Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

automacoescomerciaisintegradas/audit-skills

Name: audit-skills
Author: automacoescomerciaisintegradas

audit-skills/SKILL.md

npx skillsauth add automacoescomerciaisintegradas/skills audit-skills

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Audit Skills (Premium Universal Security)

Overview

Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS). 2-4 sentences is perfect.

When to Use This Skill

Use when you need to audit AI skills and bundles for security vulnerabilities
Use when working with cross-platform security analysis
Use when the user asks about verifying skill legitimacy or performing security reviews
Use when scanning for mobile threats in AI skills

How It Works

Step 1: Static Analysis

Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads.

Step 2: Platform-Specific Threat Detection

Analyzes code for platform-specific security issues across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).

1. Privilege, Ownership & Metadata Manipulation

Elevated Access: sudo, chown, chmod, TakeOwnership, icacls, Set-ExecutionPolicy.
Metadata Tampering: touch -t, setfile (macOS), attrib (Windows), Set-ItemProperty, chflags.
Risk: Unauthorized access, masking activity, or making files immutable.

2. File/Folder Locking & Resource Denial

Patterns: chmod 000, chattr +i (immutable), attrib +r +s +h, Deny ACEs in icacls.
Global Actions: Locking or hiding folders in %USERPROFILE%, /Users/, or /etc/.
Risk: Denial of service or data locking.

3. Script Execution & Batch Invocation

Legacy/Batch Windows: .bat, .cmd, cmd.exe /c, vbs, cscript, wscript.
Unix Shell: .sh, .bash, .zsh, chmod +x followed by execution.
PowerShell: .ps1, powershell -ExecutionPolicy Bypass -File ....
Hidden Flags: -WindowStyle Hidden, -w hidden, -noprofile.

4. Dangerous Install/Uninstall & System Changes

Windows: msiexec /qn, choco uninstall, reg delete.
Linux/Unix: apt-get purge, yum remove, rm -rf /usr/bin/....
macOS: brew uninstall, deleting from /Applications.
Risk: Removing security software or creating unmonitored installation paths.

5. Mobile Application & OS Security (Android/iOS)

Android Tools: adb shell, pm install, am start, apktool, dex2jar, keytool.
Android Files: Manipulation of AndroidManifest.xml (permissions), classes.dex, or strings.xml.
iOS Tools: xcodebuild, codesign, security find-identity, fastlane, xcrun.
iOS Files: Manipulation of Info.plist, Entitlements.plist, or Provisioning Profiles.
Mobile Patterns: Jailbreak/Root detection bypasses, hardcoded API keys in mobile source, or sensitive permission requests (Camera, GPS, Contacts) in non-mobile skills.
Risk: Malicious mobile package injection, credential theft from mobile builds, or device manipulation via ADB.

6. Information Disclosure & Network Exfiltration

Patterns: curl, wget, Invoke-WebRequest, Invoke-RestMethod, scp, ftp, nc, socat.
Sensible Data: .env, .ssh, cookies.sqlite, Keychains (macOS), Credentials (Windows), keystore (Android).
Intranet: Scanning internal IPs or mapping local services.

7. Service, Process & Stability Manipulation

Windows: Stop-Service, taskkill /f, sc.exe delete.
Unix/Mac: kill -9, pkill, systemctl disable/stop, launchctl unload.
Low-level: Direct disk access (dd), firmware/BIOS calls, kernel module management.

8. Obfuscation & Persistence

Encoding: Base64, Hex, XOR loops, atob().
Persistence: reg add (Run keys), schtasks, crontab, launchctl (macOS), systemd units.
Tubes: curl ... | bash, iwr ... | iex.

9. Legitimacy & Scope (Universal)

Registry Alignment: Cross-reference with CATALOG.md.
Structural Integrity: Does it follow the standard repo layout?
Healthy Scope: Does a "UI Design" skill need adb shell or sudo?

Step 3: Reporting

Generates a security report with a score (0-10), platform target identification, flagged actions, threat analysis, and mitigation recommendations.

Examples

Example 1: Security Review

"Perform a security audit on this skill bundle"

Example 2: Cross-Platform Threat Analysis

"Scan for mobile threats in this AI skill"

Best Practices

✅ Perform non-intrusive analysis
✅ Check for privilege escalation patterns
✅ Look for information disclosure vulnerabilities
✅ Analyze cross-platform threats
❌ Don't execute potentially malicious code during audit
❌ Don't modify the code being audited
❌ Don't ignore mobile-specific security concerns

Common Pitfalls

Problem: Executing code during audit Solution: Stick to static analysis methods only
Problem: Missing cross-platform threats Solution: Check for platform-specific security issues on all supported platforms
Problem: Failing to detect obfuscated payloads Solution: Look for encoding patterns like Base64, Hex, XOR loops, and atob()

Related Skills

@security-scanner - Additional security scanning capabilities

automacoescomerciaisintegradas/audit-skills

audit-skills/SKILL.md

testing

Updated Apr 3, 2026

$ install --global

skillsauth

npx skillsauth add automacoescomerciaisintegradas/skills audit-skills

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 3, 2026, 9:08 AM5.3s1 file scanned

SKILL.md

name:: audit-skills
description:: Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
category:: security
risk:: safe
source:: community
date_added:: 2026-03-07
author:: MAIOStudio
tags:: [security, audit, skills, bundles, cross-platform]
tools:: [claude, gemini, gpt, llama, mistral, etc]

Audit Skills (Premium Universal Security)

Overview

When to Use This Skill

Use when you need to audit AI skills and bundles for security vulnerabilities
Use when working with cross-platform security analysis
Use when the user asks about verifying skill legitimacy or performing security reviews
Use when scanning for mobile threats in AI skills

How It Works

Step 1: Static Analysis

Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads.

Step 2: Platform-Specific Threat Detection

Analyzes code for platform-specific security issues across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).

1. Privilege, Ownership & Metadata Manipulation

Elevated Access: sudo, chown, chmod, TakeOwnership, icacls, Set-ExecutionPolicy.
Metadata Tampering: touch -t, setfile (macOS), attrib (Windows), Set-ItemProperty, chflags.
Risk: Unauthorized access, masking activity, or making files immutable.

2. File/Folder Locking & Resource Denial

Patterns: chmod 000, chattr +i (immutable), attrib +r +s +h, Deny ACEs in icacls.
Global Actions: Locking or hiding folders in %USERPROFILE%, /Users/, or /etc/.
Risk: Denial of service or data locking.

3. Script Execution & Batch Invocation

Legacy/Batch Windows: .bat, .cmd, cmd.exe /c, vbs, cscript, wscript.
Unix Shell: .sh, .bash, .zsh, chmod +x followed by execution.
PowerShell: .ps1, powershell -ExecutionPolicy Bypass -File ....
Hidden Flags: -WindowStyle Hidden, -w hidden, -noprofile.

4. Dangerous Install/Uninstall & System Changes

Windows: msiexec /qn, choco uninstall, reg delete.
Linux/Unix: apt-get purge, yum remove, rm -rf /usr/bin/....
macOS: brew uninstall, deleting from /Applications.
Risk: Removing security software or creating unmonitored installation paths.

5. Mobile Application & OS Security (Android/iOS)

Android Tools: adb shell, pm install, am start, apktool, dex2jar, keytool.
Android Files: Manipulation of AndroidManifest.xml (permissions), classes.dex, or strings.xml.
iOS Tools: xcodebuild, codesign, security find-identity, fastlane, xcrun.
iOS Files: Manipulation of Info.plist, Entitlements.plist, or Provisioning Profiles.
Mobile Patterns: Jailbreak/Root detection bypasses, hardcoded API keys in mobile source, or sensitive permission requests (Camera, GPS, Contacts) in non-mobile skills.
Risk: Malicious mobile package injection, credential theft from mobile builds, or device manipulation via ADB.

6. Information Disclosure & Network Exfiltration

Patterns: curl, wget, Invoke-WebRequest, Invoke-RestMethod, scp, ftp, nc, socat.
Sensible Data: .env, .ssh, cookies.sqlite, Keychains (macOS), Credentials (Windows), keystore (Android).
Intranet: Scanning internal IPs or mapping local services.

7. Service, Process & Stability Manipulation

Windows: Stop-Service, taskkill /f, sc.exe delete.
Unix/Mac: kill -9, pkill, systemctl disable/stop, launchctl unload.
Low-level: Direct disk access (dd), firmware/BIOS calls, kernel module management.

8. Obfuscation & Persistence

Encoding: Base64, Hex, XOR loops, atob().
Persistence: reg add (Run keys), schtasks, crontab, launchctl (macOS), systemd units.
Tubes: curl ... | bash, iwr ... | iex.

9. Legitimacy & Scope (Universal)

Registry Alignment: Cross-reference with CATALOG.md.
Structural Integrity: Does it follow the standard repo layout?
Healthy Scope: Does a "UI Design" skill need adb shell or sudo?

Step 3: Reporting

Generates a security report with a score (0-10), platform target identification, flagged actions, threat analysis, and mitigation recommendations.

Examples

Example 1: Security Review

"Perform a security audit on this skill bundle"

Example 2: Cross-Platform Threat Analysis

"Scan for mobile threats in this AI skill"

Best Practices

✅ Perform non-intrusive analysis
✅ Check for privilege escalation patterns
✅ Look for information disclosure vulnerabilities
✅ Analyze cross-platform threats
❌ Don't execute potentially malicious code during audit
❌ Don't modify the code being audited
❌ Don't ignore mobile-specific security concerns

Common Pitfalls

Problem: Executing code during audit Solution: Stick to static analysis methods only
Problem: Missing cross-platform threats Solution: Check for platform-specific security issues on all supported platforms
Problem: Failing to detect obfuscated payloads Solution: Look for encoding patterns like Base64, Hex, XOR loops, and atob()

Related Skills

@security-scanner - Additional security scanning capabilities

Related Skills

automacoescomerciaisintegradas/claude-code-system-prompts

development

VerifiedTrustedCommunity

name: Claude Code System Prompts Mirror slug: claude-code-system-prompts version: 1.0.0 owner: Automações Comerciais Integradas description: Espelho versionado dos prompts de sistema do Claude Code (upstream Piebald-AI), com foco em consulta, estudo e adaptação para engenharia de agentes. language: pt-BR commands: - command: /prompts-index description: Lista categorias e principais arquivos do espelho local de prompts. parameters: - name: categoria type: string r

SKILL.mdUpdated May 30, 2026

automacoescomerciaisintegradas/claude-code-system-prompts

automacoescomerciaisintegradas/design-academy

development

VerifiedTrustedCommunity

Skill de direção de arte inspirada no visual de /paz-bem.html: editorial premium, tipografia serif/sans, paleta quente (gesso/terracota/carvão), texturas, grid assimétrica e microinterações com GSAP.

SKILL.mdUpdated May 17, 2026

automacoescomerciaisintegradas/design-academy

automacoescomerciaisintegradas/deploy-estatico-html-css-js

development

VerifiedTrustedCommunity

Padrao de deploy estatico para projetos HTML/CSS/JS puro, com build local por ambiente (dev/prod), publicacao Git sem Actions e promocao de branch entre ambientes.

SKILL.mdUpdated May 17, 2026

automacoescomerciaisintegradas/deploy-estatico-html-css-js

automacoescomerciaisintegradas/whatsapp-button

development

VerifiedTrustedCommunity

nome: Botão WhatsApp Floating descricao: Skill para gerar e integrar botões flutuantes do WhatsApp com design premium, animação de pulso e link direto para chat. autor: Antigravity comandos: comando: /gerar-botao-whatsapp descricao: Gera o código HTML/CSS completo para um botão flutuante personalizável. parametros: - nome: numero tipo: string descricao: Número do WhatsApp com DDI e DDD (ex: 5541992062238). - nome: mensagem tipo: string descricao: Mensagem inicial pré-preench

SKILL.mdUpdated May 16, 2026

automacoescomerciaisintegradas/whatsapp-button

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/automacoescomerciaisintegradas/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/audit-skills ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

automacoescomerciaisintegradas/skills

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT