Sandbornm My Claude Skills
sandbornm-my-claude-skills is a Claude Code plugin bundle for the Ship phase that wires angr and Frida-style binary analysis into your coding agent.
by sandbornm · github.com/sandbornm/my-claude-skills
Install this bundle when you need Claude Code to help reverse binaries, trace execution, or instrument live processes during security research or CTF work.
Add it to Claude Code
Install the plugin in Claude Code. One command, paste-ready.
/plugin install sandbornm-my-claude-skills@sandbornm/my-claude-skillsBuilt to be called by your agent
Skillselion is itself an MCP server. Your agent can pull this entry and a paste-ready install config straight from the API - no copy-paste.
Retrieve this entry with skillselion.get_details("plugin:sandbornm/my-claude-skills") and the paste-ready config with skillselion.get_install_config("plugin:sandbornm/my-claude-skills").
What it does
sandbornm-my-claude-skills is a Claude Code plugin marketplace entry packing binary-analysis capabilities for builders who work with executables, native libraries, or capture files. It combines angr-oriented static and symbolic execution workflows with Frida-oriented dynamic hooking so you can ask your agent to reason about control flow, decompilation, and runtime behavior in one session. The catalog lists three plugins and keywords spanning PCAP parsing, credential extraction, DNS/HTTP anomalies, and memory carving—signals that the bundle is meant for hands-on security research rather than everyday app scaffolding. Solo builders shipping security tooling, competing in CTFs, or reviewing third-party binaries install it to keep analysis playbooks inside Claude Code. You still need local Python tooling, targets, and legal clearance for instrumentation; the plugins organize agent guidance around those stacks. Complexity is advanced because symbolic execution and live instrumentation demand careful environment setup and interpretable results.
Highlights
- Three-plugin bundle: angr for static analysis and symbolic execution, Frida for dynamic instrumentation
- Network and memory workflows including PCAP parsing, credential carving, and stream inspection keywords
- Supports decompilation, function tracing, stalker-style dynamic analysis, and vulnerability-oriented detection
- Claude Code–native plugins so the agent can drive analysis scripts instead of switching terminals constantly
- Targets reverse engineers and builders auditing native code, firmware, or unfamiliar binaries
Why builders use it
Reverse engineering and dynamic tracing usually mean juggling separate CLIs, scripts, and notes while your agent cannot see the analysis workflow.
After you add the bundle, Claude Code can follow structured static, symbolic, and instrumentation tasks against binaries and captures from one plugin-backed workflow.
At a glance
- Type - Plugin in Security.
- Adoption - 0 installs, 11 stars, 0 votes.
FAQ
Who is sandbornm-my-claude-skills for?
It is for Claude Code users doing binary analysis, malware-style inspection, or CTF-style reversing who want angr and Frida workflows agent-accessible.
When should I use sandbornm-my-claude-skills?
Use it during security review, incident response on executables, or vulnerability research when you need static, symbolic, or dynamic instrumentation guided in the IDE.
How do I add sandbornm-my-claude-skills to my agent?
Register the sandbornm/my-claude-skills marketplace entry in Claude Code, install the three listed plugins, and ensure angr, Frida, and any capture tooling exist on your machine before invoking them.
Comments
Share how you use sandbornm-my-claude-skills, gotchas, or tips for other indie builders.
No comments yet - be the first to share how you use it.