Security
Security scanning and vulnerability detection
ec2
by itsmostafa
AWS EC2 virtual machine management for instances, AMIs, and networking. Use when launching instances, configuring security groups, managing key pairs, troubleshooting connectivity, or automating instance lifecycle.
code-review
by kdcokenny
Comprehensive code review methodology with severity classification and confidence thresholds
security-suite
by boshu2
'Composable binary security suite for static analysis, dynamic tracing, contract capture, baseline drift, and policy gating. Triggers: "binary security", "reverse engineer binary", "black-box binary test", "behavioral trace", "baseline diff", "security suite".'
security
by boshu2
'Continuous repository security scanning and release gating. Triggers: "security scan", "security audit", "pre-release security", "run scanners", "check vulnerabilities".'
pentest-mobile-app
by jd-opensource
OWASP Mobile Top 10 security testing for Android and iOS — local storage, certificate pinning bypass, IPC abuse, and binary protections.
Security Principles
by exceptionless
Security best practices for the Exceptionless codebase. Secrets management, input validation, secure defaults, and avoiding common vulnerabilities. Keywords: security, secrets, encryption, PII, logging, input validation, secure defaults, environment variables, OWASP, cryptography
reconciliation
by JoelLewis
"Reconciliation operations: position/cash/transaction matching with tolerance thresholds, three-way reconciliation (PMS/custodian/clearing), break identification (timing, pricing, corporate action, stock split/merger/DRIP), tolerance rules, STP rates (95-99% position, 85-95% transaction), auto-resolution, cost basis and tax lot matching, accrued income reconciliation, multi-custodian data normalization (Schwab, Fidelity, Pershing), ex-date processing, custodian feed formats, reconciliation scheduling, regulatory compliance (SEC Rule 204-2, ERISA, SOC 1/SOC 2, books and records), 1099-B accuracy, reconciliation automation platforms (Arcesium, Duco, Advent Geneva)."
financial-planning-integration
by JoelLewis
"Financial planning integration: goal-based plans, Monte Carlo probability-of-success, plan-to-IPS linkage, scenario analysis, tax-aware planning (QCD, tax-loss harvesting, withdrawal sequencing), Roth conversions, RMD management, SECURE 2.0 Act, Social Security optimization, IRMAA Medicare premiums, 529/donor-advised funds, risk capacity, longevity/sequence-of-returns risk, cash flow modeling by life phase, planning tools (eMoney, MoneyGuidePro, RightCapital), assumption synchronization."
PromptInjection
by danielmiessler
Prompt injection testing. USE WHEN prompt injection, jailbreak, LLM security, AI security assessment, pentest AI application, test chatbot vulnerabilities.
seo-audit
by seo-skills
Audit websites for SEO, technical, content, security, JS rendering, and AI readiness using SEOmator CLI. Returns LLM-optimized reports with health scores across 251 rules and 20 categories. Use when analyzing websites, debugging SEO issues, or checking site health.
warden-sweep
by getsentry
Full-repository code sweep. Scans every file with warden, verifies findings via deep tracing, creates draft PRs for validated issues. Use when asked to "sweep the repo", "scan everything", "find all bugs", "full codebase review", "batch code analysis", or run warden across the entire repository.
k8s-service-mesh
by rohitg00
Manage Istio service mesh for traffic management, security, and observability. Use for traffic shifting, canary releases, mTLS, and service mesh troubleshooting.
solidity-auditor
by pashov
Security audit of Solidity code while you develop. Trigger on "audit", "check this contract", "review for security". Modes - default (full repo) or a specific filename.
trustlayer-sybil-scanner
by BankrBot
Feedback forensics for ERC-8004 agents. Detects Sybil rings, fake reviews, rating manipulation, and reputation laundering across 20 chains. No API key needed.
security-review
by ReinaMacCredy
Deep security analysis delegated to the security-reviewer agent. Checks auth, injection, secrets, dependencies, and reports with severity ratings.
explicit-checker
by bitwize-music-studio
Scans lyrics for explicit content and verifies that explicit flags match actual content. Use before Suno generation or release to ensure accurate content ratings.
bloat-detector
by athola
'Detect codebase bloat through progressive analysis: dead code, duplication,
hooks-eval
by athola
'Use this skill BEFORE deploying hooks to production. Use when auditing
agent-teams-simplify-and-harden
by pskoett
"Implementation + audit loop using parallel agent teams with structured simplify, harden, and document passes. Spawns implementation agents to do the work, then audit agents to find complexity, security gaps, and spec deviations, then loops until code compiles cleanly, all tests pass, and auditors find zero issues or the loop cap is reached. Use when: implementing features from a spec or plan, hardening existing code, fixing a batch of issues, or any multi-file task that benefits from a build-verify-fix cycle."
planner-rt-ica
by Jamie-BitFlight
Identify required inputs, dependencies, and uncertainty during planning. Use when generating plans or task graphs under incomplete information. Does not block plan generation; instead localizes gaps and creates unblock dependencies.
blockchain-developer
by rmyndharis
Build production-ready Web3 applications, smart contracts, and
network
by markdown-viewer
Create network topology diagrams using PlantUML syntax with industry-standard device icons. Best for LAN/WAN diagrams, enterprise networks, cloud infrastructure, and vendor-specific diagrams (Cisco, Citrix, etc.). Uses mxgraph stencil icons for network devices with auto-layout. NOT for abstract dependency graphs (use graphviz) or simple flowcharts (use mermaid).
code-review
by accomplish-ai
Review code for bugs, security issues, performance problems, and best practices. Provide actionable feedback.
security
by markdown-viewer
Create security architecture diagrams using PlantUML syntax with identity, encryption, firewall, and compliance stencil icons. Best for IAM flows, zero-trust architectures, encryption pipelines, compliance auditing, and threat detection. NOT for general cloud infra (use cloud skill) or simple flowcharts (use mermaid).