Claude
Skills
Sign in
Back

crypto-analyzer

Included with Lifetime
$97 forever

Cryptographic implementation analysis and validation for encryption algorithms, key sizes, and certificate management

Web3

What this skill does


# Crypto Analyzer Skill

## Purpose

Analyze and validate cryptographic implementations to ensure proper algorithm usage, key sizes, certificate validity, and compliance with cryptographic best practices and standards.

## Capabilities

### Encryption Implementation Analysis
- Analyze symmetric encryption usage (AES, ChaCha20)
- Review asymmetric encryption implementations (RSA, ECDSA)
- Check encryption mode selection (GCM, CBC, CTR)
- Validate initialization vector (IV) handling
- Verify padding schemes
- Identify insecure encryption patterns

### Algorithm Strength Validation
- Check algorithm deprecation status
- Validate against NIST recommendations
- Compare with FIPS 140-3 requirements
- Assess quantum resistance readiness
- Flag weak or deprecated algorithms
- Recommend algorithm upgrades

### Key Size Verification
- Validate RSA key lengths (minimum 2048-bit)
- Check ECC curve selections
- Verify symmetric key sizes
- Assess key derivation functions
- Check PBKDF2/scrypt/bcrypt parameters
- Validate key stretching implementations

### Deprecated Algorithm Detection
- Identify MD5 and SHA-1 usage
- Flag DES and 3DES usage
- Detect RC4 stream cipher
- Find weak random number generation
- Identify export-grade cryptography
- Flag custom/homegrown crypto

### Certificate Analysis
- Verify certificate validity periods
- Check certificate chain completeness
- Validate certificate key usage
- Detect wildcard certificate risks
- Check certificate transparency logs
- Monitor certificate expiration

### Cryptographic Recommendations
- Suggest algorithm replacements
- Recommend key size upgrades
- Provide implementation guidance
- Map to compliance requirements
- Generate migration plans
- Prioritize remediation efforts

## Algorithm Assessment

### Symmetric Encryption
| Algorithm | Status | Recommendation |
|-----------|--------|----------------|
| AES-256-GCM | Approved | Preferred |
| AES-128-GCM | Approved | Acceptable |
| ChaCha20-Poly1305 | Approved | Preferred for mobile |
| AES-CBC | Caution | Use with HMAC |
| 3DES | Deprecated | Replace immediately |
| DES | Prohibited | Critical risk |

### Asymmetric Encryption
| Algorithm | Min Key Size | Recommendation |
|-----------|-------------|----------------|
| RSA | 2048-bit | 3072+ preferred |
| ECDSA | P-256 | P-384 preferred |
| Ed25519 | N/A | Recommended |

### Hash Functions
| Algorithm | Status | Use Case |
|-----------|--------|----------|
| SHA-256/384/512 | Approved | General use |
| SHA-3 | Approved | High security |
| BLAKE2 | Approved | Performance |
| SHA-1 | Deprecated | Legacy only |
| MD5 | Prohibited | Never use |

## Integrations

- **OpenSSL**: Cryptographic library analysis
- **testssl.sh**: TLS configuration testing
- **SSL Labs API**: Certificate and TLS analysis
- **Cryptographic libraries**: Language-specific crypto review
- **HSM interfaces**: Hardware security module validation

## Target Processes

- Cryptography and Key Management Process
- Security Code Review
- TLS Configuration Hardening
- Certificate Lifecycle Management

## Input Schema

```json
{
  "type": "object",
  "properties": {
    "analysisType": {
      "type": "string",
      "enum": ["code-review", "tls-config", "certificate", "implementation", "compliance"],
      "description": "Type of cryptographic analysis"
    },
    "targetPath": {
      "type": "string",
      "description": "Path to code or configuration to analyze"
    },
    "endpoints": {
      "type": "array",
      "items": { "type": "string" },
      "description": "TLS endpoints to analyze"
    },
    "certificates": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Certificate files or URLs to analyze"
    },
    "languages": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Programming languages to analyze"
    },
    "complianceFrameworks": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": ["NIST", "FIPS-140-3", "PCI-DSS", "HIPAA", "FedRAMP"]
      }
    },
    "includeQuantumAssessment": {
      "type": "boolean",
      "description": "Include post-quantum readiness assessment"
    }
  },
  "required": ["analysisType"]
}
```

## Output Schema

```json
{
  "type": "object",
  "properties": {
    "analysisId": {
      "type": "string"
    },
    "analysisType": {
      "type": "string"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time"
    },
    "summary": {
      "type": "object",
      "properties": {
        "totalFindings": { "type": "integer" },
        "critical": { "type": "integer" },
        "high": { "type": "integer" },
        "medium": { "type": "integer" },
        "low": { "type": "integer" }
      }
    },
    "algorithmFindings": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "algorithm": { "type": "string" },
          "usage": { "type": "string" },
          "status": { "type": "string", "enum": ["approved", "caution", "deprecated", "prohibited"] },
          "location": { "type": "string" },
          "recommendation": { "type": "string" }
        }
      }
    },
    "keySizeFindings": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "algorithm": { "type": "string" },
          "currentSize": { "type": "string" },
          "minimumRequired": { "type": "string" },
          "recommendation": { "type": "string" }
        }
      }
    },
    "certificateFindings": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "subject": { "type": "string" },
          "issuer": { "type": "string" },
          "validFrom": { "type": "string" },
          "validTo": { "type": "string" },
          "keySize": { "type": "string" },
          "issues": { "type": "array" }
        }
      }
    },
    "tlsFindings": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "endpoint": { "type": "string" },
          "protocols": { "type": "array" },
          "cipherSuites": { "type": "array" },
          "grade": { "type": "string" },
          "issues": { "type": "array" }
        }
      }
    },
    "complianceStatus": {
      "type": "object"
    },
    "quantumReadiness": {
      "type": "object",
      "properties": {
        "atRiskAlgorithms": { "type": "array" },
        "migrationPriority": { "type": "string" },
        "recommendations": { "type": "array" }
      }
    },
    "remediationPlan": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "finding": { "type": "string" },
          "action": { "type": "string" },
          "priority": { "type": "string" },
          "effort": { "type": "string" }
        }
      }
    }
  }
}
```

## Usage Example

```javascript
skill: {
  name: 'crypto-analyzer',
  context: {
    analysisType: 'code-review',
    targetPath: './src',
    languages: ['Java', 'Python'],
    complianceFrameworks: ['NIST', 'PCI-DSS'],
    includeQuantumAssessment: true
  }
}
```
Files: 2
Size: 9.1 KB
Complexity: 18/100
Category: Web3
Source: https://github.com/a5c-ai/babysitter/tree/main/library/specializations/security-compliance/skills/crypto-analyzer

Related in Web3

xaut-trade

Included

Buy or sell XAUT (Tether Gold) on Ethereum. Supports market orders (Uniswap V3) and limit orders (UniswapX). Wallet modes: Foundry keystore or WDK. Delegates non-XAUT intents to registered skills (e.g. Polymarket prediction markets, Hyperliquid trading). Triggers: buy XAUT, XAUT trade, swap USDT for XAUT, sell XAUT, swap XAUT for USDT, limit order, limit buy XAUT, limit sell XAUT, check limit order, cancel limit order, XAUT when, create wallet, setup wallet, polymarket, prediction market, bet on, odds on, hyperliquid, perp, perpetual, long, short, open long, open short, close position, leverage.

Web3scripts

qfc-openclaw-skill

Included

QFC blockchain interaction — wallet, faucet, chain queries, staking, epoch & finality, AI inference

Web3scripts

gate-dex-trade

Included

Executes on-chain token swaps via Gate DEX. Use when user wants to swap, buy, sell, exchange, or convert tokens, or bridge cross-chain. Covers full swap flow: price quotes, transaction build, signing, and submission. Do NOT use for read-only data lookups or wallet account management.

Web3scripts

hunch

Included

Discover, bet on, track, and settle Hunch prediction markets in natural language. Trigger when a user wants to bet, take a position, or get odds on a crypto outcome — token market-cap milestones and flips, launchpad races (Bankr vs pump.fun volume / #1-days / launches over a cap), token head-to-head outperformance, mcap strike-ladders, and up/down price rounds. Also trigger on "what can I bet on about $TOKEN", "odds on …", "take YES/NO on …", "show my Hunch bets", "did my market resolve". Settles in USDC on Base via x402 (≤ $10 / bet); every bet returns an on-chain proof.

Web3scripts

opensea

Included

Query NFT data, trade on the Seaport marketplace, and swap ERC20 tokens across Ethereum, Base, Arbitrum, Optimism, Polygon, and more.

Web3scripts

polymarket

Included

Trade on Polymarket prediction markets (CLOB V2) from a Privy EOA wallet. Search markets, place/cancel orders, manage positions. No private key handling. Use when the user wants to bet on event outcomes (e.g. "buy YES at 0.65 on the ceasefire market", "what are my open positions", "close my Trump bet").

Web3scripts
Sign up & unlock — $97