Directory

Discover and filter AI agent skills. 27,776 active skills available.

Popular guides from the directory

Start with intent-focused guides, then come back to the full directory when you need broader coverage.

Results

Showing 97-120 of 27,776Page 5 of 1158

testing-for-open-redirect-vulnerabilities

16
from plurigrid/asi

Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.

testing-for-json-web-token-vulnerabilities

16
from plurigrid/asi

Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.

testing-for-host-header-injection

16
from plurigrid/asi

Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.

testing-for-email-header-injection

16
from plurigrid/asi

Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.

testing-for-business-logic-vulnerabilities

16
from plurigrid/asi

Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.

testing-for-broken-access-control

16
from plurigrid/asi

Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.

testing-cors-misconfiguration

16
from plurigrid/asi

Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.

testing-api-security-with-owasp-top-10

16
from plurigrid/asi

Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated and manual testing techniques.

testing-api-for-mass-assignment-vulnerability

16
from plurigrid/asi

Tests APIs for mass assignment (auto-binding) vulnerabilities where clients can modify object properties they should not have access to by including additional parameters in API requests. The tester identifies writable endpoints, adds undocumented fields to request bodies (role, isAdmin, price, balance), and checks if the server binds these to the data model without filtering. Part of OWASP API3:2023 Broken Object Property Level Authorization. Activates for requests involving mass assignment testing, parameter binding abuse, auto-binding vulnerability, or API over-posting.

testing-api-for-broken-object-level-authorization

16
from plurigrid/asi

Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated user can access or modify resources belonging to other users by manipulating object identifiers in API requests. The tester intercepts API calls, identifies object ID parameters (numeric IDs, UUIDs, slugs), and systematically replaces them with IDs belonging to other users to determine if the server enforces per-object authorization. This is OWASP API Security Top 10 2023 risk API1. Activates for requests involving BOLA testing, IDOR in APIs, object-level authorization testing, or API access control bypass.

testing-api-authentication-weaknesses

16
from plurigrid/asi

Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication on endpoints, weak password policies, credential stuffing susceptibility, token leakage in URLs or logs, and session management flaws. The tester evaluates JWT implementation, API key handling, OAuth flows, and session token entropy to identify authentication bypasses. Maps to OWASP API2:2023 Broken Authentication. Activates for requests involving API authentication testing, token validation assessment, credential security testing, or API auth bypass.

tenderloin

16
from plurigrid/asi

Tenderloin: Manifest Destiny Fund for Protocol Labs

tasks-acset

16
from plurigrid/asi

Google Tasks management via TasksACSet. Transforms task operations into GF(3)-typed Interactions, routes to triadic queues, detects saturation for task-zero-as-condensed-state.

tailscale

16
from plurigrid/asi

Mesh VPN.

tailscale-mesh

16
from plurigrid/asi

Tailscale mesh VPN for secure peer-to-peer networking. WireGuard-based overlay network with MagicDNS and ACLs.

tailscale-localsend

16
from plurigrid/asi

Tailscale + LocalSend Peer Discovery

synchronization

16
from plurigrid/asi

Convergence to common trajectory in coupled systems

supply-chain-risk-auditor

16
from plurigrid/asi

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

substrate-vulnerability-scanner

16
from plurigrid/asi

Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets. (project, gitignored)

substitute-eraser

16
from plurigrid/asi

This skill should be used when the user asks to "scan for TODOs", "find placeholders", "clean up stubs", "remove temporary code", "audit for incomplete code", or "erase substitutions from codebase". Scans existing files for placeholder tokens and generates remediation plan.

structural-stability

16
from plurigrid/asi

Robustness of qualitative dynamics under perturbation

structural-rewilding

16
from plurigrid/asi

Homotopical approach to Artificial Life where 'life' is the topology of changes (diffs). Three orthogonal directions: Behavioral (→), Structural (↓), Bridge (↘) with Narya interaction-time verification.

storage-reclaim

16
from plurigrid/asi

Rapidly find and reclaim disk storage by identifying build artifacts, git garbage, temp files, and other space hogs. Use when disk is full or running low on space.

stellogen

16
from plurigrid/asi

Stellogen Skill