nwiizo/echo-skill
tools/kata-eval/examples/echo-skill/skills/echo-skill/SKILL.md
Use when the user provides an arbitrary line of text and you must echo it back verbatim, prefixed with "ECHO:".
$ install --global
skillsauthnpx skillsauth add nwiizo/workspace_2026 echo-skillInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 15, 2026, 6:41 AM219.4s1 file scanned
SKILL.md
- name:
- echo-skill
- description:
- Use when the user provides an arbitrary line of text and you must echo it back verbatim, prefixed with "ECHO:".
echo-skill
When invoked, return the user's input verbatim with the literal prefix
ECHO: and nothing else. Do not add commentary, formatting, or
clarification.
Related Skills
nwiizo/zap-triage
development
VerifiedTrustedCommunity
Turn OWASP ZAP JSON reports into code-level remediation work for any authorized web application without launching unscoped scans.
43SKILL.mdUpdated Apr 24, 2026
nwiizo/tools/vigil/skills/owasp-assessment
tools
VerifiedTrustedCommunity
# OWASP Assessment — 詳細仕様 2つの OWASP 標準に基づく網羅的セキュリティ検査。 - **OWASP Top 10:2021** — Web アプリケーション向け(A01〜A10) - **OWASP API Security Top 10:2023** — API 向け(API1〜API10) 各カテゴリに対して: 検査項目、CWE マッピング、grep パターン、判定基準、Opus 4.6 による深掘りポイントを定義する。 --- # Part 1: OWASP Top 10:2021(Web アプリケーション) 公式: https://owasp.org/Top10/ ## A01:2021 — Broken Access Control **概要:** アクセス制御の不備。ユーザーが許可された範囲を超えて操作できる。2021年版で1位に上昇。テスト対象の94%で検出。 **主要 CWE:** - CWE-200: 機密情報の未認可アクターへの露出 - CWE-201: 送信データへの機密情報の挿入 - CWE-352: CSRF -
43SKILL.mdUpdated Apr 7, 2026
nwiizo/contests/juice_shop/.claude/skills/playwright-attack
tools
VerifiedTrustedCommunity
# Playwright Attack Patterns Juice Shop を Playwright MCP で攻撃するパターン集。 ## SQLi ログイン ``` 1. browser_navigate → http://localhost:3000/#/login 2. browser_snapshot → ref確認 3. browser_type → email: "' OR 1=1--" 4. browser_type → password: "a" 5. browser_click → Loginボタン ``` ## XSS 攻撃 ``` browser_navigate → http://localhost:3000/#/search?q=<iframe src="javascript:alert('xss')"> ``` ## API 操作 (fetch) ```javascript browser_evaluate → function: () => fetch('/api/Users', { method: 'POST', headers
43SKILL.mdUpdated Apr 7, 2026
nwiizo/memory-optimizer
development
VerifiedTrustedCommunity
Refactors CLAUDE.md into minimal startup context by extracting path-specific rules, skills, commands, and agents. Use when CLAUDE.md exceeds 50 lines, startup feels slow, memory needs restructuring, or splitting monolithic project instructions.
43SKILL.mdUpdated Apr 7, 2026