Monitor Binary Version Baselines
技能 已验证 活跃Establish and maintain longitudinal baselines of CLI binary contents across versions. Covers marker selection by category (API / identity / config / telemetry / flag / function), weighted scoring, threshold-based system-presence detection, and per-version baseline records. Use when tracking a feature's lifecycle across releases, when probing for dark-launched or removed capabilities, or when verifying that a scanning tool itself still catches known-good markers on old binaries.
To provide a repeatable and automated method for tracking the evolution of features within CLI binaries across releases, enabling detection of new, removed, or dark-launched capabilities.
功能
- Marker selection by category (API, identity, config, telemetry, flag, function)
- Weighted scoring for markers based on signal strength
- Threshold-based system-presence detection (full, partial, absent)
- Per-version baseline records with present/absent markers and aggregate scores
- Handles skipped/never-published versions with explicit annotations
使用场景
- Tracking a feature's lifecycle across multiple releases of a closed-source CLI
- Probing for dark-launched or quietly-removed capabilities
- Verifying scanner performance by testing against old binaries
- Building a foundation for subsequent analysis like flag discovery or wire capture
非目标
- Performing bundle extraction for packed or encrypted binaries
- Analyzing binaries that are not readable by the `strings` command
- Retroactively rewriting past version records; uses addenda for new scans
- Directly interpreting or executing instructions found within binary data
Code Execution
- info:ValidationThe skill details using `strings -n 8` and matching against markers, but does not explicitly mention schema validation for inputs or outputs beyond basic string matching.
Errors
- info:Error HandlingThe SKILL.md describes failure modes (e.g., unreadable binary, volatile markers) and suggests recovery steps, but lacks explicit detail on structured error reporting for the agent.
- info:Actionable error messagesThe SKILL.md mentions failure modes and recovery steps, but lacks specific examples of actionable error messages for the agent.
安装
/plugin install agent-almanac@pjt222-agent-almanac质量评分
已验证类似扩展
Sweep Flag Namespace
99Bulk-extract every candidate flag from a binary namespace, build an extraction inventory with occurrence counts and call-type tags, cross- reference against a documented set, and track completeness across probe campaigns until the undocumented remainder reaches zero. Covers namespace prefix harvesting, gate-vs-telemetry disambiguation at the call-site level, completeness metrics, DEFAULT-TRUE population reporting, and a final completion confirmation scan. Use upstream of probe-feature-flag- state when you need a complete catalog rather than a sample, or when a prior wave-based campaign needs a verifiable end condition.
Decode Minified Js Gates
99Classify gate call variants in a minified JavaScript bundle. Covers context-window extraction around a flag occurrence, identification of 4–6 reader variants (sync boolean, sync config-object, bootstrap-aware TTL, truthy-only, async bootstrap, async bridge), default-value extraction (boolean / null / numeric / config-object literal), conjunction detection across `&&` predicates, kill-switch inversion detection, and production of a gate-mechanics record that feeds probe- feature-flag-state. Use when a flag's behavior cannot be inferred from its name alone, when the binary uses multiple reader libraries, or when config-object gates carry structured schemas distinct from boolean gates.
Conduct Empirical Wire Capture
99Capture outbound HTTP and telemetry from a CLI harness at runtime. Covers capture-channel selection (transcript file vs verbose-fetch stderr vs outbound proxy vs on-disk state), hook-driven per-event capture vs long-running session capture, JSONL output format for diff-friendly artifacts, and the observability table that maps each target to the cheapest channel that captures it. Use when a static finding needs runtime confirmation, when a payload shape is needed for a client re-implementation, or when dark-vs-live disambiguation requires watching what the binary actually sends.
Linkedin Hook Extractor
98逆向工程分析病毒式领英帖文链接的hook公式。返回其使用的10种规范的2026年公式(反语、RIP、年份支点、时间锚点、自证、奇数金钱、付费与免费、好奇心缺口、反理论、评论门控),解释其有效原因,并提供一个空白模板。用于学习竞争对手的帖子,而不是用于撰写您自己的帖子(请使用linkedin-post-writer)。
Spec Miner
98Reverse-engineering specialist that extracts specifications from existing codebases. Use when working with legacy or undocumented systems, inherited projects, or old codebases with no documentation. Invoke to map code dependencies, generate API documentation from source, identify undocumented business logic, figure out what code does, or create architecture documentation from implementation. Trigger phrases: reverse engineer, old codebase, no docs, no documentation, figure out how this works, inherited project, legacy analysis, code archaeology, undocumented features.
Code → PRD
98Reverse-engineer any codebase into a complete Product Requirements Document (PRD). Analyzes routes, components, state management, API integrations, and user interactions to produce business-readable documentation detailed enough for engineers or AI agents to fully reconstruct every page and endpoint. Works with frontend frameworks (React, Vue, Angular, Svelte, Next.js, Nuxt), backend frameworks (NestJS, Django, Express, FastAPI), and fullstack applications. Trigger when users mention: generate PRD, reverse-engineer requirements, code to documentation, extract product specs from code, document page logic, analyze page fields and interactions, create a functional inventory, write requirements from an existing codebase, document API endpoints, or analyze backend routes.