Security
Security scanning and vulnerability detection
skills-audit
by jforksy
Audit, validate, and maintain the skills ecosystem - structure checks, hierarchy mapping, lint, and health dashboard
Energy Audit and Zone of Genius
by Coowoolf
Review your calendar, color-code activities by energy impact (Green/Red), and systematically delegate draining tasks to maximize time in your Zone of Genius.
code-critic
by plutowang
Use when explicitly asked to critique code, find bugs, audit code quality, analyze performance, or review a specific code snippet for security issues. Do not use for full branch or PR reviews.
vulnerability-discovery
by pluginagentmarketplace
Systematic vulnerability finding, threat modeling, and attack surface analysis for AI/LLM security assessments
testing-methodologies
by pluginagentmarketplace
Structured approaches for AI security testing including threat modeling, penetration testing, and red team operations
cto
by jforksy
CTO Co-Pilot - strategic technical leadership, architecture decisions, infrastructure optimization, and engineering team coordination
security-testing
by pluginagentmarketplace
Comprehensive security testing automation for AI/ML systems with CI/CD integration
cloudflare-security-checker
by hirefrank
Automatically validates Cloudflare Workers security patterns during development, ensuring proper secret management, CORS configuration, and input validation
Comunicador DevOps
by scaleto
Enlace A2A del Grupo DevOps.
ciso-vendor-risk
by jforksy
Third-party risk management - vendor security assessments, SaaS tool reviews, vendor risk scoring, and onboarding checklists
critical-thinking
by plutowang
Always-on skill that enforces critical thinking during coding. Auto-apply on every coding task to prevent yes-man behavior, challenge assumptions, and ensure technical decisions are well-reasoned.
security
by mrsknetwork
Applies OWASP Top 10 mitigations, secure authentication, authorization, secret management, and data protection practices to FastAPI backends and Next.js frontends. Use for any feature involving auth, user data, payments, file uploads, or system access. Always invoke security review before shipping any user-facing API endpoint.
rtos-analysis
by tangjunyi23
Real-Time Operating System vulnerability analysis for embedded devices running FreeRTOS, VxWorks, ThreadX, eCos, and other RTOS platforms
ciso-compliance
by jforksy
Compliance management - SOC 2 policies, Vanta integration, evidence collection, audit readiness, and gap analysis
security-hardening-checklist
by hopeoverture
This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, cookie configuration, RLS policies, input sanitization, rate limiting, and other security measures. It generates a comprehensive security audit report with actionable recommendations. Trigger terms include security audit, security check, harden security, security review, vulnerability check, security headers, secure cookies, input validation, rate limiting, security best practices.
ai-lingo
by sunnypatneedi
Meta-skill that maps cognitive mode-switch words to appropriate thinking behaviors and skills. AUTO-INVOKE when user uses these trigger patterns: - Depth: "rigorous", "first-principles", "mechanistic", "axiomatic", "falsifiable", "steelman", "non-trivial", "exhaustive", "load-bearing", "dispositive", "ultra think hard" - Reframe: "reimagine", "orthogonal", "contrarian", "subversive", "invert", "counterfactual", "zero-based", "provocative", "transmute", "reframe" - Precision: "probabilities", "bounded", "monotonic", "asymptotic", "invariant", "order of magnitude", "sensitivity analysis", "convex", "distribution", "marginal", "dimensionality" - Tradeoff: "sacrifice", "irreversible", "binding constraint", "pareto", "second-order", "opportunity cost", "regret minimization", "non-negotiable", "asymmetric" - Quality: "elegant", "idiomatic", "canonical", "production-grade", "battle-tested", "minimalist", "composable", "tasteful", "crisp" - Systems: "emergent", "cascading", "equilibrium", "phase transition", "feedback loop", "attractor", "entropy" - Epistemic: "Bayesian", "calibrated", "crux", "pre-mortem", "adversarial", "sparse", "steel-thread", "epistemic humility", "signal-to-noise"
security-audit
by elliottrjacobs
Deep security audit of codebase with parallel domain-focused agents. Use when the user says "security audit", "check for vulnerabilities", "security review", or before a launch/deployment. More thorough than the security reviewer in /engineer-review.
infra-architect
by k1lgor
Use this for Infrastructure as Code (Terraform, CloudFormation), cloud resource setup, networking, IAM policies, and general cloud architecture.
anti-reversing-techniques
by ma1orek
Understand anti-reversing, obfuscation, and protection techniques encountered during software analysis. Use when analyzing protected binaries, bypassing anti-debugging for authorized analysis, or understanding software protection mechanisms.
security-audit
by factorial-io
Use when conducting security reviews, investigating vulnerabilities, or creating security documentation - provides systematic methodology for code audits with severity assessment, dual documentation patterns (client + internal), and acceptance-focused ticket creation
kubernetes-architect
by baotoq
Expert Kubernetes architect specializing in cloud-native
skillvet
by oakencore
"Security scanner for ClawHub/community skills — detects malware, credential theft, exfiltration, prompt injection, obfuscation, homograph attacks, ANSI injection, campaign-specific attack patterns, and more before you install. Use when installing skills from ClawHub or any public marketplace, reviewing third-party agent skills for safety, or vetting untrusted code before giving it to your AI agent. Triggers: install skill, audit skill, check skill, vet skill, skill security, safe install, is this skill safe."
k8s-manifest-generator
by baotoq
Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.
impeccable-audit
by SebastiaanWouters
"Skills-only equivalent of impeccable.style /audit. Perform comprehensive audit of interface quality across accessibility, performance, theming, and responsive design. Generates detailed report of issues with severity ratings and recommendations. Use for frontend and UI design tasks."