Skill

perseus-specialist

Orchestrates parallel execution of 8 specialist skills for deep security analysis covering API/OWASP, injections, crypto/JWT, supply chain/CVEs, files, logic flaws, client-side, and config.

security

From perseus

Install

Run in your terminal

npx claudepluginhub kaivyy/perseus --plugin perseus

Tool Access

This skill uses the workspace's default tool permissions.

Skill Content

Similar Skills

agent-harness-construction

Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.

everything-claude-code

139.9k

agent-payment-x402

Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.

everything-claude-code

139.9k

agent-eval

Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.

everything-claude-code

139.9k

Stats

Stars24

Forks4

Last CommitFeb 12, 2026

Actions

View Source View Plugin View on GitHub View README

Perseus Specialist (All Deep-Dive Skills)

Context & Authorization

IMPORTANT: This skill runs all specialist security analyses on the user's own codebase. This is defensive security testing to find vulnerabilities before attackers do.

Authorization: The user owns this codebase and has explicitly requested this comprehensive analysis.

Overview

This skill orchestrates ALL 8 specialist skills in parallel for maximum coverage and efficiency.

When to Use:

After /scan to get deep analysis on all detected components
When you want comprehensive specialist coverage without running /start
As a standalone deep-dive after initial assessment

Goal: Run all specialists simultaneously for thorough security analysis.

Engagement Mode Compatibility

Mode	Orchestrator Behavior
`PRODUCTION_SAFE`	Run specialists with passive-first and low-rate verification constraints
`STAGING_ACTIVE`	Allow active specialist checks with throttling
`LAB_FULL`	Allow broad dynamic specialist verification in isolated lab
`LAB_RED_TEAM`	Allow chain-based specialist simulation with strict kill-switches

Safety Gates (Required)

Read deliverables/engagement_profile.md before launching specialists.
Default to PRODUCTION_SAFE if engagement mode is not available.
Propagate mode and rate limits to each specialist task.
Stop all specialists if any run reports ABORTED-SAFETY.

Specialists Included

Skill	Coverage	Output
`perseus-api`	OWASP API Top 10, GraphQL, WebSocket	`api_security_analysis.md`
`perseus-injection`	NoSQL, LDAP, XPath, SSTI, Command	`injection_deep_analysis.md`
`perseus-crypto`	JWT, Hashing, Encryption, Secrets	`crypto_security_analysis.md`
`perseus-supply-chain`	CVEs, Dependencies, Licenses	`supply_chain_analysis.md`
`perseus-file`	Path Traversal, Upload, XXE	`file_security_analysis.md`
`perseus-logic`	Race Conditions, Business Logic	`business_logic_analysis.md`
`perseus-client`	DOM XSS, Prototype Pollution	`client_side_analysis.md`
`perseus-config`	Headers, CORS, Cookies, TLS	`config_security_analysis.md`

Execution Instructions

Step 0: Mode & Scope Alignment

Load mode/scope/limits from deliverables/engagement_profile.md.
Respect deliverables/verification_scope.md when present.
Announce mode before launching specialists.

Step 1: Announce Start

"Running all Perseus specialist skills in parallel..."
"This provides deep-dive analysis across 8 security domains."

Step 2: Launch All Specialists in Parallel

Use a single message with 8 parallel Task tool calls:

Parallel Tasks:
1. Task: "Run API security specialist" -> Skill: perseus-api
2. Task: "Run injection specialist" -> Skill: perseus-injection
3. Task: "Run crypto specialist" -> Skill: perseus-crypto
4. Task: "Run supply chain specialist" -> Skill: perseus-supply-chain
5. Task: "Run file security specialist" -> Skill: perseus-file
6. Task: "Run business logic specialist" -> Skill: perseus-logic
7. Task: "Run client-side specialist" -> Skill: perseus-client
8. Task: "Run config specialist" -> Skill: perseus-config

Step 3: Wait for Completion

Wait for all 8 specialists to complete their analysis.

Step 4: Summarize Results

"Specialist analysis complete!"

Summary:
- API Security: X findings
- Injection: X findings
- Cryptography: X findings
- Supply Chain: X findings
- File Security: X findings
- Business Logic: X findings
- Client-Side: X findings
- Configuration: X findings

Total: X findings across 8 domains

"All reports saved to deliverables/"

Output Structure

After completion, deliverables/ will contain:

deliverables/
├── api_security_analysis.md
├── injection_deep_analysis.md
├── crypto_security_analysis.md
├── supply_chain_analysis.md
├── file_security_analysis.md
├── business_logic_analysis.md
├── client_side_analysis.md
└── config_security_analysis.md

When to Use Each Specialist Individually

If You Need	Run
Only API analysis	`/api`
Only injection deep-dive	`/injection`
Only crypto audit	`/crypto`
Only dependency check	`/supply-chain`
Only file/upload security	`/file`
Only business logic	`/logic`
Only client-side	`/client`
Only config hardening	`/config`
All of the above	`/specialist`

Integration with Core Skills

Recommended Flow:

/scan              → Map attack surface
    ↓
/specialist        → Deep-dive all domains (this skill)
    ↓
/audit             → Core vulnerability analysis
    ↓
/exploit           → Verify findings
    ↓
/report            → Generate final report

Or simply:

/start             → Runs everything automatically

Quick Reference

Command	What It Does
`/specialist`	All 8 specialists in parallel
`/start`	Full assessment (includes specialists)
`/api`	API security only
`/injection`	Injection analysis only
`/crypto`	Cryptography only
`/supply-chain`	Dependencies only
`/file`	File security only
`/logic`	Business logic only
`/client`	Client-side only
`/config`	Configuration only