Sponsored by

Find leads on Reddit on auto pilot

Agent skills

Skills you can use with AI coding agents, indexed from public GitHub repositories.

Latest Most Popular

performing-active-directory-vulnerability-assessment Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.
autohandai/community-skills
executing-red-team-engagement-planning Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operational timelines before any offensive testing begins.
autohandai/community-skills
building-red-team-c2-infrastructure-with-havoc Deploy and configure the Havoc C2 framework with teamserver, HTTPS listeners, redirectors, and Demon agents for authorized red team operations.
autohandai/community-skills
performing-malware-persistence-investigation Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives reboots and maintains access.
autohandai/community-skills
analyzing-docker-container-forensics Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
autohandai/community-skills
detecting-living-off-the-land-attacks Detect abuse of legitimate Windows binaries (LOLBins) used for living off the land attacks. Monitors process creation, command-line arguments, and parent-child relationships to identify suspicious LOLBin execution patterns.
autohandai/community-skills
implementing-secrets-scanning-in-ci-cd Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment
autohandai/community-skills
implementing-aws-macie-for-data-classification Implement Amazon Macie to automatically discover, classify, and protect sensitive data in S3 buckets using machine learning and pattern matching for PII, financial data, and credentials detection.
autohandai/community-skills
vercel-react-native-skills React Native and Expo best practices for building performant mobile apps. Use when building React Native components, optimizing list performance, implementing animations, or working with native modules. Triggers on tasks involving React Native, Expo, mobile performance, or native platform APIs.
autohandai/community-skills
testing-for-broken-access-control Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.
autohandai/community-skills
copy-editing When the user wants to edit, review, or improve existing marketing copy. Also use when the user mentions 'edit this copy,' 'review my copy,' 'copy feedback,' 'proofread,' 'polish this,' 'make this better,' 'copy sweep,' 'tighten this up,' 'this reads awkwardly,' 'clean up this text,' 'too wordy,' or 'sharpen the messaging.' Use this when the user already has copy and wants it improved rather than rewritten from scratch. For writing new copy, see copywriting.
autohandai/community-skills
securing-container-registry-with-harbor Harbor is an open-source container registry that provides security features including vulnerability scanning (integrated Trivy), image signing (Notary/Cosign), RBAC, content trust policies, replicatio
autohandai/community-skills
hunting-for-living-off-the-cloud-techniques Hunt for adversary abuse of legitimate cloud services for C2, data staging, and exfiltration including abuse of Azure, AWS, GCP services, and SaaS platforms.
autohandai/community-skills
workflow-automation Automate repetitive development tasks and workflows. Use when creating build scripts, automating deployments, or setting up development workflows. Handles npm scripts, Makefile, GitHub Actions workflows, and task automation.
autohandai/community-skills
implementing-conditional-access-policies-azure-ad Configure Microsoft Entra ID (Azure AD) Conditional Access policies for zero trust access control. Covers signal-based policy design, device compliance requirements, risk-based authentication, named l
autohandai/community-skills
system-environment-setup Configure development and production environments for consistent and reproducible setups. Use when setting up new projects, Docker environments, or development tooling. Handles Docker Compose, .env configuration, dev containers, and infrastructure as code.
autohandai/community-skills
building-cloud-security-posture-management This skill guides security architects through designing and implementing a cloud security posture management program that continuously monitors infrastructure configurations across AWS, Azure, and GCP. It covers selecting CSPM tooling such as Wiz, Prisma Cloud, or native services, defining policy baselines, automating drift detection, and integrating posture findings into SOC workflows.
autohandai/community-skills
fun-brainstorming Invoke before any creative or architectural work — feature design, component creation, or behavioral changes. A streamlined brainstorming process optimized for fast, focused decision-making.
autohandai/community-skills
performing-physical-intrusion-assessment Conduct authorized physical penetration testing using tailgating, badge cloning, lock bypassing, and rogue device deployment to evaluate facility security controls.
autohandai/community-skills
implementing-patch-management-workflow Patch management is the systematic process of identifying, testing, deploying, and verifying software updates to remediate vulnerabilities across an organization's IT infrastructure. An effective patc
autohandai/community-skills
extracting-memory-artifacts-with-rekall Uses Rekall memory forensics framework to analyze memory dumps for process hollowing, injected code via VAD anomalies, hidden processes, and rootkit detection. Applies plugins like pslist, psscan, vadinfo, malfind, and dlllist to extract forensic artifacts from Windows memory images. Use during incident response memory analysis.
autohandai/community-skills
azure-kusto Query and analyze data in Azure Data Explorer (Kusto/ADX) using KQL for log analytics, telemetry, and time series analysis. USE FOR: KQL queries, Kusto database queries, Azure Data Explorer, ADX clusters, log analytics, time series data, IoT telemetry, anomaly detection DO NOT USE FOR: SQL databases, NoSQL queries (use azure-storage), Elasticsearch, AWS analytics tools
autohandai/community-skills
configuring-active-directory-tiered-model Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
autohandai/community-skills
opencontext Persistent memory and context management for AI agents using OpenContext. Keep context across sessions/repos/dates, store conclusions, and provide document search workflows.
autohandai/community-skills