Security

audit

by chaterm

安全审计

Auth Specialist

by omer-metin

coder-system-design-external-api

by OzeroHAX

Reliable and secure external API integration patterns for production-grade services.

testing-security

by OzeroHAX

Basic security testing (OWASP, auth, data exposure)

planning-risk-assessment

by OzeroHAX

Risk assessment: likelihood/impact, mitigations, residual risk

planning-requirements-extraction

by OzeroHAX

Extract requirements from a request: behavior, AC, constraints; for bugs - repro

workflow-orchestrator

by ScientiaCapital

"Project workflow system - cost tracking, parallel execution, security gates, agent orchestration. Use when: start day, begin session, status check, new feature, build, implement, end day, wrap up, debug, investigate, research, evaluate."

pubnub-security

by pubnub

Secure PubNub applications with Access Manager, encryption, and TLS

discover-ebpf

by rand

Automatically discover eBPF and kernel skills when working with eBPF, kernel tracing, XDP, kprobes, BPF, Linux kernel, or network filtering. Activates for eBPF development tasks.

compliance-audit

by NickCrew

Regulatory compliance auditing across GDPR, HIPAA, PCI DSS, SOC 2, and ISO frameworks with automated evidence collection and gap analysis. Use when conducting compliance assessments, preparing for certifications, or implementing regulatory controls.

kubernetes-security-policies

by NickCrew

Kubernetes security policies, RBAC, and Pod Security Standards for hardened cluster deployments. Use when implementing cluster security, defining network policies, or enforcing security compliance in Kubernetes environments.

blogwatcher

by malue-ai

Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI.

non-repudiation-privacy

by florianbuetow

This skill should be used when the user asks to "check for non-repudiation privacy risks", "analyze excessive audit logging", "find privacy issues related to accountability", "check for forced identity linking", or mentions "non-repudiation" in a privacy context. Maps to LINDDUN category N. This is the INVERSE of STRIDE repudiation -- here too much proof is the threat.

harden

by florianbuetow

This skill should be used when the user asks to "harden code", "security hardening", "improve security posture", "add security headers", "tighten security", "defensive coding suggestions", or "proactive security improvements". Also triggers when the user asks about CSP, CORS hardening, rate limiting, input validation improvements, security logging, or defense-in-depth measures.

pasta-attack-sim

by florianbuetow

This skill should be used when the user asks to "simulate attacks", "build attack trees", "model exploit chains", "score exploitability", or is running PASTA stage 6. Also triggers when the user asks about attack scenarios, red team simulation, DREAD scoring, or detection gap analysis in a threat modeling context. Part of the PASTA threat modeling methodology (Stage 6 of 7).

learn

by florianbuetow

This skill should be used when the user asks to "learn about security", "teach me OWASP", "security tutorial", "learn threat modeling", or invokes /appsec:learn. Interactive guided walkthrough using your codebase as teaching material.

outdated-deps

by florianbuetow

This skill should be used when the user asks to "check for vulnerable dependencies", "audit dependencies", "find outdated packages", "scan for CVEs", "check for typosquatting", or mentions "vulnerable components", "outdated dependencies", or "supply chain" in a security context. Maps to OWASP Top 10 2021 A06: Vulnerable and Outdated Components.

fix

by florianbuetow

This skill should be used when the user asks to "fix security finding", "fix vulnerability", "generate security fix", "appsec fix", "patch vulnerability", "remediate finding", or "apply security patch". Also triggers when the user references a finding ID (e.g., INJ-001) and asks for a fix, or points to a file:line and asks to fix the security issue there.

integrity

by florianbuetow

This skill should be used when the user asks to "check for integrity issues", "analyze deserialization", "find supply chain vulnerabilities", "review CI/CD security", "check SRI", or mentions "deserialization", "integrity", "pipeline security", "code signing", or "supply chain" in a security context. Maps to OWASP Top 10 2021 A08: Software and Data Integrity Failures.

logging

by florianbuetow

This skill should be used when the user asks to "check for logging issues", "analyze security logging", "find missing audit logs", "check for log injection", "audit monitoring configuration", or mentions "logging", "audit trail", "log injection", "monitoring", or "alerting" in a security context. Maps to OWASP Top 10 2021 A09: Security Logging and Monitoring Failures.

repudiation

by florianbuetow

This skill should be used when the user asks to "check for repudiation", "analyze audit logging", "find logging gaps", or mentions "repudiation" or "non-repudiation" in a security context. Maps to STRIDE category R.

config

by florianbuetow

This skill should be used when the user asks to "configure security", "appsec settings", "security preferences", or invokes /appsec:config. Manages security tool preferences and thresholds.

dev.can-make-public

by kevinslin

Scan a repository and its git history for secrets, credentials, private keys, internal URLs, PII, and other sensitive artifacts before making it public. Use when a user asks if a repo is safe to open-source, requests a pre-publication audit, or wants to sanitize a repo for public release.

business-logic

by florianbuetow

This skill should be used when the user asks to "check business logic security", "find logic flaws", "audit workflow security", "check for coupon abuse", "detect negative amount exploits", "analyze state machine security", or mentions "business logic", "workflow bypass", "negative amount", "coupon abuse", "self-referral", "state manipulation", or "time-based exploit" in a security context.