Security
Security scanning and vulnerability detection
agent-code-analyzer
by ruvnet
Agent skill for code-analyzer - invoke with $agent-code-analyzer
sharp-edges
by trailofbits
"Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration."
algorand-vulnerability-scanner
by trailofbits
Scans Algorand smart contracts for 11 common vulnerabilities including rekeying attacks, unchecked transaction fees, missing field validations, and access control issues. Use when auditing Algorand projects (TEAL/PyTeal).
vulnerability-scanner
by vudovn
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
code-review-checklist
by vudovn
Code review guidelines covering code quality, security, and best practices.
domain-authority-auditor
by aaron-he-zhu
'Use when the user asks to "audit domain authority", "domain trust score", "CITE audit", "how authoritative is my site", "domain credibility check", "is my domain trustworthy", or "domain credibility score". Runs a full CITE 40-item domain authority audit, scoring domains across 4 dimensions with weighted scoring by domain type. Produces a detailed report with per-item scores, dimension analysis, veto checks, and a prioritized action plan. For content-level assessment, see content-quality-auditor. For link profile details, see backlink-analyzer.'
blogwatcher
by NousResearch
Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI. Add blogs, scan for new articles, and track what you've read.
agent-app-store
by ruvnet
Agent skill for app-store - invoke with $agent-app-store
agent-challenges
by ruvnet
Agent skill for challenges - invoke with $agent-challenges
agent-code-review-swarm
by ruvnet
Agent skill for code-review-swarm - invoke with $agent-code-review-swarm
clawtributor
by prompt-security
Community incident reporting for AI agents. Contribute to collective security by reporting threats.
github-workflow-automation
by ruvnet
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management
swarm-advanced
by ruvnet
Advanced swarm orchestration patterns for research, development, testing, and complex distributed workflows
V3 Security Overhaul
by ruvnet
"Complete security architecture overhaul for claude-flow v3. Addresses critical CVEs (CVE-1, CVE-2, CVE-3) and implements secure-by-default patterns. Use for security-first v3 implementation."
senior-security
by alirezarezvani
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guidance, cryptography patterns, and security scanning tools.
qa-expert
by daymade
This skill should be used when establishing comprehensive QA testing processes for any software project. Use when creating test strategies, writing test cases following Google Testing Standards, executing test plans, tracking bugs with P0-P4 classification, calculating quality metrics, or generating progress reports. Includes autonomous execution capability via master prompts and complete documentation templates for third-party QA team handoffs. Implements OWASP security testing and achieves 90% coverage targets.
web-design-guidelines
by vudovn
Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my site against best practices".
devtu-docs-quality
by mims-harvard
Comprehensive documentation quality system combining automated validation with ToolUniverse-specific auditing. Detects outdated commands, circular navigation, inconsistent terminology, auto-generated file conflicts, broken links, and structural problems. Use when reviewing documentation, before releases, after refactoring, or when user asks to audit, optimize, or improve documentation quality.
solidity-security
by wshobson
Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
multi-reviewer-patterns
by wshobson
Coordinate parallel code reviews across multiple quality dimensions with finding deduplication, severity calibration, and consolidated reporting. Use this skill when organizing multi-reviewer code reviews, calibrating finding severity, or consolidating review results.
moai-platform-auth
by modu-ai
Authentication and authorization specialist covering Auth0, Clerk, and Firebase Auth. Use when implementing authentication, authorization, MFA, SSO, passkeys, WebAuthn, social login, or security features. Supports enterprise (Auth0), modern UX (Clerk), and mobile-first (Firebase) patterns.
moai-foundation-philosopher
by modu-ai
Strategic thinking framework integrating First Principles Analysis, Stanford Design Thinking, and MIT Systems Engineering for deeper problem-solving. Use when performing architecture decisions, technology selection trade-offs, root cause analysis, cognitive bias detection, or first principles decomposition. Do NOT use for code quality validation (use moai-foundation-quality instead) or implementation workflows (use moai-workflow-ddd instead).
defi-protocol-templates
by wshobson
Implement DeFi protocols with production-ready templates for staking, AMMs, governance, and lending systems. Use when building decentralized finance applications or smart contract protocols.
config-analyzer
by cisco-ai-defense
Analyze configuration files for validation and best practices