Security
Security scanning and vulnerability detection
python-security-scanner
by jorgealves
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
concept-mastery-validator
by jorgealves
Verifies alignment between curriculum modules and generated projects to ensure no knowledge gaps. Use to audit the logical flow of a teaching program and ensure students are prepared for assigned tasks.
prompt-injection-scanner
by jorgealves
Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection. Use when designing new agent skills or before deploying agents to public environments where users provide untrusted input.
hipaa-compliance-guard
by jorgealves
Audits HealthTech applications for HIPAA technical safeguards like encryption and audit logging. Use when reviewing healthcare infrastructure or ensuring PHI is handled according to legal security standards.
gdpr-ccpa-privacy-auditor
by jorgealves
Audits web applications to ensure declared privacy policies match actual technical data collection practices. Use to identify discrepancies in cookie usage, tracking scripts, and user data handling.
pedagogical-code-grader
by jorgealves
Evaluates student code submissions based on conceptual mastery rather than just correctness. Use to provide high-quality educational feedback on architectural patterns and programming logic.
module-project-generator
by jorgealves
Generates end-to-end student projects that reinforce specific modular learning objectives. Use to create professional-grade portfolio pieces and assessment tasks for engineering mentees.
ai-readiness-audit
by cartoonitunes
Audit any website for AI agent readiness. Check llms.txt, MCP servers, structured data, semantic HTML, meta quality, and more. Use when optimizing a site for AI agents, checking AI discoverability, or preparing for AI search engines.
container-optimize
by manastalukdar
Docker/container optimization for size, layers, caching, and security
damage-control
by ThrownLemon
Security protection system that blocks dangerous commands and protects sensitive files
cloud-waste-hunter
by famaoai-creator
Actively identifies and eliminates unused or over-provisioned cloud resources. Goes beyond estimation to hunt for actual cost savings in live environments.
writing-crypto
by dbosk
Write cryptography prose and notation using the project's bibsp.sty + preamble.tex conventions (acro + biblatex footnote citations and standardized math macros). Use proactively when: (1) writing/editing cryptography sections in .tex files, (2) introducing or using crypto acronyms such as IND-CPA, IND-CCA, AE, MAC, PRF, ZK, and DH, (3) defining schemes/algorithms/variables in math notation, (4) adding citations for security notions or standard primitives, (5) writing security proofs or reductions, (6) user mentions biblatex, crypto notation, or security proof in cryptographic context.
security-reviewer
by k1lgor
Use this when the user asks for a security review, vulnerability check, or wants to know if code is safe. Focus on common issues like injection, broken auth, insecure defaults, and sensitive data exposure.
post-quantum-shield
by famaoai-creator
Output path for report
github-cleanup
by spm1001
Orchestrates progressive GitHub account cleanup using a 6-phase audit→approve→execute process that prevents accidental deletion. BEFORE any destructive repo action, invoke FIRST — traces Dependabot alerts to unused direct deps (prune) vs transitive-only (upgrade lock file). Triggers on 'clean up GitHub', 'audit my repos', 'Dependabot trouble', 'unused deps', 'stale forks', 'dependency audit'. Requires gh CLI. (user)
dependency-track
by rezkam
Query and audit Dependency-Track SCA findings. Use when working with software composition analysis, reviewing vulnerability findings, auditing CVEs, checking project dependency health, uploading SBOMs, or managing policy violations in Dependency-Track.
dependency-audit
by manastalukdar
Comprehensive dependency security and license audit
synthesize
by corygabrielsen
Consolidate brainstorm rounds into an organized synthesis. Themes emerge, winners surface, evolution becomes visible.
moai-alfred-code-reviewer
by AJBcoding
Enterprise systematic code review orchestrator with TRUST 5 principles, multi-language support, Context7 integration, AI-powered quality checks, SOLID principle validation, security vulnerability detection, and maintainability analysis across 25+ programming languages; activates for code reviews, quality standard validation, TRUST 5 enforcement, architectural audits, and automated review automation
moai-alfred-spec-authoring
by AJBcoding
Complete SPEC document authoring guide with YAML metadata structure (7 required + 9 optional fields), EARS requirement syntax (5 patterns including Unwanted Behaviors), version lifecycle management, TAG integration, pre-submission validation checklist, and real-world SPEC examples.
moai-alfred-issue-labels
by AJBcoding
Enterprise GitHub issue labeling orchestrator with semantic label taxonomy, AI-powered auto-labeling, label hierarchy system, workflow automation, issue triage acceleration, and stakeholder communication; activates for issue classification, label management, workflow automation, priority assignment, and team communication
dev-work-summary
by otrebu
Scan ~/dev recursively for git repos and report today's work with commits, branches, stats, and detailed change analysis. Use when user asks "what did I work on", "show my work", "daily summary", "what repos did I touch".
moai-baas-foundation
by AJBcoding
Enterprise Backend-as-a-Service Foundation with AI-powered BaaS architecture patterns, strategic provider selection, and intelligent multi-service orchestration for scalable production applications
code-security-audit
by LeonMelamud
Perform security audits on code changes, diffs, or branches to find high-confidence exploitable vulnerabilities. Use when asked to "audit security", "review for vulnerabilities", "security scan", "check for security issues", "audit this PR", "review these changes for security", or "find vulnerabilities in diff". Distinct from security-review (which provides secure coding patterns/checklists) — this skill actively audits code changes using a structured methodology with false positive filtering. Includes Python scripts for GitHub Action CI integration and PR evaluation.