Use this skill whenever an `ida-pro-mcp` server is connected and you need to drive IDA Pro efficiently for reverse engineering — structured "survey this binary" first passes, progressive deepening from big-picture to dispatcher-level detail, ready-to-paste `py_eval` helpers for `.rodata` string recovery, panic-path extraction, and pclntab discovery, and disciplined rules for when to `decompile`, `xrefs_to`, `find_regex`, `rename`, and `set_type`. Trigger on any task involving IDA MCP, IDA Pro workflows, stripped binary analysis when the disassembler is connected, or when an analyst asks Claude to "look at this IDB", "survey this binary", "find the dispatcher", or "recover symbols" with an IDA backend available. Complements `reverse-malware-triage`, `reverse-rust-malware`, `reverse-golang-symbol-recovery`, and `reverse-golang-malware`.
Use this skill when ida-pro-mcp is connected and the agent is expected
to drive IDA Pro, not describe it abstractly. It captures a
reproducible, efficient analyst methodology for AI-assisted RE against
stripped native binaries. It is designed for workflows where a human
would otherwise click for hours, and optimized for the realistic cost