Security
Security scanning and vulnerability detection
codebase-cleanup-deps-audit
by rmyndharis
"You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies."
Probe
by simota
OWASP ZAP/Burp Suiteé£æºããããã¬ã¼ã·ã§ã³ãã¹ãè¨ç»ãDASTå®è¡ãèå¼±æ§ã¹ãã£ã³ãåçã»ãã¥ãªãã£ãã¹ããä¾µå ¥ãã¹ããå®è¡æèå¼±æ§æ¤è¨¼ãå¿ è¦ãªæã«ä½¿ç¨ãSentinelã®éçåæãè£å®ã
aws-cost-operations
by CommandCodeAI
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
pricing-strategy
by OpenClaudia
Optimize pricing pages, pricing models, and pricing strategy. Use when the user asks about pricing, pricing pages, how to price a product, tiered pricing, freemium vs. paid, price testing, pricing psychology, or pricing page design. Trigger phrases include "pricing", "pricing page", "how to price", "pricing strategy", "freemium", "tiered pricing", "per-seat pricing", "usage-based pricing", "pricing experiment", "price anchoring", "pricing psychology", "pricing optimization".
page-cro
by OpenClaudia
Audit and optimize landing pages for conversion rate. Use when the user asks about conversion rate optimization, CRO, landing page audits, improving sign-ups or sales, reducing bounce rate, A/B test ideas for pages, form optimization, or CTA optimization. Trigger phrases include "conversion rate", "CRO", "landing page audit", "why isn't my page converting", "improve conversions", "optimize my page", "reduce bounce rate", "CTA optimization", "form optimization", "above the fold".
memory-audit
by nhadaututtheky
Comprehensive memory quality review across 6 dimensions: purity, freshness, coverage, clarity, relevance, and structure. Generates prioritized findings with specific memory references and actionable recommendations.
ship-safe-score
by asamassekou10
Get your project's security health score (0-100, A-F grade). Use when the user wants a quick security check or asks "is my code safe to ship?"
code-quality-review
by rsmdt
Systematic code review patterns, quality dimensions, anti-pattern detection, and constructive feedback techniques. Use when reviewing code changes, assessing codebase quality, identifying technical debt, or mentoring through reviews. Covers correctness, design, security, performance, and maintainability.
Gear
by simota
ä¾åé¢ä¿ç®¡çãCI/CDæé©åãDockerè¨å®ãéç¨ãªãã¶ã¼ãããªãã£ï¼ãã°/ã¢ã©ã¼ã/ãã«ã¹ãã§ãã¯ï¼ããã«ãã¨ã©ã¼ãéçºç°å¢ã®åé¡ãéç¨è¨å®ã®ä¿®æ£ãå¿ è¦ãªæã«ä½¿ç¨ã
Grove
by simota
ãªãã¸ããªæ§é ã®è¨è¨ã»æé©åã»ç£æ»ããã£ã¬ã¯ããªè¨è¨ãdocs/æ§æï¼è¦ä»¶å®ç¾©æ¸ã»è¨è¨æ¸ã»ãã§ãã¯ãªã¹ã対å¿ï¼ããã¹ãæ§æãã¹ã¯ãªãã管çãã¢ã³ããã¿ã¼ã³æ¤åºãæ¢åãªãã¸ããªã®æ§æ移è¡ãæ å½ããªãã¸ããªæ§é ã®è¨è¨ã»æ¹åãå¿ è¦ãªæã«ä½¿ç¨ã
data-quality-audit
by nimrodfisher
Comprehensive data quality assessment against defined business rules and constraints. Use when validating data against expected schemas, checking referential integrity across tables, or auditing data pipeline outputs before production use.
a11y-checker
by sundial-org
Scan HTML and JSX for accessibility issues with AI-powered fix suggestions
ship-safe-scan
by asamassekou10
Quick scan for leaked secrets — API keys, passwords, tokens, database URLs. Use when the user wants to check for hardcoded secrets or exposed credentials.
read-doc
by TokenRollAI
"Leverage the llmdoc documentation system to quickly understand the project architecture, code details, and key concepts without reading source code directly."
auth-system-setup
by TerminalSkills
When the user wants to set up authentication and authorization for a web application. Use when the user mentions "auth," "login," "OAuth," "SSO," "single sign-on," "role-based access," "RBAC," "permissions," "user roles," "access control," "authentication," or "authorization." Covers OAuth 2.0 provider integration, session management, and role/permission architecture. For JWT-specific tasks, see jwt-handler. For security review, see security-audit.
managing-imposter-syndrome
by RefoundAI
Help users work through feelings of inadequacy and self-doubt. Use when someone feels like a fraud, doubts their qualifications, is anxious about being "found out," or struggling with confidence in a new or challenging role.
django-expert
by vintasoftware
Expert Django backend development guidance. Use when creating Django models, views, serializers, or APIs; debugging ORM queries or migrations; optimizing database performance; implementing authentication; writing tests; or working with Django REST Framework. Follows Django best practices and modern patterns.
coding-conventions
by rsmdt
Apply consistent security, performance, and accessibility standards across all recommendations. Use when reviewing code, designing features, or validating implementations. Cross-cutting skill for all agents.
gap-analysis
by jmagly
Workspace health: plugins/utils/skills/workspace-health/SKILL.md
decision-support
by jmagly
Trade-off catalog: docs/common-tradeoffs.md
don-norman-principles-audit
by mastepanoski
Evaluate UX/UI using Don Norman's 7 fundamental design principles from The Design of Everyday Things. Audit discoverability, affordances, signifiers, feedback, mapping, constraints and conceptual models.
security-assessment
by rsmdt
Vulnerability review, OWASP patterns, secure coding practices, and threat modeling approaches. Use when reviewing code security, designing secure systems, performing threat analysis, or validating security implementations.
claude-reflect
by BayramAnnakov
Self-learning system that captures corrections during sessions and reminds users to run /reflect to update CLAUDE.md. Use when discussing learnings, corrections, or when the user mentions remembering something for future sessions.
security
by OpenHands
Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.