@elizaos/skills 2.0.0-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +126 -0
- package/package.json +53 -0
- package/skills/1password/SKILL.md +70 -0
- package/skills/1password/references/cli-examples.md +29 -0
- package/skills/1password/references/get-started.md +17 -0
- package/skills/apple-notes/SKILL.md +77 -0
- package/skills/apple-reminders/SKILL.md +96 -0
- package/skills/bear-notes/SKILL.md +107 -0
- package/skills/bird/SKILL.md +224 -0
- package/skills/blogwatcher/SKILL.md +69 -0
- package/skills/blucli/SKILL.md +47 -0
- package/skills/bluebubbles/SKILL.md +131 -0
- package/skills/camsnap/SKILL.md +45 -0
- package/skills/canvas/SKILL.md +203 -0
- package/skills/clawhub/SKILL.md +77 -0
- package/skills/coding-agent/SKILL.md +284 -0
- package/skills/discord/SKILL.md +578 -0
- package/skills/eightctl/SKILL.md +50 -0
- package/skills/food-order/SKILL.md +48 -0
- package/skills/gemini/SKILL.md +43 -0
- package/skills/gifgrep/SKILL.md +79 -0
- package/skills/github/SKILL.md +77 -0
- package/skills/gog/SKILL.md +116 -0
- package/skills/goplaces/SKILL.md +52 -0
- package/skills/healthcheck/SKILL.md +245 -0
- package/skills/himalaya/SKILL.md +257 -0
- package/skills/himalaya/references/configuration.md +184 -0
- package/skills/himalaya/references/message-composition.md +199 -0
- package/skills/imsg/SKILL.md +74 -0
- package/skills/local-places/SERVER_README.md +101 -0
- package/skills/local-places/SKILL.md +102 -0
- package/skills/local-places/pyproject.toml +21 -0
- package/skills/local-places/src/local_places/__init__.py +2 -0
- package/skills/local-places/src/local_places/google_places.py +314 -0
- package/skills/local-places/src/local_places/main.py +65 -0
- package/skills/local-places/src/local_places/schemas.py +107 -0
- package/skills/mcporter/SKILL.md +61 -0
- package/skills/model-usage/SKILL.md +69 -0
- package/skills/model-usage/references/codexbar-cli.md +33 -0
- package/skills/model-usage/scripts/model_usage.py +310 -0
- package/skills/nano-banana-pro/SKILL.md +58 -0
- package/skills/nano-banana-pro/scripts/generate_image.py +184 -0
- package/skills/nano-pdf/SKILL.md +38 -0
- package/skills/notion/SKILL.md +172 -0
- package/skills/obsidian/SKILL.md +81 -0
- package/skills/openai-image-gen/SKILL.md +89 -0
- package/skills/openai-image-gen/scripts/gen.py +240 -0
- package/skills/openai-whisper/SKILL.md +38 -0
- package/skills/openai-whisper-api/SKILL.md +52 -0
- package/skills/openai-whisper-api/scripts/transcribe.sh +85 -0
- package/skills/openhue/SKILL.md +51 -0
- package/skills/oracle/SKILL.md +125 -0
- package/skills/ordercli/SKILL.md +78 -0
- package/skills/peekaboo/SKILL.md +190 -0
- package/skills/sag/SKILL.md +87 -0
- package/skills/security-ask-questions-if-underspecified/.claude-plugin/plugin.json +10 -0
- package/skills/security-ask-questions-if-underspecified/README.md +24 -0
- package/skills/security-ask-questions-if-underspecified/skills/ask-questions-if-underspecified/SKILL.md +85 -0
- package/skills/security-audit-context-building/.claude-plugin/plugin.json +10 -0
- package/skills/security-audit-context-building/README.md +58 -0
- package/skills/security-audit-context-building/commands/audit-context.md +21 -0
- package/skills/security-audit-context-building/skills/audit-context-building/SKILL.md +297 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/COMPLETENESS_CHECKLIST.md +47 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/FUNCTION_MICRO_ANALYSIS_EXAMPLE.md +355 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/OUTPUT_REQUIREMENTS.md +71 -0
- package/skills/security-building-secure-contracts/.claude-plugin/plugin.json +10 -0
- package/skills/security-building-secure-contracts/README.md +241 -0
- package/skills/security-building-secure-contracts/skills/algorand-vulnerability-scanner/SKILL.md +284 -0
- package/skills/security-building-secure-contracts/skills/algorand-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +405 -0
- package/skills/security-building-secure-contracts/skills/audit-prep-assistant/SKILL.md +409 -0
- package/skills/security-building-secure-contracts/skills/cairo-vulnerability-scanner/SKILL.md +329 -0
- package/skills/security-building-secure-contracts/skills/cairo-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +722 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/SKILL.md +218 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/ASSESSMENT_CRITERIA.md +355 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/EXAMPLE_REPORT.md +248 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/REPORT_FORMAT.md +33 -0
- package/skills/security-building-secure-contracts/skills/cosmos-vulnerability-scanner/SKILL.md +334 -0
- package/skills/security-building-secure-contracts/skills/cosmos-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +740 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/SKILL.md +252 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/ASSESSMENT_AREAS.md +329 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/DELIVERABLES.md +118 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/EXAMPLE_REPORT.md +298 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/SKILL.md +161 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/resources/EXAMPLE_REPORT.md +279 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/resources/WORKFLOW_STEPS.md +132 -0
- package/skills/security-building-secure-contracts/skills/solana-vulnerability-scanner/SKILL.md +389 -0
- package/skills/security-building-secure-contracts/skills/solana-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +669 -0
- package/skills/security-building-secure-contracts/skills/substrate-vulnerability-scanner/SKILL.md +298 -0
- package/skills/security-building-secure-contracts/skills/substrate-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +791 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/SKILL.md +362 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/resources/ASSESSMENT_CATEGORIES.md +571 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/resources/REPORT_TEMPLATES.md +141 -0
- package/skills/security-building-secure-contracts/skills/ton-vulnerability-scanner/SKILL.md +388 -0
- package/skills/security-building-secure-contracts/skills/ton-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +595 -0
- package/skills/security-burpsuite-project-parser/.claude-plugin/plugin.json +10 -0
- package/skills/security-burpsuite-project-parser/README.md +103 -0
- package/skills/security-burpsuite-project-parser/commands/burp-search.md +18 -0
- package/skills/security-burpsuite-project-parser/skills/SKILL.md +358 -0
- package/skills/security-burpsuite-project-parser/skills/scripts/burp-search.sh +99 -0
- package/skills/security-claude-in-chrome-troubleshooting/.claude-plugin/plugin.json +8 -0
- package/skills/security-claude-in-chrome-troubleshooting/README.md +31 -0
- package/skills/security-claude-in-chrome-troubleshooting/skills/claude-in-chrome-troubleshooting/SKILL.md +251 -0
- package/skills/security-constant-time-analysis/.claude-plugin/plugin.json +9 -0
- package/skills/security-constant-time-analysis/README.md +381 -0
- package/skills/security-constant-time-analysis/commands/ct-check.md +20 -0
- package/skills/security-constant-time-analysis/ct_analyzer/__init__.py +49 -0
- package/skills/security-constant-time-analysis/ct_analyzer/analyzer.py +1284 -0
- package/skills/security-constant-time-analysis/ct_analyzer/script_analyzers.py +3081 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/__init__.py +1 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_analyzer.py +1397 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/bn_excerpt.js +205 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_constant_time.c +181 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.c +74 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.go +78 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.rs +92 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.cs +174 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.java +161 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.kt +181 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.php +140 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.py +252 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.rb +188 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.swift +199 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.ts +154 -0
- package/skills/security-constant-time-analysis/pyproject.toml +52 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/README.md +90 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/SKILL.md +219 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/compiled.md +129 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/javascript.md +136 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/kotlin.md +252 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/php.md +172 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/python.md +179 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/ruby.md +198 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/swift.md +288 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/vm-compiled.md +354 -0
- package/skills/security-constant-time-analysis/uv.lock +8 -0
- package/skills/security-culture-index/.claude-plugin/plugin.json +8 -0
- package/skills/security-culture-index/README.md +79 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/SKILL.md +293 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/anti-patterns.md +255 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/conversation-starters.md +408 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/interview-trait-signals.md +253 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/motivators.md +158 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/patterns-archetypes.md +147 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/primary-traits.md +307 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/secondary-traits.md +228 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/team-composition.md +148 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/check_deps.py +108 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/__init__.py +20 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/constants.py +122 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/extract.py +187 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/models.py +16 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/opencv_extractor.py +520 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/extract_pdf.py +237 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/pyproject.toml +18 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/burnout-report.md +113 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/comparison-report.md +103 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/hiring-profile.md +127 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/individual-report.md +85 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/predicted-profile.md +165 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/team-report.md +109 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/analyze-team.md +188 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/coach-manager.md +267 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/compare-profiles.md +188 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/define-hiring-profile.md +220 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/detect-burnout.md +206 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/extract-from-pdf.md +121 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/interpret-individual.md +183 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/interview-debrief.md +234 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/mediate-conflict.md +306 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/plan-onboarding.md +322 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/predict-from-interview.md +250 -0
- package/skills/security-differential-review/.claude-plugin/plugin.json +10 -0
- package/skills/security-differential-review/README.md +109 -0
- package/skills/security-differential-review/commands/diff-review.md +21 -0
- package/skills/security-differential-review/skills/differential-review/SKILL.md +220 -0
- package/skills/security-differential-review/skills/differential-review/adversarial.md +203 -0
- package/skills/security-differential-review/skills/differential-review/methodology.md +234 -0
- package/skills/security-differential-review/skills/differential-review/patterns.md +300 -0
- package/skills/security-differential-review/skills/differential-review/reporting.md +369 -0
- package/skills/security-dwarf-expert/.claude-plugin/plugin.json +10 -0
- package/skills/security-dwarf-expert/README.md +38 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/SKILL.md +93 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/coding.md +31 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/dwarfdump.md +50 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/readelf.md +8 -0
- package/skills/security-entry-point-analyzer/.claude-plugin/plugin.json +10 -0
- package/skills/security-entry-point-analyzer/README.md +74 -0
- package/skills/security-entry-point-analyzer/commands/entry-points.md +18 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/SKILL.md +251 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/cosmwasm.md +182 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/move-aptos.md +107 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/move-sui.md +87 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/solana.md +155 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/solidity.md +135 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/ton.md +185 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/vyper.md +141 -0
- package/skills/security-firebase-apk-scanner/.claude-plugin/plugin.json +10 -0
- package/skills/security-firebase-apk-scanner/README.md +85 -0
- package/skills/security-firebase-apk-scanner/commands/scan-apk.md +18 -0
- package/skills/security-firebase-apk-scanner/scanner.sh +1408 -0
- package/skills/security-firebase-apk-scanner/skills/firebase-apk-scanner/SKILL.md +197 -0
- package/skills/security-firebase-apk-scanner/skills/firebase-apk-scanner/references/vulnerabilities.md +803 -0
- package/skills/security-fix-review/.claude-plugin/plugin.json +13 -0
- package/skills/security-fix-review/README.md +118 -0
- package/skills/security-fix-review/commands/fix-review.md +24 -0
- package/skills/security-fix-review/skills/fix-review/SKILL.md +264 -0
- package/skills/security-fix-review/skills/fix-review/references/bug-detection.md +408 -0
- package/skills/security-fix-review/skills/fix-review/references/finding-matching.md +298 -0
- package/skills/security-fix-review/skills/fix-review/references/report-parsing.md +398 -0
- package/skills/security-insecure-defaults/.claude-plugin/plugin.json +10 -0
- package/skills/security-insecure-defaults/README.md +45 -0
- package/skills/security-insecure-defaults/skills/insecure-defaults/SKILL.md +117 -0
- package/skills/security-insecure-defaults/skills/insecure-defaults/references/examples.md +409 -0
- package/skills/security-modern-python/.claude-plugin/plugin.json +10 -0
- package/skills/security-modern-python/README.md +58 -0
- package/skills/security-modern-python/hooks/hooks.json +16 -0
- package/skills/security-modern-python/hooks/intercept-legacy-python.bats +388 -0
- package/skills/security-modern-python/hooks/intercept-legacy-python.sh +109 -0
- package/skills/security-modern-python/hooks/test_helper.bash +75 -0
- package/skills/security-modern-python/skills/modern-python/SKILL.md +333 -0
- package/skills/security-modern-python/skills/modern-python/references/dependabot.md +43 -0
- package/skills/security-modern-python/skills/modern-python/references/migration-checklist.md +141 -0
- package/skills/security-modern-python/skills/modern-python/references/pep723-scripts.md +259 -0
- package/skills/security-modern-python/skills/modern-python/references/prek.md +211 -0
- package/skills/security-modern-python/skills/modern-python/references/pyproject.md +254 -0
- package/skills/security-modern-python/skills/modern-python/references/ruff-config.md +240 -0
- package/skills/security-modern-python/skills/modern-python/references/security-setup.md +255 -0
- package/skills/security-modern-python/skills/modern-python/references/testing.md +284 -0
- package/skills/security-modern-python/skills/modern-python/references/uv-commands.md +200 -0
- package/skills/security-modern-python/skills/modern-python/templates/dependabot.yml +36 -0
- package/skills/security-modern-python/skills/modern-python/templates/pre-commit-config.yaml +66 -0
- package/skills/security-property-based-testing/.claude-plugin/plugin.json +9 -0
- package/skills/security-property-based-testing/README.md +47 -0
- package/skills/security-property-based-testing/skills/property-based-testing/README.md +88 -0
- package/skills/security-property-based-testing/skills/property-based-testing/SKILL.md +109 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/design.md +191 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/generating.md +200 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/libraries.md +130 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/refactoring.md +181 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/reviewing.md +209 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/strategies.md +124 -0
- package/skills/semgrep-rule-creator/.claude-plugin/plugin.json +8 -0
- package/skills/semgrep-rule-creator/README.md +43 -0
- package/skills/semgrep-rule-creator/commands/semgrep-rule.md +26 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/SKILL.md +168 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/references/quick-reference.md +203 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/references/workflow.md +240 -0
- package/skills/semgrep-rule-variant-creator/.claude-plugin/plugin.json +9 -0
- package/skills/semgrep-rule-variant-creator/README.md +86 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/SKILL.md +205 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/applicability-analysis.md +250 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/language-syntax-guide.md +324 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/workflow.md +518 -0
- package/skills/session-logs/SKILL.md +115 -0
- package/skills/sharp-edges/.claude-plugin/plugin.json +10 -0
- package/skills/sharp-edges/README.md +48 -0
- package/skills/sharp-edges/skills/sharp-edges/SKILL.md +292 -0
- package/skills/sharp-edges/skills/sharp-edges/references/auth-patterns.md +252 -0
- package/skills/sharp-edges/skills/sharp-edges/references/case-studies.md +274 -0
- package/skills/sharp-edges/skills/sharp-edges/references/config-patterns.md +333 -0
- package/skills/sharp-edges/skills/sharp-edges/references/crypto-apis.md +190 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-c.md +205 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-csharp.md +285 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-go.md +270 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-java.md +263 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-javascript.md +269 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-kotlin.md +265 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-php.md +245 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-python.md +274 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-ruby.md +273 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-rust.md +272 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-swift.md +287 -0
- package/skills/sharp-edges/skills/sharp-edges/references/language-specific.md +588 -0
- package/skills/sherpa-onnx-tts/SKILL.md +103 -0
- package/skills/sherpa-onnx-tts/bin/sherpa-onnx-tts +178 -0
- package/skills/skill-creator/SKILL.md +370 -0
- package/skills/skill-creator/license.txt +202 -0
- package/skills/skill-creator/scripts/init_skill.py +378 -0
- package/skills/skill-creator/scripts/package_skill.py +111 -0
- package/skills/skill-creator/scripts/quick_validate.py +101 -0
- package/skills/slack/SKILL.md +144 -0
- package/skills/songsee/SKILL.md +49 -0
- package/skills/sonoscli/SKILL.md +46 -0
- package/skills/spec-to-code-compliance/.claude-plugin/plugin.json +10 -0
- package/skills/spec-to-code-compliance/README.md +67 -0
- package/skills/spec-to-code-compliance/commands/spec-compliance.md +22 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/SKILL.md +349 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/COMPLETENESS_CHECKLIST.md +69 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/IR_EXAMPLES.md +417 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/OUTPUT_REQUIREMENTS.md +105 -0
- package/skills/spotify-player/SKILL.md +64 -0
- package/skills/static-analysis/.claude-plugin/plugin.json +8 -0
- package/skills/static-analysis/README.md +59 -0
- package/skills/static-analysis/skills/codeql/SKILL.md +315 -0
- package/skills/static-analysis/skills/sarif-parsing/SKILL.md +479 -0
- package/skills/static-analysis/skills/sarif-parsing/resources/jq-queries.md +162 -0
- package/skills/static-analysis/skills/sarif-parsing/resources/sarif_helpers.py +331 -0
- package/skills/static-analysis/skills/semgrep/SKILL.md +337 -0
- package/skills/summarize/SKILL.md +87 -0
- package/skills/testing-handbook-skills/.claude-plugin/plugin.json +8 -0
- package/skills/testing-handbook-skills/README.md +241 -0
- package/skills/testing-handbook-skills/scripts/pyproject.toml +8 -0
- package/skills/testing-handbook-skills/scripts/validate-skills.py +657 -0
- package/skills/testing-handbook-skills/skills/address-sanitizer/SKILL.md +341 -0
- package/skills/testing-handbook-skills/skills/aflpp/SKILL.md +640 -0
- package/skills/testing-handbook-skills/skills/atheris/SKILL.md +515 -0
- package/skills/testing-handbook-skills/skills/cargo-fuzz/SKILL.md +454 -0
- package/skills/testing-handbook-skills/skills/codeql/SKILL.md +549 -0
- package/skills/testing-handbook-skills/skills/constant-time-testing/SKILL.md +507 -0
- package/skills/testing-handbook-skills/skills/coverage-analysis/SKILL.md +607 -0
- package/skills/testing-handbook-skills/skills/fuzzing-dictionary/SKILL.md +297 -0
- package/skills/testing-handbook-skills/skills/fuzzing-obstacles/SKILL.md +426 -0
- package/skills/testing-handbook-skills/skills/harness-writing/SKILL.md +614 -0
- package/skills/testing-handbook-skills/skills/libafl/SKILL.md +625 -0
- package/skills/testing-handbook-skills/skills/libfuzzer/SKILL.md +795 -0
- package/skills/testing-handbook-skills/skills/ossfuzz/SKILL.md +426 -0
- package/skills/testing-handbook-skills/skills/ruzzy/SKILL.md +443 -0
- package/skills/testing-handbook-skills/skills/semgrep/SKILL.md +601 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/SKILL.md +372 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/agent-prompt.md +280 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/discovery.md +452 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/domain-skill.md +504 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/fuzzer-skill.md +454 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/technique-skill.md +527 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/tool-skill.md +366 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/testing.md +482 -0
- package/skills/testing-handbook-skills/skills/wycheproof/SKILL.md +533 -0
- package/skills/things-mac/SKILL.md +86 -0
- package/skills/tmux/SKILL.md +135 -0
- package/skills/tmux/scripts/find-sessions.sh +112 -0
- package/skills/tmux/scripts/wait-for-text.sh +83 -0
- package/skills/trello/SKILL.md +95 -0
- package/skills/variant-analysis/.claude-plugin/plugin.json +8 -0
- package/skills/variant-analysis/README.md +41 -0
- package/skills/variant-analysis/commands/variants.md +23 -0
- package/skills/variant-analysis/skills/variant-analysis/METHODOLOGY.md +327 -0
- package/skills/variant-analysis/skills/variant-analysis/SKILL.md +142 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/cpp.ql +119 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/go.ql +69 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/java.ql +71 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/javascript.ql +63 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/python.ql +80 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/cpp.yaml +98 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/go.yaml +63 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/java.yaml +61 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/javascript.yaml +60 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/python.yaml +72 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/variant-report-template.md +75 -0
- package/skills/video-frames/SKILL.md +46 -0
- package/skills/video-frames/scripts/frame.sh +81 -0
- package/skills/voice-call/SKILL.md +45 -0
- package/skills/wacli/SKILL.md +72 -0
- package/skills/weather/SKILL.md +54 -0
- package/skills/yara-authoring/.claude-plugin/plugin.json +9 -0
- package/skills/yara-authoring/README.md +131 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/SKILL.md +645 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_Mac_ProtonRAT_Jan25.yar +99 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_NPM_SupplyChain_Jan25.yar +170 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_Win_Remcos_Jan25.yar +103 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/SUSP_CRX_SuspiciousPermissions.yar +134 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/SUSP_JS_Obfuscation_Jan25.yar +185 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/crx-module.md +214 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/dex-module.md +383 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/performance.md +333 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/strings.md +433 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/style-guide.md +257 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/testing.md +399 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/atom_analyzer.py +526 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/pyproject.toml +25 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/yara_lint.py +631 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/workflows/rule-development.md +493 -0
|
@@ -0,0 +1,273 @@
|
|
|
1
|
+
# Ruby Sharp Edges
|
|
2
|
+
|
|
3
|
+
## Dynamic Code Execution
|
|
4
|
+
|
|
5
|
+
```ruby
|
|
6
|
+
# DANGEROUS: eval executes arbitrary code
|
|
7
|
+
eval(user_input)
|
|
8
|
+
|
|
9
|
+
# DANGEROUS: send calls arbitrary method
|
|
10
|
+
object.send(user_input, *args)
|
|
11
|
+
object.public_send(user_input) # Only public, still dangerous
|
|
12
|
+
|
|
13
|
+
# DANGEROUS: constantize gets arbitrary class
|
|
14
|
+
user_input.constantize # Rails
|
|
15
|
+
Object.const_get(user_input)
|
|
16
|
+
|
|
17
|
+
# DANGEROUS: instance_variable_get/set
|
|
18
|
+
obj.instance_variable_set("@#{user_input}", value)
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
**Real Vulnerabilities**:
|
|
22
|
+
- CVE-2013-0156: Rails XML parameter parsing led to code execution
|
|
23
|
+
- Countless Rails apps vulnerable to controller#action injection
|
|
24
|
+
|
|
25
|
+
**Fix**: Whitelist allowed values:
|
|
26
|
+
```ruby
|
|
27
|
+
ALLOWED_METHODS = %w[create update delete].freeze
|
|
28
|
+
raise unless ALLOWED_METHODS.include?(user_input)
|
|
29
|
+
object.send(user_input)
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
## YAML.load RCE
|
|
33
|
+
|
|
34
|
+
```ruby
|
|
35
|
+
# DANGEROUS: Like pickle, instantiates arbitrary objects
|
|
36
|
+
YAML.load(user_input)
|
|
37
|
+
|
|
38
|
+
# Attacker payload:
|
|
39
|
+
# --- !ruby/object:Gem::Installer
|
|
40
|
+
# i: x
|
|
41
|
+
# --- !ruby/object:Gem::SpecFetcher
|
|
42
|
+
# i: y
|
|
43
|
+
# --- !ruby/object:Gem::Requirement
|
|
44
|
+
# requirements:
|
|
45
|
+
# !ruby/object:Gem::Package::TarReader
|
|
46
|
+
# io: &1 !ruby/object:Net::BufferedIO
|
|
47
|
+
# ...
|
|
48
|
+
|
|
49
|
+
# Chains through multiple classes to achieve RCE
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
**Fix**: Use `YAML.safe_load`:
|
|
53
|
+
```ruby
|
|
54
|
+
YAML.safe_load(user_input)
|
|
55
|
+
YAML.safe_load(user_input, permitted_classes: [Date, Time])
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
## Mass Assignment
|
|
59
|
+
|
|
60
|
+
```ruby
|
|
61
|
+
# DANGEROUS: All params assigned to model (Rails < 4)
|
|
62
|
+
User.new(params[:user])
|
|
63
|
+
# If params includes {admin: true, role: "superuser"}...
|
|
64
|
+
|
|
65
|
+
# Also dangerous with update_attributes
|
|
66
|
+
user.update_attributes(params[:user])
|
|
67
|
+
```
|
|
68
|
+
|
|
69
|
+
**Fix**: Strong Parameters (Rails 4+):
|
|
70
|
+
```ruby
|
|
71
|
+
def user_params
|
|
72
|
+
params.require(:user).permit(:name, :email) # Allowlist
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
User.new(user_params)
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
## SQL Injection
|
|
79
|
+
|
|
80
|
+
```ruby
|
|
81
|
+
# DANGEROUS: String interpolation in queries
|
|
82
|
+
User.where("name = '#{params[:name]}'")
|
|
83
|
+
User.where("name = '" + params[:name] + "'")
|
|
84
|
+
|
|
85
|
+
# DANGEROUS: Array form with interpolation
|
|
86
|
+
User.where(["name = ?", params[:name]]) # Safe
|
|
87
|
+
User.where(["name = #{params[:name]}"]) # NOT safe!
|
|
88
|
+
|
|
89
|
+
# DANGEROUS: order() with user input
|
|
90
|
+
User.order(params[:sort]) # Can inject: "name; DROP TABLE users--"
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
**Fix**: Use parameterized queries:
|
|
94
|
+
```ruby
|
|
95
|
+
User.where(name: params[:name])
|
|
96
|
+
User.where("name = ?", params[:name])
|
|
97
|
+
User.order(Arel.sql(sanitize(params[:sort]))) # With validation
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
## Command Injection
|
|
101
|
+
|
|
102
|
+
```ruby
|
|
103
|
+
# DANGEROUS: Backticks and system with interpolation
|
|
104
|
+
`ls #{params[:dir]}`
|
|
105
|
+
system("ls #{params[:dir]}")
|
|
106
|
+
exec("ls #{params[:dir]}")
|
|
107
|
+
%x(ls #{params[:dir]})
|
|
108
|
+
|
|
109
|
+
# Attacker: dir="; rm -rf /"
|
|
110
|
+
```
|
|
111
|
+
|
|
112
|
+
**Fix**: Use array form:
|
|
113
|
+
```ruby
|
|
114
|
+
system("ls", params[:dir]) # Argument passed safely
|
|
115
|
+
Open3.capture3("ls", params[:dir])
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
## Regex Injection
|
|
119
|
+
|
|
120
|
+
```ruby
|
|
121
|
+
# DANGEROUS: User input in regex
|
|
122
|
+
pattern = Regexp.new(params[:pattern])
|
|
123
|
+
string.match(pattern)
|
|
124
|
+
|
|
125
|
+
# ReDoS attack: pattern = "(a+)+"
|
|
126
|
+
# Denial of service
|
|
127
|
+
|
|
128
|
+
# Also: Anchors don't work as expected
|
|
129
|
+
/^admin$/.match("admin\nuser") # Matches! ^ and $ match line boundaries
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
**Fix**: Use `\A` and `\z` for string boundaries:
|
|
133
|
+
```ruby
|
|
134
|
+
/\Aadmin\z/ # Only matches exactly "admin"
|
|
135
|
+
Regexp.escape(user_input) # Escape special characters
|
|
136
|
+
```
|
|
137
|
+
|
|
138
|
+
## Symbol DoS (Ruby < 2.2)
|
|
139
|
+
|
|
140
|
+
```ruby
|
|
141
|
+
# DANGEROUS in Ruby < 2.2: Symbols never garbage collected
|
|
142
|
+
params[:key].to_sym # Each unique key creates permanent symbol
|
|
143
|
+
|
|
144
|
+
# Attacker sends millions of unique parameter names
|
|
145
|
+
# Memory exhaustion - symbols fill memory
|
|
146
|
+
```
|
|
147
|
+
|
|
148
|
+
**Note**: Fixed in Ruby 2.2+ with symbol GC, but still worth avoiding unnecessary `to_sym` on user input.
|
|
149
|
+
|
|
150
|
+
## Method Visibility
|
|
151
|
+
|
|
152
|
+
```ruby
|
|
153
|
+
# DANGEROUS: private/protected don't prevent send()
|
|
154
|
+
class Secret
|
|
155
|
+
private
|
|
156
|
+
def sensitive_data
|
|
157
|
+
"secret"
|
|
158
|
+
end
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
obj.send(:sensitive_data) # Works!
|
|
162
|
+
obj.sensitive_data # NoMethodError (as expected)
|
|
163
|
+
```
|
|
164
|
+
|
|
165
|
+
## Default Mutable Arguments
|
|
166
|
+
|
|
167
|
+
```ruby
|
|
168
|
+
# DANGEROUS: Same pattern as Python
|
|
169
|
+
def add_item(item, list = [])
|
|
170
|
+
list << item
|
|
171
|
+
list
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
add_item(1) # [1]
|
|
175
|
+
add_item(2) # [1, 2] - same array!
|
|
176
|
+
```
|
|
177
|
+
|
|
178
|
+
**Fix**: Use nil default:
|
|
179
|
+
```ruby
|
|
180
|
+
def add_item(item, list = nil)
|
|
181
|
+
list ||= []
|
|
182
|
+
list << item
|
|
183
|
+
end
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
## ERB Template Injection
|
|
187
|
+
|
|
188
|
+
```ruby
|
|
189
|
+
# DANGEROUS: User input in ERB template
|
|
190
|
+
template = ERB.new(params[:template])
|
|
191
|
+
template.result(binding)
|
|
192
|
+
|
|
193
|
+
# Attacker template: <%= `whoami` %>
|
|
194
|
+
# Executes shell command
|
|
195
|
+
|
|
196
|
+
# Also via:
|
|
197
|
+
template = params[:template]
|
|
198
|
+
eval("\"#{template}\"") # If template contains #{}
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
## File Operations
|
|
202
|
+
|
|
203
|
+
```ruby
|
|
204
|
+
# DANGEROUS: Path traversal
|
|
205
|
+
File.read("uploads/#{params[:filename]}")
|
|
206
|
+
# Attacker: filename=../../../etc/passwd
|
|
207
|
+
|
|
208
|
+
# DANGEROUS: File.open with pipe
|
|
209
|
+
File.open("|#{params[:cmd]}") # Executes command!
|
|
210
|
+
|
|
211
|
+
# The | prefix runs a command and opens pipe to it
|
|
212
|
+
File.read("|whoami") # Returns output of whoami
|
|
213
|
+
```
|
|
214
|
+
|
|
215
|
+
**Fix**: Validate and sanitize paths:
|
|
216
|
+
```ruby
|
|
217
|
+
path = File.expand_path(params[:filename], uploads_dir)
|
|
218
|
+
raise unless path.start_with?(uploads_dir)
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
## Comparison Gotchas
|
|
222
|
+
|
|
223
|
+
```ruby
|
|
224
|
+
# DANGEROUS: == vs eql? vs equal?
|
|
225
|
+
a = "hello"
|
|
226
|
+
b = "hello"
|
|
227
|
+
|
|
228
|
+
a == b # true - value comparison
|
|
229
|
+
a.eql?(b) # true - value + type comparison
|
|
230
|
+
a.equal?(b) # false - identity comparison
|
|
231
|
+
|
|
232
|
+
# Array comparison
|
|
233
|
+
[1, 2] == [1, 2] # true
|
|
234
|
+
[1, 2].eql?([1, 2]) # true
|
|
235
|
+
[1, 2].equal?([1, 2]) # false
|
|
236
|
+
```
|
|
237
|
+
|
|
238
|
+
## Thread Safety
|
|
239
|
+
|
|
240
|
+
```ruby
|
|
241
|
+
# DANGEROUS: Ruby global interpreter lock (GIL) doesn't protect everything
|
|
242
|
+
@counter = 0
|
|
243
|
+
|
|
244
|
+
threads = 10.times.map do
|
|
245
|
+
Thread.new { 1000.times { @counter += 1 } }
|
|
246
|
+
end
|
|
247
|
+
threads.each(&:join)
|
|
248
|
+
|
|
249
|
+
@counter # May not be 10000! Read-modify-write isn't atomic
|
|
250
|
+
```
|
|
251
|
+
|
|
252
|
+
**Fix**: Use Mutex or atomic operations:
|
|
253
|
+
```ruby
|
|
254
|
+
mutex = Mutex.new
|
|
255
|
+
mutex.synchronize { @counter += 1 }
|
|
256
|
+
```
|
|
257
|
+
|
|
258
|
+
## Detection Patterns
|
|
259
|
+
|
|
260
|
+
| Pattern | Risk |
|
|
261
|
+
|---------|------|
|
|
262
|
+
| `eval(`, `instance_eval(` | Code execution |
|
|
263
|
+
| `.send(user_input`, `.public_send(` | Method injection |
|
|
264
|
+
| `.constantize`, `const_get(` | Class injection |
|
|
265
|
+
| `YAML.load(` | Deserialization RCE |
|
|
266
|
+
| `.new(params[` without strong params | Mass assignment |
|
|
267
|
+
| `where("... #{` | SQL injection |
|
|
268
|
+
| `` `...#{` ``, `system("...#{` | Command injection |
|
|
269
|
+
| `Regexp.new(user_input)` | ReDoS |
|
|
270
|
+
| `params[:x].to_sym` | Symbol DoS (old Ruby) |
|
|
271
|
+
| `ERB.new(user_input)` | Template injection |
|
|
272
|
+
| `File.read("|...` or `File.open("|...` | Command execution |
|
|
273
|
+
| `File.read(params[` without path validation | Path traversal |
|
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
# Rust Sharp Edges
|
|
2
|
+
|
|
3
|
+
## Integer Overflow Behavior Differs by Build
|
|
4
|
+
|
|
5
|
+
```rust
|
|
6
|
+
// In debug builds: panics
|
|
7
|
+
// In release builds: wraps silently!
|
|
8
|
+
let x: u8 = 255;
|
|
9
|
+
let y = x + 1; // Debug: panic! Release: y = 0
|
|
10
|
+
|
|
11
|
+
fn calculate_size(count: usize, element_size: usize) -> usize {
|
|
12
|
+
count * element_size // Panics in debug, wraps in release
|
|
13
|
+
}
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
**The Problem**: Behavior differs between debug and release. Bugs may only manifest in production.
|
|
17
|
+
|
|
18
|
+
**Fix**: Use explicit methods:
|
|
19
|
+
```rust
|
|
20
|
+
// Wrapping (explicitly allows overflow)
|
|
21
|
+
let y = x.wrapping_add(1);
|
|
22
|
+
|
|
23
|
+
// Checked (returns Option)
|
|
24
|
+
let y = x.checked_add(1); // None if overflow
|
|
25
|
+
|
|
26
|
+
// Saturating (clamps to max/min)
|
|
27
|
+
let y = x.saturating_add(1); // 255 if would overflow
|
|
28
|
+
|
|
29
|
+
// Overflowing (returns value + overflow flag)
|
|
30
|
+
let (y, overflowed) = x.overflowing_add(1);
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
## Unsafe Blocks
|
|
34
|
+
|
|
35
|
+
```rust
|
|
36
|
+
// DANGEROUS: Unsafe disables Rust's safety guarantees
|
|
37
|
+
unsafe {
|
|
38
|
+
// Can dereference raw pointers
|
|
39
|
+
let ptr: *const i32 = &42;
|
|
40
|
+
let val = *ptr;
|
|
41
|
+
|
|
42
|
+
// Can call unsafe functions
|
|
43
|
+
libc::free(ptr as *mut libc::c_void);
|
|
44
|
+
|
|
45
|
+
// Can access mutable statics
|
|
46
|
+
GLOBAL_COUNTER += 1;
|
|
47
|
+
|
|
48
|
+
// Can implement unsafe traits
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
// Real vulnerabilities from unsafe:
|
|
52
|
+
// - CVE-2019-15548: memory safety bug in slice::from_raw_parts
|
|
53
|
+
// - Many FFI-related vulnerabilities
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
**Audit Focus**: Every `unsafe` block should have a SAFETY comment explaining invariants.
|
|
57
|
+
|
|
58
|
+
```rust
|
|
59
|
+
// GOOD: Documented safety invariants
|
|
60
|
+
// SAFETY: ptr is valid for reads of `len` bytes,
|
|
61
|
+
// properly aligned, and the memory won't be mutated
|
|
62
|
+
// for the lifetime 'a
|
|
63
|
+
unsafe { std::slice::from_raw_parts(ptr, len) }
|
|
64
|
+
```
|
|
65
|
+
|
|
66
|
+
## Mem::forget Skips Destructors
|
|
67
|
+
|
|
68
|
+
```rust
|
|
69
|
+
// DANGEROUS: Resources never cleaned up
|
|
70
|
+
let guard = mutex.lock().unwrap();
|
|
71
|
+
std::mem::forget(guard); // Lock never released = deadlock
|
|
72
|
+
|
|
73
|
+
let file = File::open("data.txt")?;
|
|
74
|
+
std::mem::forget(file); // File descriptor leaked
|
|
75
|
+
|
|
76
|
+
// Can be used to create memory unsafety with certain types
|
|
77
|
+
let mut vec = vec![1, 2, 3];
|
|
78
|
+
let ptr = vec.as_mut_ptr();
|
|
79
|
+
std::mem::forget(vec); // Vec's memory leaked, but ptr still valid... maybe
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
**Note**: `mem::forget` is safe (not `unsafe`), but can cause resource leaks and logical bugs.
|
|
83
|
+
|
|
84
|
+
## Panics and Unwinding
|
|
85
|
+
|
|
86
|
+
```rust
|
|
87
|
+
// DANGEROUS: Panic in FFI boundary is UB
|
|
88
|
+
#[no_mangle]
|
|
89
|
+
pub extern "C" fn called_from_c() {
|
|
90
|
+
panic!("oops"); // Undefined behavior!
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
// SAFE: Catch panic at FFI boundary
|
|
94
|
+
#[no_mangle]
|
|
95
|
+
pub extern "C" fn called_from_c() -> i32 {
|
|
96
|
+
match std::panic::catch_unwind(|| {
|
|
97
|
+
might_panic();
|
|
98
|
+
}) {
|
|
99
|
+
Ok(_) => 0,
|
|
100
|
+
Err(_) => -1,
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
// DANGEROUS: Panic in Drop can abort
|
|
105
|
+
impl Drop for MyType {
|
|
106
|
+
fn drop(&mut self) {
|
|
107
|
+
if something_wrong() {
|
|
108
|
+
panic!("in drop"); // If already unwinding, aborts!
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
## Unwrap and Expect
|
|
115
|
+
|
|
116
|
+
```rust
|
|
117
|
+
// DANGEROUS: Panics on None/Err
|
|
118
|
+
let value = some_option.unwrap(); // Panics if None
|
|
119
|
+
let result = fallible_fn().unwrap(); // Panics if Err
|
|
120
|
+
|
|
121
|
+
// In libraries: propagate errors with ?
|
|
122
|
+
fn library_fn() -> Result<T, E> {
|
|
123
|
+
let value = fallible_fn()?; // Propagates error
|
|
124
|
+
Ok(value)
|
|
125
|
+
}
|
|
126
|
+
|
|
127
|
+
// In binaries: use expect() with context
|
|
128
|
+
let config = load_config()
|
|
129
|
+
.expect("failed to load config from config.toml");
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
## Interior Mutability Pitfalls
|
|
133
|
+
|
|
134
|
+
```rust
|
|
135
|
+
// DANGEROUS: RefCell panics at runtime on borrow violations
|
|
136
|
+
use std::cell::RefCell;
|
|
137
|
+
|
|
138
|
+
let cell = RefCell::new(42);
|
|
139
|
+
let borrow1 = cell.borrow_mut();
|
|
140
|
+
let borrow2 = cell.borrow_mut(); // PANIC: already borrowed
|
|
141
|
+
|
|
142
|
+
// Can happen across function calls - hard to track
|
|
143
|
+
fn takes_ref(cell: &RefCell<i32>) {
|
|
144
|
+
let _b = cell.borrow_mut();
|
|
145
|
+
other_fn(cell); // If this also borrows_mut: panic!
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
// SAFER: Use try_borrow_mut
|
|
149
|
+
if let Ok(mut borrow) = cell.try_borrow_mut() {
|
|
150
|
+
*borrow += 1;
|
|
151
|
+
}
|
|
152
|
+
```
|
|
153
|
+
|
|
154
|
+
## Send and Sync Misuse
|
|
155
|
+
|
|
156
|
+
```rust
|
|
157
|
+
// DANGEROUS: Incorrect Send/Sync implementations
|
|
158
|
+
struct MyWrapper(*mut SomeType);
|
|
159
|
+
|
|
160
|
+
// This is WRONG if SomeType isn't thread-safe:
|
|
161
|
+
unsafe impl Send for MyWrapper {}
|
|
162
|
+
unsafe impl Sync for MyWrapper {}
|
|
163
|
+
|
|
164
|
+
// Real vulnerability: Rc<T> is not Send/Sync for good reason
|
|
165
|
+
// Incorrectly marking a type as Send/Sync enables data races
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
## Lifetime Elision Surprises
|
|
169
|
+
|
|
170
|
+
```rust
|
|
171
|
+
// The compiler infers lifetimes, but sometimes wrong
|
|
172
|
+
impl MyStruct {
|
|
173
|
+
// Elided: fn get(&self) -> &str
|
|
174
|
+
// Means: fn get<'a>(&'a self) -> &'a str
|
|
175
|
+
fn get(&self) -> &str {
|
|
176
|
+
&self.data
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
|
|
180
|
+
// But what if you return something else?
|
|
181
|
+
impl MyStruct {
|
|
182
|
+
// WRONG: Elision assumes output lifetime = self lifetime
|
|
183
|
+
fn get_static(&self) -> &str {
|
|
184
|
+
"static string" // Actually 'static, not 'self
|
|
185
|
+
}
|
|
186
|
+
|
|
187
|
+
// RIGHT: Be explicit
|
|
188
|
+
fn get_static(&self) -> &'static str {
|
|
189
|
+
"static string"
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
## Deref Coercion Confusion
|
|
195
|
+
|
|
196
|
+
```rust
|
|
197
|
+
// Can be confusing when method resolution happens
|
|
198
|
+
use std::ops::Deref;
|
|
199
|
+
|
|
200
|
+
struct Wrapper(String);
|
|
201
|
+
impl Deref for Wrapper {
|
|
202
|
+
type Target = String;
|
|
203
|
+
fn deref(&self) -> &String { &self.0 }
|
|
204
|
+
}
|
|
205
|
+
|
|
206
|
+
let w = Wrapper(String::from("hello"));
|
|
207
|
+
w.len(); // Calls String::len via Deref
|
|
208
|
+
w.capacity(); // Also String::capacity
|
|
209
|
+
|
|
210
|
+
// What if Wrapper has its own len()?
|
|
211
|
+
impl Wrapper {
|
|
212
|
+
fn len(&self) -> usize { 42 }
|
|
213
|
+
}
|
|
214
|
+
w.len(); // Now calls Wrapper::len, not String::len
|
|
215
|
+
(*w).len(); // Explicitly calls String::len
|
|
216
|
+
```
|
|
217
|
+
|
|
218
|
+
## Drop Order
|
|
219
|
+
|
|
220
|
+
```rust
|
|
221
|
+
// Fields dropped in declaration order
|
|
222
|
+
struct S {
|
|
223
|
+
first: A, // Dropped last
|
|
224
|
+
second: B, // Dropped first
|
|
225
|
+
}
|
|
226
|
+
|
|
227
|
+
// Can cause issues if B depends on A
|
|
228
|
+
struct Connection {
|
|
229
|
+
pool: Arc<Pool>, // Dropped second
|
|
230
|
+
conn: PooledConn, // Dropped first - needs pool!
|
|
231
|
+
}
|
|
232
|
+
|
|
233
|
+
// Fix: reorder fields, or use ManuallyDrop
|
|
234
|
+
```
|
|
235
|
+
|
|
236
|
+
## Macro Hygiene Gaps
|
|
237
|
+
|
|
238
|
+
```rust
|
|
239
|
+
// macro_rules! has hygiene gaps
|
|
240
|
+
macro_rules! make_var {
|
|
241
|
+
($name:ident) => {
|
|
242
|
+
let $name = 42;
|
|
243
|
+
}
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
make_var!(x);
|
|
247
|
+
println!("{}", x); // Works - x is in scope
|
|
248
|
+
|
|
249
|
+
// But: macros can capture identifiers unexpectedly
|
|
250
|
+
macro_rules! double {
|
|
251
|
+
($e:expr) => {
|
|
252
|
+
{ let x = $e; x + x } // Shadows any x in $e!
|
|
253
|
+
}
|
|
254
|
+
}
|
|
255
|
+
|
|
256
|
+
let x = 10;
|
|
257
|
+
double!(x + 1) // Doesn't do what you expect
|
|
258
|
+
```
|
|
259
|
+
|
|
260
|
+
## Detection Patterns
|
|
261
|
+
|
|
262
|
+
| Pattern | Risk |
|
|
263
|
+
|---------|------|
|
|
264
|
+
| `+`, `-`, `*` on integers | Overflow (release wraps) |
|
|
265
|
+
| `unsafe { }` | All bets off - audit carefully |
|
|
266
|
+
| `mem::forget()` | Resource leak, deadlock |
|
|
267
|
+
| `.unwrap()`, `.expect()` | Panic on None/Err |
|
|
268
|
+
| `RefCell::borrow_mut()` | Runtime panic on double borrow |
|
|
269
|
+
| `unsafe impl Send/Sync` | Potential data races |
|
|
270
|
+
| `extern "C" fn` without catch_unwind | UB on panic |
|
|
271
|
+
| Drop impl with panic | Double panic = abort |
|
|
272
|
+
| Complex deref chains | Method resolution confusion |
|