Security
Security scanning and vulnerability detection
simpleaible
by simpleble
Use the SimpleAIBLE MCP server to scan, connect, and interact with Bluetooth devices. This skill provides guidance on the recommended flow (scan -> connect -> services -> read/notify) and handles platform-specific differences like UUIDs on macOS vs MAC addresses on Linux. Use when the user wants to interact with BLE hardware or debug Bluetooth connections.
cloud-tencent-cvm
by partme-ai
Provides comprehensive guidance for Tencent Cloud CVM including instance creation, configuration, security groups, and CVM management. Use when the user asks about Tencent Cloud CVM, needs to create CVM instances, configure CVM, or manage Tencent Cloud compute resources.
cloud-aliyun-ecs
by partme-ai
Provides comprehensive guidance for Alibaba Cloud ECS including instance creation, configuration, security groups, and ECS management. Use when the user asks about Alibaba Cloud ECS, needs to create ECS instances, configure ECS, or manage Alibaba Cloud compute resources.
cloud-huawei-ecs
by partme-ai
Provides comprehensive guidance for Huawei Cloud ECS including instance creation, configuration, security groups, and ECS management. Use when the user asks about Huawei Cloud ECS, needs to create ECS instances, configure ECS, or manage Huawei Cloud compute resources.
ascii-motd-profile-banner
by partme-ai
Generate ASCII-only MOTD / SSH login banner / shell profile welcome messages (short/long variants, quiet mode guidance, security notices).
code-review:review-local-changes
by NeoLabHQ
Comprehensive review of local uncommitted changes using specialized agents with code improvement suggestions
parallel-agents
by vudovn
Multi-agent orchestration patterns. Use when multiple independent tasks can run with different domain expertise or when comprehensive analysis requires multiple perspectives.
solidity-security
by wshobson
Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
clawsec-suite
by prompt-security
ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup for additional security skills.
soul-guardian
by prompt-security
Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
code-review
by kyegomez
Perform comprehensive code reviews focusing on best practices, security vulnerabilities, performance optimization, and maintainability
secure-code-guardian
by Jeffallan
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention.
code-reviewer
by Jeffallan
Use when reviewing pull requests, conducting code quality audits, or identifying security vulnerabilities. Invoke for PR reviews, code quality checks, refactoring suggestions.
testing-handbook-skills
by elizaOS
"Application security testing toolkit from the Trail of Bits Testing Handbook. Covers fuzzing (libFuzzer, AFL++, cargo-fuzz, Atheris, Ruzzy), coverage analysis, harness writing, sanitizers, static analysis (Semgrep, CodeQL), and cryptographic testing (Wycheproof, constant-time)."
static-analysis
by elizaOS
"Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection. Use when running static analysis scans, writing custom detection rules, or processing analysis results."
spec-to-code-compliance
by elizaOS
Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitepapers, finding gaps between specs and implementation, or performing compliance checks for protocol implementations.
healthcheck
by openclaw
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
blogwatcher
by openclaw
Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI.
team-composition-patterns
by wshobson
Design optimal agent team compositions with sizing heuristics, preset configurations, and agent type selection. Use this skill when deciding team size, selecting agent types, or configuring team presets for multi-agent workflows.
fullstack-guardian
by Jeffallan
Use when implementing features across frontend and backend, building APIs with UI, or creating end-to-end data flows. Invoke for feature implementation, API development, UI building, cross-stack work.
security-checklist
by jamditis
Pre-deployment security audit for web applications. Use when reviewing code before shipping, auditing an existing application, or when users mention "security review," "ready to deploy," "going to production," or express concern about vulnerabilities. Covers authentication, input validation, secrets management, database security, and compliance basics.
vulnerability-scanner
by vudovn
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
code-review-checklist
by vudovn
Code review guidelines covering code quality, security, and best practices.
sharp-edges
by elizaOS
"Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration."