, file parsers, or SAML flows where file-read or SSRF payoff is high.

m365-entra-attack · When testing M365 credential attacks with locked-down attempt budgets and needing AADSTS code interpretation.

assistant-ui · When building AI chat interfaces with composable primitives and streaming backends, versus monolithic UI libraries.

meme-coin-audit · When doing pre-investment due diligence on meme coins or auditing token contracts for rug-pull mechanisms.

effect-services · When defining services in Effect v4 with compile-time type safety and explicit dependency wiring.

discord-bot-architect · When building production Discord bots with modern slash commands rather than legacy prefix-based bots.

mid-engagement-ir-detection · When running active testing against monitored targets and needing to separate your activity from external attacker activity.

tavily-search · When needing semantic search over current web with ranking, versus full-text grep search.

offensive-osint · When conducting reconnaissance from attacker perspective with only public information.

github-triage · When triaging large GitHub backlogs systematically rather than manual browser review.

okta-attack · When testing Okta for credential attacks or session manipulation during authorized assessments.

osint-methodology · When reconnaissance needs repeatable structure and documentation versus ad-hoc browsing.

migrate-to-skills · When converting one-off scripts into reusable components for team collaboration.

redteam-mindset · When planning red-team engagements with structured threat modeling versus vulnerability checklist testing.

project-specification-writer · When clarifying project scope and objectives before development begins.

redteam-report-template · When documenting red-team findings with proper impact quantification and evidence chain.

frontend-task-analysis · When decomposing frontend work into concrete, parallelizable subtasks with clear acceptance criteria.

report-writing · Ensures reports pass triage by enforcing impact-first writing and exact reproduction over theoretical claims.

update-deps · Keeps dependencies current while catching regressions through automated post-update checks.

script-update-or-create · Programmatically generates and verifies Unity C# scripts without manual IDE interaction.

WhatsApp Assistant · Monitors WhatsApp archives without opening the app, extracting and actionifying conversation data.

databricks-agent-bricks · Reduces AI app deployment time by assembling pre-built conversational components without code.

cloud-cost-models · Reduces cloud spend 30-70% through instance selection, savings plans, and per-environment scheduling formulas.

triage-validation · Filters ineligible findings early (out-of-scope, known, theoretical) saving submission time and maintaining validity ratio.

tc-review · Identifies test coverage gaps by comparing written cases to learned codebase, reducing manual test discovery.

windows-file-management · Hybrid API+GUI approach combines speed with interactive shell features for complex file migrations.

vmware-vcenter-attack · Rapidly identifies critical CVE chains (file upload → RCE) in exposed VMware infrastructure for impact assessment.

ableton-lom · Enables real-time hardware parameter control through Python event listeners without boilerplate.

openspec-archive-change · Automates spec change documentation to ensure migration guides are accurate and complete.

web2-recon · Maps external attack surface comprehensively faster than manual DNS/port scanning.

web3-audit · Identifies on-chain vulnerabilities (reentrancy, overflow, access control) before mainnet deployment.

full_protein_analysis · Rapidly characterizes unknown proteins by identifying homologs, domains, and predicted 3D structure.

geoint_web_search · Enables remote site assessment and change detection over time without travel, useful for infrastructure planning.

design-postgis-tables · Enables sub-second spatial queries on millions of geometries through proper index design and CRS handling.

design-postgres-tables · Prevents common schema mistakes (N+1 queries, missing constraints) by enforcing normalization upfront.

generate-images · Rapidly prototypes visual assets without hiring artists, useful for mockups, thumbnails, and design exploration.