bypass macos file dialog
Bypass OS-native file upload dialogs in browser automation using JavaScript interception and DataTransfer injection.
Ship agent workflows in 30 seconds. Browse 1,500+ expert-built and security scanned skills. Browse skills
THE AGENSI STORE
22 skills found
Bypass OS-native file upload dialogs in browser automation using JavaScript interception and DataTransfer injection.
by Nex AI
Automate 3-step email follow-up sequences with absolute stop-on-reply logic and GDPR-compliant footer injection.
by Nex AI
A rule-based security scanner and auto-hardener for AI agent skills to detect injections and unsafe code.
Scan AI agent skill definitions for malicious instructions, prompt injections, and security risks—locally.
Penetration-test your Claude Code agent's guardrails before you deploy. Throws prompt-injection payloads, shell-chaining, and path-traversal attempts at your PreToolUse/PostToolUse hooks and sensitive-file protections, then returns a pass/fail report on 10+ attack vectors with copy-paste remediation for every gap.
by Julian
A rigorous security auditor that scans code for OWASP Top 10 vulnerabilities with severity ratings and concrete fixes.
Lint a prompt template for the issues that cause injection and flaky output. Flags untrusted variables interpolated straight into the instructions (the injection surface), placeholders that are never provided or never used, contradictory instructions, a missing output-format spec where the result is parsed, unbounded context interpolation, and leftover placeholders. It detects problems; it does not write prompts.
Scan a SKILL.md package for prompt injection and secret exfiltration before you install or publish an agent skill. Flags env-variable-to-URL exfiltration wording, conditional triggers with hidden side effects, imperative instructions buried in HTML comments, zero-width characters, base64 and long-token blobs, remote content treated as instructions, pipe-to-shell and recursive force-delete references, and overbroad tool requests (network plus browser plus file-write with no scope).
Review a database schema, queries, or migration for the mistakes that get expensive in production — bad table design, missing or wrong indexes, slow and N+1 queries, SQL injection, and migrations that lock or break prod. Engine-aware (PostgreSQL, MySQL, SQLite, SQL Server), it runs an ordered review and returns a PASS/REVIEW/BLOCK verdict with prioritized fixes. Schema mistakes are the most expensive kind — this catches them before they ship.
Scaffold a secure, spec-compliant MCP server from a description of the tools you want to expose. Sets up the official SDK (TypeScript or Python/FastMCP), defines tools/resources/prompts with strict JSON Schema, wires the right transport (stdio or Streamable HTTP), adds OAuth 2.1 for remote, and hardens against the MCP-specific footguns — prompt injection via tool output, token passthrough, over-broad scopes, command/path/SSRF injection, leaked secrets — before it ships. Returns a runnable skeleton plus a security checklist. Built by someone who's shipped production MCP servers.
A senior WordPress security auditor that reasons about WP-API taint flow — not regex hits — to find the 8 real plugin/theme vulnerability classes a generic scanner misses, and returns scored findings with ready-to-merge before→after patches.
by Ifásola
Specialized static security scanner for MCP servers and Python tool handlers to prevent injection and data leaks.
by Timoranjes
Evaluate third-party agent skills for command injection, prompt injection, and data exfiltration before installation.
Adversarially audit your agent hooks before you trust them. Catches command injection, secret leakage, over-broad matchers, destructive actions, and blocking-logic mistakes in pre/post-tool-use, prompt, and stop hooks — with a PASS or REVISE verdict and severity-ranked fixes.
by Timoranjes
Comprehensive security auditing for AI agents, covering prompt injection, tool permissions, and data leakage risks.
by Timoranjes
The security auditor for AI agents. Detect prompt injection, secret leaks, and unsafe tool access in SKILL.md files.
Hardens AI prompts and agent workflows against logic errors, tool-misuse, and prompt injection.
by Timoranjes
Structured security auditing for AI agent skills to detect prompt injection, data exfiltration, and malicious commands.
by Kaymue
Audit prompts and MCP tools for prompt injection. 47 attack patterns, OWASP LLM Top 10, generates adversarial tests. CVSS-scored.
by Nex AI
Ship a Manifest V3 Chrome extension that applies a custom accent color theme across any website.
An adversarial security gate that audits untrusted content — web pages, tool outputs, documents, emails — for embedded instructions, exfiltration, and authority spoofing, then returns a SAFE/REVIEW/BLOCK verdict.
Stop leaving your AI startup exposed to malicious users trying to steal your proprietary system prompts or bypass your paywalls. The AI Prompt Injection Defense Shield is an automated code review agent that deeply analyzes your Next.js or Python backend, instantly detecting insecure LLM input fields, un-sanitized API data streams, and weak prompt boundaries. By automatically generating the exact copy-paste code patches required to harden your AI wrapper against the latest OWASP top 10 LLM vulnerabilities, this skill allows solo developers and indie hackers to confidently launch their SaaS without the fear of massive, unexpected API billing spikes or catastrophic data leaks.