Vulnerability Discovery

security-bounty-hunter helps you find bounty-worthy vulnerabilities in repositories, with a focus on remotely reachable, user-controlled issues that are likely to survive triage. Use it for Security Audit work when you want practical reportable findings instead of noisy local-only concerns.

The exploiting-jwt-algorithm-confusion-attack skill helps Security Audit workflows test JWT algorithm confusion, including RS256-to-HS256 downgrades, alg:none bypasses, and kid/jku/x5u header tricks. It is backed by a practical guide, reference examples, and a script for repeatable validation.

The codeql skill helps you run CodeQL with fewer blind spots during a security audit. It focuses on database quality, suite selection, data extensions, and SARIF review so you can use codeql usage more reliably across supported languages. Use it for repeatable codeql guide steps when analyzing real repositories.

substrate-vulnerability-scanner helps audit Substrate and FRAME pallets for critical issues like arithmetic overflow, panic DoS, bad origin checks, incorrect weights, and unsafe unsigned extrinsics. Use this substrate-vulnerability-scanner skill for Security Audit reviews of runtimes, pallet extrinsics, and weight logic.

algorand-vulnerability-scanner is a security-audit skill for Algorand TEAL and PyTeal. It helps find 11 common issues, including rekeying attacks, fee validation gaps, field checks, and access control flaws. Use the algorand-vulnerability-scanner skill for a practical first-pass review before a manual audit.

building-vulnerability-scanning-workflow helps SOC teams design a repeatable vulnerability scanning process for discovery, prioritization, remediation tracking, and reporting across assets. It supports Security Audit use cases with scanner orchestration, KEV-aware risk ranking, and workflow guidance beyond a one-off scan.