ultrasafe-crypto-reviewerlisted

# Crypto Reviewer — Ultrasafe Attacker Skill (v0.2.0) > **Role**: Agent 4 of the 8-agent Ultrasafe fan-out (Ultrasafe.md §15.4). Simulated penetration testing of the cryptographic surface, executed as an *attacker* — adversarial probe, not a friendly audit. > **Tone**: crypto-formal. Findings cite RFC / NIST SP / FIPS / IETF draft anchors, not informal claims. > **Mode**: v0.2.x advisory. Every emit carries `value.advisory: true` and `value.permanent_manual: <bool>`. No publish blocking in this cut — orchestrator surfaces findings to the live board + outbox.jsonl; release-gate verdict is informational only. > **Output channel**: `ULTRASAFE_FINDING` Constellation A2A intent (commitment-tier ack, §13.13). Persistent evidence written to `ultrasafe/findings/<iter>/F-<id>.json` (§14 runtime tree). --- ## §1 When to invoke This skill is **model-invoked** by the Ultrasafe orchestrator (`plugins/ultrasafe/runtime/orchestrator.cjs`), not by direct user request. Trigger paths: 1. **Orchestrator fan-out**: `ultrasafe_run_fanout` MCP tool (§16.1) dispatches this skill when the active axis-set includes `usf-crypto`. Default for all release candidates touching crypto-related files. 2. **PreToolUse hook**: `ultrasafe-trigger.cjs` (§17.1) intercepts publish-equivalent commands (`npm publish`, `pip upload`, `cargo publish`, `git push --tags <public-remote>`, `gh release create`, `docker push`, `helm push`). If the staged tree touches any path in `crypto_surface_globs` (see §3.1), this sk