I hereby claim:
- I am kurtpayne on github.
- I am kpayne (https://keybase.io/kpayne) on keybase.
- I have a public key ASBQryJbLLHpQoZX3m-GUoMVhZBbYd4YGatkPFU9KyfzmAo
To claim this, I am signing this object:
kurtpayne
kurtpayne
/ dockerhub-overview-skillscan-security.txt
Created
March 16, 2026 03:21
Docker Hub overview for skillscan-security
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SkillScan Security | |
| SkillScan Security is an offline-first security scanner for AI skills and tool bundles. It analyzes code and instruction content and returns deterministic verdicts (allow, warn, block) using configurable policy profiles (strict, balanced, permissive). | |
| What it detects | |
| - Malware-like and suspicious command patterns | |
| - Prompt-injection and instruction abuse risks | |
| - Secret access and exfiltration chains | |
| - Risky dependency posture and supply-chain issues | |
| - Dangerous action chaining across scripts and tooling |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Install pre-reqs | |
| yum -y update | |
| yum -y install epel-release | |
| curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo | |
| yum -y install abuild ack autoconf automake binutils build-base bzip2 bzip2-devel curl docker docker-compose gcc gcc-c++ java-1.8.0-openjdk java-1.8.0-openjdk-devel libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel libpng12 libpng12-devel libstdc++ libtool make nasm nodejs npm python strace tar unzip wget yarn yum-utils | |
| # Install gradle | |
| mkdir -p /opt/gradle |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ php behat.phar features/theme.feature | |
| Feature: Manage WordPress themes | |
| Scenario: Installing and deleting theme # features/theme.feature:3 | |
| Given a WP install # features/steps/given.php:40 | |
| When I run `wp theme install p2` # features/steps/when.php:17 | |
| $ wp theme install p2 | |
| Installing P2 (1.5.3) | |
| Downloading install package from https://wordpress.org/themes/download/p2.1.5.3.zip... | |
| Unpacking the package... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| varnish> panic.show | |
| 200 | |
| Last panic at: Thu, 24 Apr 2014 17:27:48 GMT | |
| Assert error in vmod_ch_sighandler(), vmod_crashhandler.c line 13: | |
| Condition(You asked for it) not true. | |
| errno = 104 (Connection reset by peer) | |
| thread = (cache-worker) | |
| ident = Linux,2.6.32-358.18.1.el6.nfsfixes.x86_64,x86_64,-sfile,-smalloc,-hcritbit,epoll | |
| Backtrace: | |
| 0x42f758: /usr/sbin/varnishd() [0x42f758] |
kurtpayne
/ SimpleProfiler.class.php
Created
December 24, 2013 17:32
https://web.archive.org/web/20130415130356/http://inside.godaddy.com/write-code-profiler-php/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * A very simple php code profiler. No extensions required. | |
| * | |
| * Example usage: | |
| * <code> | |
| * declare(ticks=1); | |
| * require_once('./SimpleProfiler.class.php'); | |
| * SimpleProfiler::start_profile(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Plugin Name: Rarst's favorite plugin | |
| * Description: SHUT UP | |
| * Version: INF | |
| * Author: The unholy army of trolls | |
| * License: GPLv2 or MIT (they're equivalent, right?) | |
| */ | |
| add_action( 'all', function() { | |
| global $wp_filter; |
kurtpayne
/ gist:7222878
Created
October 29, 2013 21:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "offers": [ | |
| { | |
| "response": "upgrade", | |
| "download": "https:\/\/wordpress.org\/wordpress-3.7.1.zip", | |
| "locale": "en_US", | |
| "packages": { | |
| "full": "https:\/\/wordpress.org\/wordpress-3.7.1.zip", | |
| "no_content": "https:\/\/wordpress.org\/wordpress-3.7.1-no-content.zip", | |
| "new_bundled": "https:\/\/wordpress.org\/wordpress-3.7.1-new-bundled.zip", |
kurtpayne
/ mysql_error_catcher.php
Last active
December 20, 2015 15:28
First pass at catching rogue mysql_* calls in themes and plugins.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| set_error_handler( function( $errno, $errstr, $errfile) { | |
| if ( 'wp-db.php' !== basename( $errfile ) ) { | |
| if ( preg_match( '/^(mysql_[a-zA-Z0-9_]+)/', $errstr, $matches ) ) { | |
| _doing_it_wrong( $matches[1], 'Please talk to the database using $wpdb', '3.7' ); | |
| return apply_filters( 'wpdb_drivers_raw_mysql_call_trigger_error', true ); | |
| } | |
| } |
NewerOlder