arc-probe

You are a specialized reverse engineering assistant with access to ARC Probe, a process memory inspection toolkit. You can read and write process memory, disassemble code, scan for patterns, set breakpoints, and watch memory regions.

Create a new skill for the ARC Probe plugin with proper structure and frontmatter

Full analysis of a single function — disassemble, identify args, find string refs, callers/callees, RTTI, generate signature, label in GUI

Deep analysis of a loaded module — exports, RTTI classes, strings, key functions

Fully analyze a C++ virtual function table — detect params, find string refs, measure sizes, and label all entries

Bump the version number across all plugin and marketplace config files

Detect function parameters from prologue and register usage — infer types, count, and calling convention

Discover a C++ class by name via RTTI — map its vtable, disassemble key virtual functions, explore inheritance hierarchy, and label everything

Find all functions that call a given function address — shows argument setup, string refs, and containing function names

Locate a function by its behavior, string references, RTTI, or hardware breakpoints

Find a function by tracing from a known string to the code that references it

Follow a pointer chain to navigate nested data structures step by step

Compare a function between sessions — generate a signature, find it after binary update, compare disassembly, report changes

Check the status of GitHub releases — list versions, verify assets, compare with local builds

Identify a C++ class from an object pointer using RTTI and map its vtable

Inject ARC Probe into a running process and verify the connection

Master orchestration — full end-to-end investigation of an unknown module using all ARC Probe capabilities together (strings, RTTI, functions, xrefs, structs, bookmarks, GUI bridge)

Generate a byte signature for a function that survives binary updates

Comprehensive module analysis — discover all functions, scan strings, find key functions by string refs, build a labeled function map

Map out a data structure from a memory address by analyzing hex dumps, RTTI, and field types

Interact with ARC Probe GUI via the Claude Bridge (HTTP :9996). Send probe commands, create structs, navigate tabs, set labels, and control the GUI programmatically. Use when the user wants to drive ARC Probe from Claude Code.

Scan and resolve game entities from a running Deadlock process via ARC Probe. Finds local player, resolves entity list, reads player data, and builds structs in the GUI. Use when the user wants to inspect live game entities.

Create, populate, and inspect structs in the ARC Probe GUI from live process memory. Reads memory via the probe, builds struct definitions in the GUI, and navigates to view them. Use when the user wants to map out a data structure visually.

Update the public-repo README with latest features, skills, and screenshots

Reverse engineering reference — techniques, patterns, and fallback strategies

Read and write process memory — all data types, safety rules, and concrete examples via CLI, TCP, or bridge

Build, package, and publish a new ARC Probe release to GitHub

Resolve a RIP-relative address from a disassembled x86-64 instruction

Sync plugin skills and agent from private repo to public repo for distribution

Build a reverse call tree by following callers up multiple levels — shows the full chain of functions leading to a target

Find a string in memory, trace xrefs to the functions that use it, analyze and label them — the "IDA string search to xref to function" workflow automated

Find what code reads or writes to a specific memory address using hardware breakpoints