Security
Security scanning and vulnerability detection
strategic-planning
by ognjengt
Analyzes the founder's business context to deliver the 3 highest-impact next moves for growth (marketing or sales). Asks up to 10 diagnostic questions when needed to uncover bottlenecks, struggles, and opportunities. Use when user needs strategic guidance, next steps, growth planning, or actionable business strategy.
security-patterns
by 0xDarkMatter
"Security patterns and OWASP guidelines. Triggers on: security review, OWASP, XSS, SQL injection, CSRF, authentication, authorization, secrets management, input validation, secure coding."
skill-improver
by atrislabs
Audit and improve Claude skills against the Anthropic skill guide. Use when creating new skills, improving existing ones, or preparing skills for ClawHub distribution. Triggers on skill audit, improve skill, new skill, skill quality, or ClawHub publish.
fifteen-factor-app
by henkisdabro
The Fifteen-Factor App methodology for modern cloud-native SaaS applications. This skill should be automatically invoked when planning SaaS tools, product software architecture, microservices design, PRPs/PRDs, or cloud-native application development. Extends the original Twelve-Factor App principles with three additional factors (API First, Telemetry, Security). Trigger keywords include "fifteen factor", "12 factor", "SaaS architecture", "cloud-native design", "application architecture", "microservices best practices", or when in a planning/architecture session.
anti-reversing-techniques
by benjaminasterA
"Understand anti-reversing, obfuscation, and protection techniques encountered during software analysis. Use when analyzing protected binaries, bypassing anti-debugging for authorized analysis, or u..."
ai-discoverability-audit
by BrianRWagner
Audit how a brand appears in AI-powered search (ChatGPT, Perplexity, Claude, Gemini). Use when user mentions "AI search," "how do I show up in ChatGPT," "AI discoverability," "AEO," "LLM visibility," or wants to understand their brand's AI presence.
homepage-audit
by BrianRWagner
Quick conversion audit for any homepage or landing page. Use when someone asks to "review my homepage," "audit my landing page," "why isn't my page converting," "check my website," "improve my homepage," or wants feedback on their marketing page.
Security Code Review
by kousen
Identify security vulnerabilities and suggest secure coding practices
health
by terrylica
"Cal.com Commander health check across all subsystems. TRIGGERS - calcom health, calendar bot status, cal.com diagnostics, booking bot check."
ecosystem-health
by melodic-software
Analyzes Claude Code ecosystem health by tracking all 27 extensibility components across 6 tiers - including plugin components, core configuration, environment/CLI, authentication, session features, and integrations. Use when checking if Claude Code components are up-to-date, orchestrating audits efficiently, tracking documentation coverage, applying updates from new Claude Code versions, or getting an overview of ecosystem component staleness.
hld-reviewer
by TestAny-io
HLD review, High-Level Design review, 技术方案评审。Use when: HLD 完成后、进入 LLD/实现前需要审查技术设计、检测 PRD→HLD 漂移。
what-not-to-do-as-product-manager
by flpbalada
Anti-patterns and mistakes to avoid as a product manager. Use when evaluating
trust-psychology
by flpbalada
Build trust signals that reduce perceived risk and enable user action. Use
secure
by whawkinsiv
"Use this skill when the user needs to secure their SaaS app, implement authentication, protect user data, secure APIs, or check for vulnerabilities. Covers OWASP Top 10, auth best practices, data protection, and security checklists for apps built with AI tools."
mem-weekly
by zephyrwang6
AI个人记忆系统的周复盘功能。分析本周L1情境层记录,识别重复模式,提炼到L2行为层。使用场景:(1) 用户说"周复盘"时;(2) 每周定期回顾时;(3) 需要从日常记录中提炼行为模式时。该skill会自动统计重复出现的行为(3次+),生成候选列表,等待用户确认后更新L2行为层。
oh-distributed-security-design-review
by openharmonyinsight
OpenHarmony分布式系统安全代码检视专用技能。当用户要求"检视代码安全实现"、"代码安全审查"、"安全代码review"或类似的分布式系统代码安全检视请求时触发。此技能提供18条OpenHarmony分布式业务安全设计规则的详细检视指导,涵盖授权控制、状态机、数据传输、权限管理、可信关系等安全领域。使用此技能可在通用网络安全规则基础上,针对OpenHarmony分布式系统进行专项安全检视。
ai-generated-business-code-review
by openharmonyinsight
Use when reviewing or scoring AI-generated business/application code quality in any language, especially when a numeric score, risk level, or must-fix checklist is requested, or when C++ code must comply with OpenHarmony C++ and security standards
smart-contract-security-review
by scalus3
Security review for Scalus/Cardano smart contracts. Analyzes @Compile annotated validators for vulnerabilities like redirect attacks, inexact value validation, missing token verification, integer overflow, and self-dealing. Use when reviewing on-chain code, before deploying validators, or when /security-review is invoked. Requires explicit path argument.
capacitor-security
by Cap-go
Comprehensive security guide for Capacitor apps using Capsec scanner. Covers 63+ security rules across secrets, storage, network, authentication, cryptography, and platform-specific vulnerabilities. Use this skill when users need to secure their mobile app or run security audits.
openai-security-ownership-map
by trailofbits
'Analyze git repositories to build a security ownership topology (people-to-file), compute
cloud-storage-web
by TencentCloudBase
Complete guide for CloudBase cloud storage using Web SDK (@cloudbase/js-sdk) - upload, download, temporary URLs, file management, and best practices.
security-flutter
by TheBeardedBearSAS
Flutter Security. Use when reviewing security, implementing auth, or hardening code.
AWS Penetration Testing
by hainamchung
This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessment.
security-review
by LangConfig
"Comprehensive security code review covering OWASP Top 10, authentication, authorization, and secure coding practices. Use when reviewing code for vulnerabilities or implementing security features."