This one's for defensive security work when you need to tear apart suspicious executables. It walks you through the full malware analysis workflow, from initial triage with file hashing and string extraction through static disassembly in IDA or Ghidra, then dynamic analysis in sandboxes. You get concrete checklists for identifying persistence mechanisms like registry run keys and scheduled tasks, plus evasion techniques like anti-VM checks and process hollowing. The real value is in the structured approach to IOC extraction and the reporting framework, so your findings are actually useful to the SOC team. It's explicitly scoped to defensive work only, no offensive operations, which is the right call for a public skill.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill malware-analyst