Security
Security scanning and vulnerability detection
multiversx-dapp-audit
by multiversx
Audit frontend dApp components for security vulnerabilities in wallet integration and transaction handling. Use when reviewing React/TypeScript dApps using sdk-dapp, or assessing client-side security.
networking-management
by acedergren
Use when designing OCI networks, troubleshooting connectivity, optimizing egress costs, or configuring VCN security. Covers Service Gateway cost savings, VCN CIDR immutability, Security List vs NSG tradeoffs, VCN peering limitations, and Load Balancer subnet requirements.
best-practice-search
by cklxx
搜索并提炼业界/开源最佳实践的 SOP,强调可信来源、适用边界与可执行建议。
artifacts
by kcns008
Artifact Agent (Cache) — handles container registry management, artifact promotion between environments, vulnerability scanning (Trivy/Grype), SBOM generation (Syft), image signing (Cosign), retention policies, and CI/CD integration for Kubernetes and OpenShift supply chain security.
saas-security
by vitormiziara
Comprehensive SaaS security skill covering code auditing, checklist generation, and vulnerability reporting. TRIGGER this skill whenever the user asks to: audit code for security issues, review a codebase for vulnerabilities, generate a security checklist, check for OWASP compliance, review authentication or authorization logic, check for injection risks, race conditions, or insecure configurations, or asks anything related to SaaS security hardening. Also trigger proactively when the user shares code and asks for a review — always include a security perspective using this skill.
best-practices
by acedergren
Use when architecting OCI solutions, migrating from AWS/Azure, designing multi-AD deployments, or avoiding common OCI anti-patterns. Covers VCN sizing mistakes, Cloud Guard gotchas, free tier specifics, OCI terminology confusion, and multi-AD patterns.
multiversx-project-culture
by multiversx
Assess codebase quality and maturity based on documentation, testing practices, and code hygiene indicators. Use when evaluating project reliability, estimating audit effort, or onboarding to new codebases.
terraform-best-practices
by terramate-io
Terraform and Infrastructure as Code optimization guidelines from Terramate. This skill should be used when writing, reviewing, or refactoring Terraform/OpenTofu code to ensure optimal patterns for security, maintainability, and reliability. Triggers on tasks involving Terraform modules, infrastructure provisioning, state management, or IaC optimization.
📦 Dependency Management
by ShunsukeHayashi
Miyabi Plugins for Claude Code - 25+ Agents, 22 Skills, 50+ Commands
🏷️ Issue Analysis with Label Inference
by ShunsukeHayashi
Miyabi Plugins for Claude Code - 25+ Agents, 22 Skills, 50+ Commands
Hacking Fundamentals
by zebbern
This skill should be used when the user asks to "understand hacking basics", "learn about hacker types", "understand network protocols", "learn DNS concepts", "understand attack types", or "explore security tool categories". It provides foundational cybersecurity knowledge.
Session Security Testing
by zebbern
```
📦 Dependency Management
by ShunsukeHayashi
Miyabi Plugins for Claude Code - 25+ Agents, 22 Skills, 50+ Commands
Burp Suite Web Application Testing
by zebbern
This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.
Network Ports Reference
by zebbern
The assistant provides comprehensive network port and protocol reference information for security assessments and penetration testing. Activate when users ask about "port numbers," "common ports," "service ports," "TCP/UDP ports," "what runs on port X," or "protocol identification."
External Network Penetration Testing
by zebbern
This skill should be used when the user asks to "perform external pentesting", "conduct external network assessment", "enumerate external attack surface", "perform OSINT reconnaissance", or "test perimeter security". It provides comprehensive external network penetration testing methodologies.
Networking Essentials
by zebbern
The assistant provides comprehensive networking fundamentals including OSI model, TCP/IP, cabling, VLAN configuration, and Cisco router/switch commands. Activate when users ask about "network basics," "OSI model," "TCP/IP addressing," "subnetting," "VLAN configuration," "Cisco commands," or "network infrastructure."
🔐 Security Audit and Vulnerability Scanning
by ShunsukeHayashi
Miyabi Plugins for Claude Code - 25+ Agents, 22 Skills, 50+ Commands
Pentest Checklist
by zebbern
The assistant provides a structured penetration testing checklist covering scope definition, environment preparation, monitoring, and remediation. Activate when users ask about "pentest planning," "security assessment checklist," "penetration test preparation," "pentest scope," or "security testing best practices."
Ethical Hacking Methodology
by zebbern
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.
JWT Security Testing
by zebbern
This skill should be used when the user asks to "test JWT security", "hack JWT tokens", "bypass JWT authentication", "crack JWT secrets", or "exploit JWT vulnerabilities". It provides comprehensive JSON Web Token attack techniques and security assessment methodologies.
SQL Injection Testing
by zebbern
This skill should be used when the user asks to "test for SQL injection vulnerabilities", "perform SQLi attacks", "bypass authentication using SQL injection", "extract database information through injection", "detect SQL injection flaws", or "exploit database query vulnerabilities". It provides comprehensive techniques for identifying, exploiting, and understanding SQL injection attack vectors across different database systems.
SSH Penetration Testing
by zebbern
This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
Top 100 Web Vulnerabilities Reference
by zebbern
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability definitions, root causes, impacts, and mitigation strategies across all major web security categories.