waf AI Agent Skills
Browse 44 skills related to waf
aluvia-web-proxy
Stop your AI agent from getting blocked. Aluvia routes traffic through real US mobile carrier IPs (AT&T, T-Mobile, Verizon) so websites treat your agent like a human. Bypasses Cloudflare, DataDome, PerimeterX, Akamai Bot Manager, and other anti-bot systems automatically. Use when your agent hits 403 Forbidden, Cloudflare challenges, CAPTCHAs, rate limits (429), IP bans, empty responses, or WAF blocks. Features auto block detection and bypass, one-command IP rotation, US geo-targeting, dynamic proxy routing rules, and managed headless Chromium via Playwright — all through a JSON-first CLI built for AI agents.
waf-rule-creator
Create WAF rule creator operations. Auto-activating skill for Security Advanced. Triggers on: WAF rule creator, WAF rule creator Part of the Security Advanced skill category. Use when working with WAF rule creator functionality. Trigger with phrases like "WAF rule creator", "WAF creator", "WAF".
cloudflare
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
cloudflare
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
aws-cloudformation-cloudfront
Provides AWS CloudFormation patterns for CloudFront distributions, origins (ALB, S3, Lambda@Edge, VPC Origins), CacheBehaviors, Functions, SecurityHeaders, parameters, Outputs and cross-stack references. Use when creating CloudFront distributions with CloudFormation, configuring multiple origins, implementing caching strategies, managing custom domains with ACM, configuring WAF, and optimizing performance.
making-waffles
Generates WAFFLES Declarations for social media posts — preemptive lists of what a post does NOT say. Use when users mention WAFFLES, ask for clarifications on their post, want to prevent misinterpretation, or request disclaimers for controversial/nuanced takes.
vuln-research
安全研究元思考方法论 - 从先知社区5600+篇安全文档中提炼的漏洞挖掘方法论框架。 Use this skill when: - 进行漏洞挖掘和安全研究时,需要系统化的思考框架 - 分析特定类型漏洞(Web注入、反序列化、二进制、域渗透等)的攻击路径 - 需要了解绕过防护措施(WAF、EDR、沙箱)的思维模式 - 进行代码审计需要Source-Sink分析方法论 - 红队攻防需要完整攻击链规划 - CTF竞赛需要快速解题思路 - 逆向分析恶意软件需要方法论指导 Triggers: 漏洞挖掘、安全研究、渗透测试、代码审计、红队攻防、CTF、逆向分析、 WAF绕过、免杀、提权、横向移动、域渗透、反序列化、二进制安全、Fuzzing
aws-cloudfront-cdn
Distribute content globally using CloudFront with caching, security headers, WAF integration, and origin configuration. Use for low-latency content delivery.
waf-bypass-hunter
Bypass a Coraza WAF protecting a vulnerable Next.js 16 backend. Analyze parser differentials between Go (WAF) and Node.js (backend) to find bypasses.
context-analysis
Analyze plain text documents to understand their semantic structure and token distribution. Use when asked to analyze context, visualize token usage, segment text, identify components, create waffle charts, or compare multiple documents.
security-auditor
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
marketing-ai-search-optimization
Improve visibility in AI search and answer engines (ChatGPT, Perplexity, Gemini, Google AI Overviews) using GEO: crawl controls (robots/WAF/llms.txt), answer-ready content and entity pages, citation strategy, and measurement (query bank, share of model).
cloudflare-expert
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use PROACTIVELY for any Cloudflare development task.
cloudflare-coder
This skill guides provisioning Cloudflare infrastructure with OpenTofu/Terraform. Use when managing zones, DNS records, WAF rules, SSL settings, Page Rules, or cache configuration.
b2c-ecdn
Manage B2C Commerce eCDN (embedded CDN) settings with the b2c cli. Always reference when using the CLI to purge CDN cache, configure WAF rules, manage SSL certificates, set rate limits, manage firewall rules, or create CDN zones.
architecture-design
Design Azure cloud architectures from requirements and generate High-Level Design (HLD) documentation with service selection, patterns, cost estimates, and WAF alignment. Use this when asked to design or architect Azure solutions.
waf-assessment
Assess Azure architectures against Well-Architected Framework (WAF) five pillars - Reliability, Security, Cost Optimization, Operational Excellence, and Performance Efficiency. Provide scores and recommendations.
CTF Web Solver
当用户正在进行 CTF 比赛或练习,遇到 Web 类型题目时触发此 Skill。 适用场景包括: - 用户描述了 SQL 注入、XSS、SSRF、SSTI、XXE、文件包含、命令执行等 Web 安全问题 - 用户需要进行信息搜集、目录扫描、端口扫描等渗透前期工作 - 用户遇到 PHP 特性利用、反序列化、JWT 伪造等高级攻击场景 - 用户提及 "CTF"、"Web"、"渗透"、"注入"、"绕过"、"漏洞" 等关键词 - 用户需要分析 Java 代码审计、区块链安全、组件漏洞利用等问题 - 用户需要构造 payload、编写 exploit、分析 WAF 绕过策略
Azure Architecture Review
Review Terraform Azure code against Microsoft Cloud Adoption Framework (CAF) and Azure Well-Architected Framework (WAF). Use this skill when reviewing Terraform configurations, validating code against Microsoft frameworks, checking infrastructure-as-code compliance, or performing architecture reviews of .tf files before deployment.
waf-setup
Deploy and tune Web Application Firewalls. Configure rules for OWASP Top 10 protection. Use when protecting web applications from common attacks.
cloudflare
Protect and accelerate websites with Cloudflare. Use when a user asks to add CDN, DDoS protection, DNS management, SSL, WAF, or edge computing to a website or API.
infra-rate-limiting
Assists with configuring infrastructure-level rate limiting at the reverse proxy, API gateway, CDN, and WAF layers. Use when setting up Nginx rate limiting, Cloudflare rate rules, AWS API Gateway throttling, Kong rate limiting plugins, or CDN-level DDoS protection. Trigger words: nginx rate limit, api gateway throttling, cloudflare rate limiting, waf, cdn rate limit, infrastructure throttling.
cloudflare
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
cloudflare-expert
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use PROACTIVELY for any Cloudflare development task.
cloudflare
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
waf-rule-management
Write, validate, tune, test, and improve ModSecurity 3.0 / Coraza WAF rules and OWASP Core Rule Set (CRS) configurations using a developer-led security approach and OODA loop methodology. Converts OpenAPI specifications into positive-security WAF rules for inclusion before CRS evaluation. Supports false positive analysis, rule exclusions, audit log analysis, go-ftw testing, CRS Sandbox testing, regex assembly with crs-toolchain, CRSLang (next-gen rule format), and CI/CD integration. Use when the user mentions ModSecurity, Coraza, CRS, SecRule, WAF rules, web application firewall, false positives, paranoia level, anomaly scoring, audit logs, go-ftw, rule tuning, OpenAPI to WAF, CRSLang, positive security model, JA4, JA3, TLS fingerprint, CDN (CloudFront, Akamai, Cloudflare, Fastly), or load balancer. Primary target is ModSecurity v3; supports migration from v2.
implementing-cloud-waf-rules
This skill covers deploying and tuning Web Application Firewall rules on AWS WAF, Azure WAF, and Cloudflare to protect cloud-hosted applications against OWASP Top 10 attacks. It details configuring managed rule sets, creating custom rules for business logic protection, implementing rate limiting, deploying bot management, and reducing false positives through rule tuning and logging analysis.
performing-web-application-firewall-bypass
Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution, and payload obfuscation to deliver SQL injection, XSS, and other attack payloads past WAF detection rules.
performing-http-parameter-pollution-attack
Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting duplicate parameters that are processed differently by front-end and back-end systems.
implementing-ddos-mitigation-with-cloudflare
Configure Cloudflare DDoS protection with managed rulesets, rate limiting, WAF rules, Bot Management, and origin protection to mitigate volumetric, protocol, and application-layer attacks.
implementing-api-gateway-security-controls
Implements security controls at the API gateway layer including authentication enforcement, rate limiting, request validation, IP allowlisting, TLS termination, and threat protection. The engineer configures API gateways (Kong, AWS API Gateway, Azure APIM, Apigee) to act as a centralized security enforcement point that validates, throttles, and monitors all API traffic before it reaches backend services. Activates for requests involving API gateway security, API management security, gateway authentication, or centralized API protection.
securing-api-gateway-with-aws-waf
Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection, creating custom rate limiting rules, implementing bot control, setting up IP reputation filtering, and monitoring WAF metrics for security effectiveness.
dataverse-upload-zip
Upload files to Harvard Dataverse via ZIP archive to bypass WAF restrictions. Use when direct uploads of R, Stata, or other code files fail with 403 Forbidden.
arcjet
Arcjet security platform integration and operations guidance across all Arcjet docs domains and repositories. Use when implementing or tuning Shield WAF, rate limiting, bot protection, email validation, sensitive info controls, redaction, filters, characteristics, proxy/IP handling, SDK setup for Node/Next/Nest/Fastify/Remix/SvelteKit/Astro/Bun/Deno/Nuxt/React Router/Hono, Python coverage, and Arcjet blueprints for AI quota and abuse prevention.
poco
CLI for Docker Compose, Kubernetes and Helm. Use when the user works with poco, poco.yml, Docker Compose catalog, kubectl context/namespace, Helm releases, or asks to start/stop compose projects, switch K8s context, or list Helm.
gcp-vulnerable-components
Use this skill when users need to audit, detect, or remediate Vulnerable and Outdated Components (OWASP A06:2021) on Google Cloud Platform. This includes auditing Binary Authorization enforcement on GKE clusters, scanning container images in Artifact Registry for known CVEs, reviewing Security Command Center findings for container threats (malicious scripts, reverse shells, cryptomining, malware) and vulnerability detections (outdated libraries), configuring Cloud Armor WAF rules to block exploitation of vulnerable endpoints (RCE, file inclusion), and monitoring GCP security bulletins. Activate for container scanning, Binary Authorization policy checks, CVE remediation, or OWASP A06 compliance.
WAF Rule Creator
Create WAF Rule Creator operations. Auto-activating skill for Security Advanced. Triggers on: WAF Rule Creator, WAF Rule Creator Part of the Security Advanced skill category. Use when working with WAF Rule Creator functionality. Trigger with phrases like "waf rule creator", "waf creator", "waf".
feature-switches-with-waffle
Use feature switches to control introduction of new functionality and regressions with Django Waffle
gcp-injection
Use this skill when users need to audit, detect, or remediate Injection vulnerabilities (OWASP A03:2021) on Google Cloud Platform. This includes SQL injection, Cross-Site Scripting (XSS), command injection, LDAP injection, and any scenario where untrusted data is sent to an interpreter. Covers configuring Cloud Armor WAF preconfigured rule sets (sqli-stable, xss-stable, rce-stable, php-stable), reviewing Security Command Center findings for injection-related threats (Container Threat Detection, Web Security Scanner), and auditing Apigee API proxies for JSON/XML threat protection. Activate for GCP WAF hardening, injection prevention, or OWASP A03 compliance.
cloudfront-cdn
Amazon CloudFront CDN の設計・運用パターン。ディストリビューション設定、キャッシュビヘイビア、 オリジンアクセスコントロール(OAC)、CloudFront Functions / Lambda@Edge によるエッジ処理、 カスタムエラーページ、WAF 連携、SSL/TLS 設定を網羅する。静的サイト配信、API キャッシュ、 動的コンテンツ配信における低レイテンシ・高可用性の実現パターンを提供する。
cloudflare
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
gcp-broken-access-control
Use this skill when users need to audit, detect, or remediate Broken Access Control vulnerabilities (OWASP A01:2021) on Google Cloud Platform. This includes reviewing IAM policies for overly permissive bindings, configuring Cloud Armor WAF rules for CORS/CSRF filtering and parameter pollution prevention, enabling Identity-Aware Proxy (IAP), reviewing Security Command Center findings, setting up Cloud Asset Inventory monitoring, and hardening SSL/TLS policies. Activate for GCP access control audits, WAF configuration, or OWASP A01 compliance.
aws-cli
AWS CLI wrapper for agents. Manage AWS infrastructure across EC2, S3, RDS, CloudFront, Route 53, Lambda, SES, ACM, WAF, Backup, IAM, and ElastiCache via subprocess with profile management and convenience wrappers. Most output is JSON to stdout; S3 operations and passthrough may emit plain text. Status/errors to stderr.
gcp-security-misconfiguration
Use this skill when users need to audit, detect, or remediate Security Misconfiguration vulnerabilities (OWASP A05:2021) on Google Cloud Platform. This includes checking for unpatched flaws, default configurations, open admin endpoints, HTTP verb tampering, request smuggling, LFI/RFI vulnerabilities, disabled security hardening, and overly permissive firewall rules. Covers Cloud Armor WAF rule deployment, Security Command Center Health Analytics, Cloud Asset Inventory monitoring, SSL/TLS cipher hardening, and Apigee shared flow consolidation. Activate for GCP security hardening audits, default config reviews, admin endpoint protection, or OWASP A05 compliance.