Security
Security scanning and vulnerability detection
missing-authentication-anti-pattern
by igbuend
"Security anti-pattern for missing or broken authentication (CWE-287). Use when generating or reviewing code for login systems, API endpoints, protected routes, or access control. Detects unprotected endpoints, weak password policies, and missing rate limiting on authentication."
mutation-xss-anti-pattern
by igbuend
"Security anti-pattern for mutation XSS (mXSS) vulnerabilities (CWE-79 variant). Use when generating or reviewing code that sanitizes HTML content, handles user-provided markup, or processes rich text. Detects sanitizer bypass through browser parsing mutations."
missing-input-validation-anti-pattern
by igbuend
"Security anti-pattern for missing input validation (CWE-20). Use when generating or reviewing code that processes user input, form data, API parameters, or external data. Detects client-only validation, missing type checks, and absent length limits. Foundation vulnerability enabling most attack classes."
missing-rate-limiting-anti-pattern
by igbuend
"Security anti-pattern for missing rate limiting (CWE-770). Use when generating or reviewing API endpoints, authentication systems, or public-facing services. Detects absence of request throttling enabling brute force, credential stuffing, and DoS attacks."
log-entity-actions-pattern
by igbuend
Security pattern for implementing security logging and audit trails. Use when designing logging systems for security events, implementing non-repudiation, creating audit trails, or addressing security monitoring and incident response needs. Addresses "Entity repudiates action request" problem.
brainstorm
by luan
"Collaborative design for greenfield features and new ideas. Triggers: 'brainstorm', 'ideate', 'new feature design', 'help me think through', 'what should we build', 'help me design', 'think through X with me', 'I want to build something new'. Do NOT use when: the user wants to investigate an existing codebase or research a specific technical question — use /scope instead."
ldap-injection-anti-pattern
by igbuend
"Security anti-pattern for LDAP injection vulnerabilities (CWE-90). Use when generating or reviewing code that constructs LDAP filters, queries directory services, or handles user input in LDAP operations. Detects unescaped special characters in LDAP filters."
red-team-review
by richfrem
"(Industry standard: Review and Critique Pattern) Primary Use Case: Iterative generation paired with adversarial review, continuing until an 'Approved' verdict is reached. Orchestrated adversarial review loop. Use when: research, designs, architectures, or decisions need to be reviewed by red team agents (human, browser, or CLI). Iterates in rounds of research → bundle → review → feedback until approved."
oracle-dba
by acedergren
"Oracle DBA and DevOps expertise for Autonomous Database (ADB) on OCI. This skill should be used when managing Oracle Autonomous Databases, writing optimized SQL/PLSQL, configuring security (TDE, Database Vault, Data Safe), implementing HA/DR (Data Guard, PITR), using OCI CLI for database operations, or integrating with Oracle MCP servers for AI-assisted database management. Covers Oracle Database versions 19c, 21c, 23ai, and 26ai."
insufficient-randomness-anti-pattern
by igbuend
"Security anti-pattern for insufficient randomness vulnerabilities (CWE-330). Use when generating or reviewing code that creates security tokens, session IDs, encryption keys, nonces, or any security-critical random values. Detects use of Math.random() or predictable seeds."
message-authentication-code-pattern
by igbuend
Security pattern for implementing Message Authentication Codes (MACs) to ensure data integrity and origin authentication. Use when implementing HMAC, CMAC, or other MAC algorithms, verifying message integrity, authenticating message origin with shared secrets, or when non-repudiation is NOT required. Specialization of Cryptographic action pattern.
application-inspector
by igbuend
Run Microsoft Application Inspector for technology profiling and security feature detection. Use when analyzing technology stack, finding crypto/auth patterns, detecting sensitive API usage, or creating security posture reports.
cryptographic-action-pattern
by igbuend
Base security pattern for integrating cryptographic primitives into software systems. Use when implementing encryption, digital signatures, MACs, or any cryptographic operations. Provides guidance on library selection, key usage, configuration protection, and designing for cryptographic agility. Foundation pattern for Encryption, Digital signature, and MAC patterns.
cryptographic-key-management-pattern
by igbuend
Security pattern for managing cryptographic keys throughout their lifecycle. Use when integrating cryptography requiring key generation, storage, distribution, or usage. Provides guidance on key confidentiality, integrity, configuration protection, and key information handling. Foundation for Cryptography as a service and Self-managed cryptography patterns.
dom-clobbering-anti-pattern
by igbuend
"Security anti-pattern for DOM Clobbering vulnerabilities (CWE-79 variant). Use when generating or reviewing code that accesses DOM elements by ID, uses global variables, or relies on document properties. Detects HTML injection that overwrites JavaScript globals."
network-engineering
by 89jobrien
Network architecture, troubleshooting, and infrastructure patterns. Use
depscan
by igbuend
Run OWASP Depscan for advanced Software Composition Analysis with VDR, CSAF, and license compliance. Use when scanning dependencies with deep SCA, generating VEX documents, SBOM+VDR analysis, or comprehensive license auditing.
iso-17025-de
by cleverlab-ai
"Fachberater für DIN EN ISO/IEC 17025:2018 — die internationale Norm für die Kompetenz von Prüf- und Kalibrierlaboratorien. Verwenden Sie diesen Skill wenn: (1) Vorbereitung auf Akkreditierungs- oder Überwachungsaudits der DAkkS, (2) Aufbau oder Überprüfung von Qualitätsmanagementsystemen für Laboratorien, (3) Erstellung von Verfahren, Richtlinien oder Arbeitsanweisungen gemäß 17025, (4) Erstellung von Audit-Checklisten oder Gap-Analysen, (5) Beantwortung von Fragen zu Laboranforderungen (Unparteilichkeit, Vertraulichkeit, Struktur, Ressourcen, Prozesse, Management), (6) Entwurf von LIMS-Systemen oder Laborsoftware, die 17025-konform sein muss, (7) Bewertung von Methodenvalidierung, Messunsicherheit, metrologischer Rückverfolgbarkeit, (8) Umgang mit fehlerhafter Arbeit, Beschwerden, Korrekturmaßnahmen, (9) Vorbereitung von Managementbewertungen oder internen Audits. Deutsche Version (DE)."
factory-review
by jwilger
Structures the human review experience for factory-mode builds. Audit trail summaries, PR digests, retrospective synthesis, quality trend tracking, and autonomy tuning interface. Activate during Phase 3 human review.
openclaw-setup
by Aznatkoiny
Set up, install, configure, and deploy OpenClaw (formerly ClawdBot/MoltBot) — a personal AI assistant that runs on your own devices and connects to messaging channels. Use when users ask to "set up OpenClaw," "install ClawdBot," "install MoltBot," "deploy a personal AI assistant," "configure OpenClaw on Mac," "deploy OpenClaw to VPS," "set up OpenClaw on Hostinger," "connect OpenClaw to Telegram," "configure iMessage with OpenClaw," or any variation involving OpenClaw installation, gateway configuration, channel setup, Anthropic auth, or security hardening. Also triggers on "openclaw onboard," "openclaw doctor," "openclaw security audit," troubleshooting OpenClaw deployments, OpenClaw security, OpenClaw cost control, or ClawHub skills safety.
input-validation-xss-prevention
by harperaa
Validate and sanitize user input to prevent XSS, injection attacks, and ensure data quality. Use this skill when you need to validate forms, sanitize user input, prevent cross-site scripting, use Zod schemas, or handle any user-generated content. Triggers include "input validation", "validate input", "XSS", "cross-site scripting", "sanitize", "Zod", "injection prevention", "validateRequest", "safeTextSchema", "user input security".
code-review-security
by hieutrtr
Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).
security-prompts-controls
by harperaa
Simple security prompt templates for quick implementations using existing Secure Vibe Coding OS utilities. Use for straightforward features like contact forms, authenticated updates, and public APIs. Triggers include "contact form", "simple form", "authenticated update", "user update", "public API", "read-only API", "quick secure implementation".
security-prompts-engineering
by harperaa
Comprehensive security prompt templates for implementing secure features with multiple security layers. Use for complex implementations like forms, authenticated endpoints, public APIs, admin features, file uploads, middleware composition, and security testing. Triggers include "secure form", "authenticated endpoint", "public endpoint", "admin action", "file upload", "composable middleware", "security testing", "new security control".