Security

Security scanning and vulnerability detection

Showing 1369-1392 of 2223 skills
89jobrien

security-audit

by 89jobrien

Security auditing and vulnerability assessment specialist. Use when conducting

Code Review 4 5mo ago
igbuend

jwt-misuse-anti-pattern

by igbuend

"Security anti-pattern for JWT misuse vulnerabilities (CWE-287). Use when generating or reviewing code that creates, validates, or uses JSON Web Tokens. Detects 'none' algorithm attacks, weak secrets, sensitive data in payloads, and missing expiration."

Auth 4 3mo ago
igbuend

encrypted-tunnel-pattern

by igbuend

Security pattern for channel-level encryption (TLS/SSH). Use when implementing HTTPS, securing all communication between endpoints, setting up TLS connections, or when infrastructure should handle encryption transparently. Addresses "Leak action request or data in transit" problem.

Processing 4 3mo ago
mgiovani

review-security

by mgiovani

Perform comprehensive security review targeting OWASP Top 10 2025 vulnerabilities

Agents 4 3mo ago
igbuend

hallucinated-packages-anti-pattern

by igbuend

"Security anti-pattern for hallucinated (non-existent) packages (CWE-1357). Use when generating or reviewing AI-assisted code that imports packages, dependencies, or libraries. CRITICAL AI-specific vulnerability with 5-21% hallucination rate. Detects dependency confusion and slopsquatting risks."

Embeddings 4 3mo ago
richfrem

audit-plugin

by richfrem

Audits a local plugin directory to ensure it perfectly matches the Agent Skills and Claude Plugin Open Standards.

Agents 4 3mo ago
89jobrien

dependency-management

by 89jobrien

Dependency management specialist. Use when updating dependencies, scanning

Code Review 4 5mo ago
igbuend

authentication-pattern

by igbuend

Security pattern for implementing authentication in software systems. Use when designing or reviewing authentication mechanisms, implementing login systems, verifying user identity, protecting system access, or addressing OWASP authentication flaws. Provides guidance on enforcers, verifiers, evidence providers, subject registration, credential management, and security considerations.

Auth 4 3mo ago
krishagel

seven-advisors

by krishagel

Seven Advisors decision council - structured multi-perspective deliberation for important decisions. Use when facing complex choices, strategic decisions, or when you need to think through a problem from multiple angles.

Code Review 4 4mo ago
89jobrien

code-review

by 89jobrien

Expert code review specialist for quality, security, and maintainability.

Code Review 4 5mo ago
mgiovani

review-deps

by mgiovani

Audit project dependencies for vulnerabilities, license compliance risks,

Code Review 4 3mo ago
igbuend

digital-signature-pattern

by igbuend

Security pattern for implementing digital signatures. Use when implementing document signing, code signing, certificate signing, non-repudiation, or verifying authenticity and integrity of messages using asymmetric cryptography (RSA, ECDSA, Ed25519).

Auth 4 3mo ago
hairyf

avail

by hairyf

Avail Node—run chains, Kate RPC for data availability, block authoring, and runtime APIs for DA tooling.

Processing 4 3mo ago
igbuend

codeql

by igbuend

Run CodeQL static analysis for security vulnerability detection, taint tracking, and data flow analysis. Use when asked to scan code with CodeQL, write QL queries, perform deep interprocedural analysis, or integrate with GitHub Advanced Security.

Database 4 3mo ago
igbuend

data-validation-pattern

by igbuend

Security pattern for input validation and sanitization. Use when implementing input handling, preventing injection attacks (SQL, XSS, command), ensuring data integrity, or processing data from untrusted sources. Addresses "Entity provides unexpected data" problem.

Processing 4 3mo ago
igbuend

command-injection-anti-pattern

by igbuend

"Security anti-pattern for OS Command Injection vulnerabilities (CWE-78). Use when generating or reviewing code that executes shell commands, runs system processes, or handles user input in command-line operations. Detects shell string concatenation and recommends argument arrays."

CLI Tools 4 3mo ago
igbuend

mass-assignment-anti-pattern

by igbuend

"Security anti-pattern for mass assignment vulnerabilities (CWE-915). Use when generating or reviewing code that creates or updates objects from user input, form handling, or API request processing. Detects uncontrolled property binding enabling privilege escalation."

API Dev 4 3mo ago
igbuend

codebase-discovery

by igbuend

Generate security-focused DISCOVERY.md for code review and threat modeling. Use when assessing unfamiliar codebases.

Auth 4 4mo ago
igbuend

attack-surface-xss

by igbuend

Reconnaissance skill for XSS attack surface — analyzes headers, frameworks, JS libraries, and DOM patterns at a URL to map what makes XSS possible or harder. For ethical hackers preparing for XSS testing.

Automation 4 3mo ago
89jobrien

claude-hooks

by 89jobrien

Claude Code hooks configuration specialist. Use when creating hooks for

Prompts 4 5mo ago
richfrem

audit-plugin-l5

by richfrem

Triggers the L5 Red Team Sub-Agent to rigorously audit a plugin against the 39-point L4 pattern matrix.

Agents 4 3mo ago
igbuend

insecure-temp-files-anti-pattern

by igbuend

"Security anti-pattern for insecure temporary files (CWE-377). Use when generating or reviewing code that creates temporary files, handles file caching, or processes uploads through temp storage. Detects predictable paths, insecure permissions, and missing cleanup."

Processing 4 3mo ago
89jobrien

cloud-infrastructure

by 89jobrien

Cloud infrastructure design and deployment patterns for AWS, Azure, and

Cloud 4 5mo ago
igbuend

insecure-defaults-anti-pattern

by igbuend

Security anti-pattern for fail-open defaults (CWE-1188). Use when reviewing code that uses fallback values for secrets, credentials, or security settings. Detects applications that run with weak defaults when configuration is missing.

Auth 4 3mo ago