Security
Security scanning and vulnerability detection
architecting-networks
by ancoleman
Design cloud network architectures with VPC patterns, subnet strategies, zero trust principles, and hybrid connectivity. Use when planning VPC topology, implementing multi-cloud networking, or establishing secure network segmentation for cloud workloads.
configuring-firewalls
by ancoleman
Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and bastion hosts. Use when exposing services, hardening servers, or implementing network segmentation with defense-in-depth strategies.
implementing-compliance
by ancoleman
Implement and maintain compliance with SOC 2, HIPAA, PCI-DSS, and GDPR using unified control mapping, policy-as-code enforcement, and automated evidence collection. Use when building systems requiring regulatory compliance, implementing security controls across multiple frameworks, or automating audit preparation.
code-review
by tao12345666333
Provides expert code review guidelines and best practices
audit
by howells
Comprehensive codebase audit with specialized reviewers. Generates actionable reports. Use when asked to "audit the codebase", "review code quality", "check for issues", "security review", or "performance audit". Accepts path scope like "apps/web". Reviewers run in batches of 2 by default to avoid resource exhaustion. Use --parallel to run all reviewers simultaneously (resource-intensive). Use --diff to scope audit to files changed vs main branch (or specify base: --diff develop). Use --docs for a focused JSDoc/documentation coverage audit. Use --copy for a focused UX writing/copy quality audit.
architecting-security
by ancoleman
Design comprehensive security architectures using defense-in-depth, zero trust principles, threat modeling (STRIDE, PASTA), and control frameworks (NIST CSF, CIS Controls, ISO 27001). Use when designing security for new systems, auditing existing architectures, or establishing security governance programs.
configuring-nginx
by ancoleman
Configure nginx for static sites, reverse proxying, load balancing, SSL/TLS termination, caching, and performance tuning. When setting up web servers, application proxies, or load balancers, this skill provides production-ready patterns with modern security best practices for TLS 1.3, rate limiting, and security headers.
implementing-service-mesh
by ancoleman
Implement production-ready service mesh deployments with Istio, Linkerd, or Cilium. Configure mTLS, authorization policies, traffic routing, and progressive delivery patterns for secure, observable microservices. Use when setting up service-to-service communication, implementing zero-trust security, or enabling canary deployments.
security-review
by joaquimscosta
Security-focused code review identifying high-confidence exploitable vulnerabilities with two-axis severity/confidence scoring, OWASP 2025 alignment, and false positive filtering. Use when user runs /security-review, /review:security-review, requests a "security review", "security audit", "vulnerability scan", or mentions "find vulnerabilities", "check for exploits".
security-review
by mhylle
Comprehensive security audit for code changes. Use this skill when implementing authentication, authorization, user input handling, API endpoints, secrets/credentials, payment features, or file uploads. Provides security checklists, vulnerability patterns, and remediation guidance. Integrates with implement-phase as a security quality gate.
launchdarkly-flag-discovery
by launchdarkly
"Audit your LaunchDarkly feature flags to understand the landscape, find stale or launched flags, and assess removal readiness. Use when the user asks about flag debt, stale flags, cleanup candidates, flag health, or wants to understand their flag inventory."
audit-deps
by helderberto
Check dependencies for vulnerabilities. Use when user asks to "audit dependencies", "/audit-deps", "check for vulnerabilities", or wants to check dependency health.
security-audit
by netresearch
"Use when conducting security assessments, CVSS scoring, or auditing PHP/TYPO3 projects against OWASP Top 10 and CWE Top 25."
update-changelog
by goncalossilva
"Update CHANGELOG.md following Keep a Changelog (https://keepachangelog.com/en/1.1.0/)"
devops-platform-patterns
by majesticlabs-dev
Platform-specific IaC checklists for DigitalOcean, Hetzner, AWS, and Cloudflare.
devops-plan
by majesticlabs-dev
Gather DevOps context for infrastructure planning. Detects IaC tools, providers, and recommends skills. Use when /majestic:plan detects infrastructure work.
infra-security-review
by majesticlabs-dev
Security patterns and checklists for reviewing Infrastructure-as-Code. Covers Terraform/OpenTofu state, secrets, network, compute, database, and storage security.
aws-cost-operations
by leegonzales
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
quality-assurance
by JochenYang
Comprehensive code quality assurance covering code review, testing strategies, and security auditing. Identifies bugs, vulnerabilities, performance issues, and maintainability problems. Implements unit/integration/E2E testing and provides actionable recommendations following OWASP and industry best practices.
skills-audit
by JochenYang
List all installed skills with line counts and analyze for improvement opportunities. Use when user wants to review, optimize, or clean up their skill collection.
solana-security
by tenequm
Audit Solana programs (Anchor or native Rust) for security vulnerabilities. Use when reviewing smart contract security, finding exploits, analyzing attack vectors, performing security assessments, or when explicitly asked to audit, review security, check for bugs, or find vulnerabilities in Solana programs.
aws-ec2-setup
by aj-geddes
Launch and configure EC2 instances with security groups, IAM roles, key pairs, AMIs, and auto-scaling. Use for virtual servers and managed infrastructure.
bash-scripting
by Mindrally
Bash scripting guidelines covering security, portability, error handling, and automation best practices for DevOps.
plan
by Terryc21
Epic decomposition into trackable, right-sized tasks. Audit-aware mode ingests codebase-audit/tech-reportcard reports. Standalone mode plans features, bugs, and refactors from scratch.