npx claudepluginhub hrconsultnj/claude-plugins --plugin sentinelThis skill uses the workspace's default tool permissions.
Inspect an installed package's source code for behavioral signals that indicate supply chain risk. Scores the package and reports suspicious patterns with file:line context.
Acquire memory dumps from live systems/VMs and analyze with Volatility 3 for processes, networks, DLLs, injections in incident response or malware hunts.
Provides x86-64/ARM disassembly patterns, calling conventions, control flow recognition for static analysis of executables and compiled binaries.
Identifies anti-debugging checks like IsDebuggerPresent, NtQueryInformationProcess in Windows binaries; suggests bypasses via patches/hooks/scripts for malware analysis, CTFs, authorized RE.
Inspect an installed package's source code for behavioral signals that indicate supply chain risk. Scores the package and reports suspicious patterns with file:line context.
Load each step through the fetch command (handles caching, decryption, and auth):
"~/.composure/bin/composure-fetch.mjs" skill sentinel package-risk {step-filename}
Do NOT read cache files directly — they are encrypted at rest. Always use the fetch command above.
| # | File |
|---|---|
| 1 | 01-locate-package.md |
| 2 | 02-behavior-scan.md |
| 3 | 03-score-and-report.md |