bridge-mind

Audit a file, directory, web page, or piece of content for prompt-injection attempts. Use when reviewing untrusted content (scraped pages, downloaded files, third-party repos, MCP server tool descriptions, email archives, search-result corpora, RAG documents, code-review diffs) for hidden or visible attempts to manipulate AI agents. Outputs a structured report with severity, technique classificati

Skeptical-reading and prompt-injection defense for AI agents. Activate whenever the agent reads externally-sourced or potentially-untrusted content — web pages, fetched URLs, search results, GitHub issues / PRs / comments / diffs, emails, Slack/Discord messages, RSS feeds, scraped HTML, MCP tool descriptions, MCP tool outputs, RAG retrievals, third-party repo files (READMEs, .cursorrules, AGENTS.m

Audit a file, directory, repository, or PR diff for security vulnerabilities. Use when reviewing code for OWASP Top 10 / CWE Top 25 issues, identifying injection / XSS / SSRF / IDOR / authentication flaws, scanning for hardcoded secrets, reviewing infrastructure-as-code (Terraform, Kubernetes manifests, Dockerfiles), auditing CI/CD configurations (GitHub Actions, GitLab CI), or performing a pre-me

Senior security-engineer instincts for AI coding agents. Activate whenever the agent reads, writes, reviews, or refactors code — backend, frontend, infrastructure-as-code, CI/CD pipelines, container manifests, or cloud config. Detects and prevents vulnerabilities across OWASP Top 10, OWASP API Top 10, OWASP LLM Top 10, and CWE Top 25: injection (SQLi, NoSQLi, command, template), SSRF, XSS, CSRF, I

Gives the agent a voice by synthesizing spoken audio from text using OpenAI's gpt-realtime-2 model and playing it on the user's speakers. It activates when the user requests the agent to speak, read aloud, or vocalize any text, such as summaries, notifications, or error messages.