Security
Security scanning and vulnerability detection
solo-audit
by fortunto2
Health check knowledge base for broken links, missing frontmatter, tag inconsistencies, and coverage gaps. Use when user says "audit KB", "check frontmatter", "find broken links", "tag cleanup", or "knowledge base quality". Do NOT use for SEO audits (use /seo-audit) or code reviews.
kali-tools
by tzf1003
Comprehensive reference for Kali Linux tools. Use this skill to find, understand, and use security tools in Kali Linux. It provides a categorized index of all available tools.
quality-auditor
by daffy0208
Comprehensive quality auditing and evaluation of tools, frameworks, and systems against industry best practices with detailed scoring across 12 critical dimensions
Framework Orchestrator
by daffy0208
Meta-skill that coordinates all frameworks and skills throughout the project lifecycle, providing intelligent sequencing based on project patterns
multithread-outreach
by Salesably
Creates role-specific messages for multiple stakeholders in a deal. Use this skill when engaging additional contacts, following up with people who weren't on calls, or executing account-based selling strategies.
agent-team-review
by damianpapadopoulos
Multi-perspective parallel code review with specialist reviewers for security, quality, and spec compliance.
adversarial-code-review
by third774
Review code through hostile perspectives to find bugs, security issues, and unintended consequences the author missed. Use when reviewing PRs, auditing codebases, or before critical deployments.
writing-for-humans
by bnadlerjr
Post-processing rewrite skill that transforms dense LLM-generated documentation into scannable, concise, human-readable text. Covers vocabulary tics, structural anti-patterns, BLUF rewriting, and word-level editing. Use when other skills need to produce user-facing prose: READMEs, guides, tutorials, or commit messages. Loaded by other skills as a post-processing step — not a standalone command.
consistency-auditor
by dangeles
Use when parameter values appear in multiple documents and consistency must be verified, especially for quantitative values that may differ due to measurement context or require reconciliation
audit-context-building
by lv416e
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
security-engineering
by mujez
Application security and infrastructure security expert. Use when reviewing code for vulnerabilities, implementing authentication/authorization, securing APIs, hardening infrastructure, threat modeling, implementing encryption, or conducting security audits. Covers OWASP Top 10, secure coding, DevSecOps, and compliance.
security-scan
by ProxiBlue
Comprehensive Magento 2 security scanning skill that checks for vulnerabilities, misconfigurations, outdated dependencies, security patches, and compliance with security best practices.
standard-security-auth
by salavender
Security & Authentication Specialist - Expert in JWT, cookie-based auth, MFA, and generic security patterns
technical-debt-manager-php-laravel
by LaravelDaily
Expert technical debt analyst for PHP/Laravel code health, maintainability, and strategic refactoring planning. Use PROACTIVELY when a Laravel codebase shows complexity growth, when planning sprints, or when prioritizing engineering work.
code-review
by salavender
Systematic multi-perspective code review with consistent quality gates.
aws_architect
by vuralserhat86
Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
deps_npm
by vuralserhat86
npm/yarn dependency management, package.json best practices ve version control.
ideaverse-maintenance
by mrfelton
Keep Ideaverse vaults healthy through audits, diagnostics, and maintenance workflows. Use when running vault diagnostics, detecting link rot, identifying orphan notes, finding MOC bloat, suggesting archival candidates, validating frontmatter, or generating vault health reports. Triggers on requests like "audit my vault", "find broken links", "check vault health", "what needs archiving", "find orphan notes", or "run maintenance".
security-audit-owasp-top-10
by WalletConnect
"Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling."
github-dependabot-report
by WalletConnect
Generates a Dependabot security alerts report for walletconnect, reown-com, and walletconnectfoundation GitHub orgs. Groups alerts by team ownership (GitHub topics). Use when reviewing security posture, preparing for security reviews, or tracking vulnerability remediation.
operational-readiness
by WalletConnect
Operational Readiness Checklist for Reown services. Use when service owners ask to: check production readiness, validate a service before launch, run operational readiness review, audit service compliance, check if service is ready for production, or validate infrastructure/security posture. Triggers: "operational readiness", "production readiness", "launch checklist", "service review", "pre-launch audit", "ORC", "is my service ready", "check my service", "readiness review"
role-architect:threat-modeling
by rnavarych
Threat modeling expertise including STRIDE methodology, attack trees, trust boundary identification, data flow analysis, risk assessment, mitigation prioritization, and security architecture review.
gc-review-security
by dougkeefe
"Use when reviewing code changes for Protected B security compliance. Triggers: security review, ITSG-33 compliance, GoC security, Protected B data handling, access control review, PII protection check, or requests to audit security-sensitive code."
role-aqa:security-testing
by rnavarych
Security test automation with OWASP ZAP (active/passive scanning), Burp Suite, SAST (SonarQube, CodeQL), DAST, dependency scanning (Snyk, Dependabot, npm audit), penetration test planning, vulnerability management, and threat modeling integration. Use when implementing security testing or evaluating application security posture.