Security

Security scanning and vulnerability detection

Showing 1609-1632 of 2223 skills
StealthyLabsHQ

security-hardening

by StealthyLabsHQ

Audit/harden app, infra, AI, privacy. Triggers: OWASP, XSS, SQLi, SSRF, auth/JWT, IDOR, secrets, deps, API, CI/CD, supply chain, cloud, K8s, IaC, AI IDE, browser builder, no-code, LLM/MCP, prompt injection, system prompt leakage, RAG poisoning, tool misuse, excessive agency, GDPR.

Agents 1 1mo ago
tankpkg

@tank/auth-patterns

by tankpkg

Authentication and authorization patterns for any language or framework. Covers JWT internals (structure, algorithms, attacks, validation), OAuth2 grant types (Authorization Code, PKCE, Client Credentials, Device Code), session management (cookies, expiry, fixation, distributed), RBAC/ABAC/ReBAC (role modeling, authorization policies, Zanzibar), OpenID Connect and social login (ID tokens, account linking, provider patterns), MFA (TOTP, WebAuthn/passkeys, backup codes, step-up auth), and authentication security (XSS/CSRF, token storage, credential stuffing, rate limiting). Synthesizes RFC 6749, RFC 7519, RFC 6238, W3C WebAuthn Level 2, NIST SP 800-63B, and OWASP Authentication/CSRF cheat sheets. Trigger phrases: "JWT", "OAuth2", "OAuth 2.0", "session management", "RBAC", "ABAC", "role-based access", "authorization model", "OpenID Connect", "OIDC", "social login", "MFA", "multi-factor authentication", "TOTP", "WebAuthn", "passkeys", "refresh token", "access token", "PKCE", "auth flow", "implement authentication", "implement auth", "sign in with", "cookie security", "HttpOnly", "SameSite", "token storage", "XSS auth", "CSRF protection", "credential stuffing", "account linking", "backup codes", "permission system", "login security", "password hashing"

Auth 1 3mo ago
famaoai-creator

ai-ethics-auditor

by famaoai-creator

Audits AI systems for bias, fairness, and privacy. Analyzes prompts and datasets to ensure ethical and safe AI implementation.

Code Review 1 3mo ago
famaoai-creator

red-team-adversary

by famaoai-creator

Output path for report

Code Review 1 3mo ago
famaoai-creator

mcp-aws-knowledge-connector

by famaoai-creator

status: implemented

Cloud 1 3mo ago
Ven0m0

skills-eval

by Ven0m0

'Evaluate and improve Claude skill quality through auditing. Use when

Code Review 1 3mo ago
famaoai-creator

quality-scorer

by famaoai-creator

Output JSON path

Code Review 1 3mo ago
famaoai-creator

supply-chain-sentinel

by famaoai-creator

Output path for report

Agents 1 3mo ago
ferueda

review-spec

by ferueda

Review a spec document against codebase reality, identifying gaps and ensuring sound, robust implementations.

Code Review 1 4mo ago
famaoai-creator

security-scanner

by famaoai-creator

Scans the codebase for security risks.

Code Review 1 3mo ago
Nep-Cheat

clawdbot-self-security-audit

by Nep-Cheat

Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities and generate reports. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities do I have". This skill only READS configuration and generates reports—it never modifies settings or executes fixes automatically. Designed to be extensible—new checks can be added by updating this skill's knowledge.

Auth 1 4mo ago
famaoai-creator

slack-communicator-pro

by famaoai-creator

status: implemented

Agents 1 3mo ago
sumik5

designing-relational-databases

by sumik5

Guides relational database design from requirements to implementation covering entity modeling, ER diagrams, normalization (1NF-BCNF), optimization, and PostgreSQL-specific implementation (microservices data architecture, ACID transactions, functions/stored procedures, AAA security). Use when designing database schemas, creating ER diagrams, normalizing tables, implementing SQL DDL, or developing PostgreSQL-backed applications. For database internals (storage engines, distributed systems), use understanding-database-internals instead. For SQL antipattern detection and avoidance, use avoiding-sql-antipatterns instead.

Database 1 3mo ago
NavanithanS

ask-code-reviewer

by NavanithanS

Start code reviews, PR checks, or bug analysis. Triggers: "review my code", "check this PR", "analyze for bugs", "code review". Do NOT use for: - Automating fixes (use ask-python-refactor). - Generating new features. Capabilities: - Static analysis: Correctness, Security, Performance, Style. - Feedback priority: Critical > Performance > Style.

Code Review 1 3mo ago
profbernardoj

everclaw

by profbernardoj

Open-source first AI inference — GLM-5 as default, Claude as fallback only. Own your inference forever via the Morpheus decentralized network. Stake MOR tokens, access GLM-5, GLM-4.7 Flash, Kimi K2.5, and 30+ models with persistent inference by recycling staked MOR. Open-source first model router routes all tiers to Morpheus by default — Claude only kicks in as an escape hatch when needed. Includes Morpheus API Gateway bootstrap for zero-config startup, OpenAI-compatible proxy with auto-session management, automatic retry with fresh sessions, OpenAI-compatible error classification to prevent cooldown cascades, multi-key auth rotation v2 with proactive DIEM balance monitoring and reactive 402 watchdog, Gateway Guardian v5 with direct curl inference probes (eliminates Signal spam), proactive Venice DIEM credit monitoring, circuit breaker for stuck sub-agents, nuclear self-healing restart, always-on proxy-router with launchd auto-restart, smart session archiver, three-shift cyclic execution engine (v2 with 15-minute execution loops), 24/7 always-on power configuration for macOS, bundled security skills, zero-dependency wallet management via macOS Keychain, x402 payment client for agent-to-agent USDC payments, ERC-8004 agent registry reader for discovering trustless agents on Base, and hardware-aware local Ollama fallback with auto model selection (Qwen3.5 family, 1.5B–72B based on available RAM/GPU).

Automation 1 2mo ago
famaoai-creator

stakeholder-communicator

by famaoai-creator

Output file path

Database 1 3mo ago
famaoai-creator

strategic-roadmap-planner

by famaoai-creator

Output file path

Code Gen 1 3mo ago
sumik5

avoiding-sql-antipatterns

by sumik5

Identifies and prevents common SQL database design mistakes across logical design, physical design, query construction, and application development. Use when designing database schemas, writing SQL queries, reviewing data models, or implementing database-backed features. Covers 25 named antipatterns with detection signals, solutions, and exception cases. For code-level security (input validation, XSS, OWASP), use securing-code instead. For database model selection and data architecture decisions, use understanding-database-internals instead. For positive relational database design methodology (entity modeling, normalization process), use designing-relational-databases instead.

Database 1 3mo ago
famaoai-creator

ai-ethics-auditor

by famaoai-creator

status: implemented

Code Review 1 3mo ago
Semprini

domain-review

by Semprini

Use this skill when the user asks to review, audit, validate, or quality-check an existing MD-DDL domain and its detail files. Also use before declaring a domain “complete” or production-ready. This skill performs both structural conformance checks and decision-quality checks for relationship granularity, temporal tracking, existence, mutability, conceptual-to-logical realization, standards alignment, and regulatory posture.

Code Review 1 3mo ago
famaoai-creator

executive-reporting-maestro

by famaoai-creator

Output file path (JSON or .md)

Analytics 1 3mo ago
Semprini

compliance-audit

by Semprini

Systematically evaluate MD-DDL domain and entity files for governance metadata completeness and correctness against loaded gulatory frameworks. Use when auditing a domain file or corpus for compliance gaps, when the user asks "is this compliant" or "what's missing", when preparing a gap report, or after a regulatory monitoring pass identifies a potential impact. Always load the regulatory-compliance skill and relevant regulator files before running an audit — this skill defines how to audit, not what the requirements are.

Code Review 1 3mo ago
famaoai-creator

crisis-manager

by famaoai-creator

Provides rapid response during production incidents or critical security breaches. Coordinates diagnostics, temporary fixes, and post-mortem data collection.

Security 1 3mo ago
profbernardoj

everclaw

by profbernardoj

Open-source first AI inference — GLM-5 as default, Claude as fallback only. Own your inference forever via the Morpheus decentralized network. Stake MOR tokens, access GLM-5, GLM-4.7 Flash, Kimi K2.5, and 30+ models with persistent inference by recycling staked MOR. Open-source first model router routes all tiers to Morpheus by default — Claude only kicks in as an escape hatch when needed. Includes Morpheus API Gateway bootstrap for zero-config startup, OpenAI-compatible proxy with auto-session management, automatic retry with fresh sessions, OpenAI-compatible error classification to prevent cooldown cascades, multi-key auth rotation v2 with proactive DIEM balance monitoring and reactive 402 watchdog, Gateway Guardian v5 with direct curl inference probes (eliminates Signal spam), proactive Venice DIEM credit monitoring, circuit breaker for stuck sub-agents, nuclear self-healing restart, always-on proxy-router with launchd auto-restart, smart session archiver, three-shift cyclic execution engine (v2 with 15-minute execution loops), 24/7 always-on power configuration for macOS, bundled security skills, zero-dependency wallet management via macOS Keychain, x402 payment client for agent-to-agent USDC payments, ERC-8004 agent registry reader for discovering trustless agents on Base, and hardware-aware local Ollama fallback with auto model selection (Qwen3.5 family, 1.5B–72B based on available RAM/GPU).

Automation 1 2mo ago