Security
Security scanning and vulnerability detection
repomix-safe-mixer
by daymade
Safely package codebases with repomix by automatically detecting and removing hardcoded credentials before packing. Use when packaging code for distribution, creating reference packages, or when the user mentions security concerns about sharing code with repomix.
code-reviewer
by Shubhamsaboo
Thorough code review with focus on security, performance, and best practices. Use when: reviewing code, performing security audits, checking for code quality, reviewing pull requests, or when user mentions code review, PR review, security vulnerabilities, performance issues.
react-doctor
by millionco
Run after making React changes to catch issues early. Use when reviewing code, finishing a feature, or fixing bugs in a React project.
security-review
by xu-xiang
当添加身份认证(authentication)、处理用户输入、使用凭据(secrets)、创建 API 端点或实现支付/敏感功能时,请使用此技能。提供全面的安全检查清单和模式。
security-automation
by Ed1s0nZ
安全自动化的专业技能和方法论
secure-code-review
by Ed1s0nZ
安全代码审查的专业技能和方法论
django-verification
by xu-xiang
Django 项目的验证循环(Verification loop):包含数据库迁移、代码检查、带覆盖率的测试、安全扫描,以及在发布或 PR 前的部署就绪检查。
anti-reversing-techniques
by sickn33
Understand anti-reversing, obfuscation, and protection techniques encountered during software analysis. Use when analyzing protected binaries, bypassing anti-debugging for authorized analysis, or understanding software protection mechanisms.
firebase-firestore-basics
by firebase
Comprehensive guide for Firestore basics including provisioning, security rules, and SDK usage. Use this skill when the user needs help setting up Firestore, writing security rules, or using the Firestore SDK in their application.
gtm-strategy
by kostja94
When the user wants to plan go-to-market strategy, GTM framework, or market entry. Also use when the user mentions "GTM," "go-to-market," "market entry," "new market," "repositioning," "PLG," "sales-led," "product-led," "marketing-led," "ICP," "buyer persona," "GTM motion," or "market expansion."
vulnerability-assessment
by Ed1s0nZ
漏洞评估的专业技能和方法论
cto-advisor
by borghei
Technical leadership advisor for CTOs on architecture decisions, engineering strategy, team scaling, technical debt management, and technology evaluation.
senior-security
by borghei
Expert security engineering covering application security, infrastructure security, threat modeling, penetration testing, and compliance.
apollo-security-basics
by Dicklesworthstone
Apply Apollo.io API security best practices. Use when securing Apollo integrations, managing API keys, or implementing secure data handling. Trigger with phrases like "apollo security", "secure apollo api", "apollo api key security", "apollo data protection".
skill-security-framing
by nyldn
URL validation and content wrapping for untrusted sources. Use when: This skill provides SECURITY UTILITIES - it should be referenced by other skills,. not invoked directly by users. Auto-integrate when:. Fetching content from URLs
humanizer
by zed-industries
Remove signs of AI-generated writing from text. Use after drafting to make copy sound more natural and human-written. Based on Wikipedia's "Signs of AI writing" guide.
verification-loop
by Galaxy-Dawn
This skill should be used when the user asks to "verify code", "run verification", "check quality", "validate changes", or before creating a PR. Provides comprehensive verification including build, type check, lint, tests, security scan, and diff review.
attack-tree-construction
by sickn33
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
/a11y-ally - Comprehensive Accessibility Audit
by proffesor-for-testing
Agentic QE Fleet is an open-source AI-powered quality engineering platform designed for use with Claude Code, featuring specialized agents and skills to support testing activities for a product at any stage of the SDLC. Free to use, fork, build, and contribute. Based on the Agentic QE Framework created by Dragan Spiridonov.
DDD Domain Mapping (from QCSD-AGENTIC-QE-MAPPING-FRAMEWORK.md)
by proffesor-for-testing
Agentic QE Fleet is an open-source AI-powered quality engineering platform designed for use with Claude Code, featuring specialized agents and skills to support testing activities for a product at any stage of the SDLC. Free to use, fork, build, and contribute. Based on the Agentic QE Framework created by Dragan Spiridonov.
create-github-action-workflow-specification
by github
'Create a formal specification for an existing GitHub Actions CI/CD workflow, optimized for AI consumption and workflow maintenance.'
compliance-testing
by proffesor-for-testing
"Regulatory compliance testing for GDPR, CCPA, HIPAA, SOC2, PCI-DSS and industry-specific regulations. Use when ensuring legal compliance, preparing for audits, or handling sensitive data."
Pentest Validation
by proffesor-for-testing
Agentic QE Fleet is an open-source AI-powered quality engineering platform designed for use with Claude Code, featuring specialized agents and skills to support testing activities for a product at any stage of the SDLC. Free to use, fork, build, and contribute. Based on the Agentic QE Framework created by Dragan Spiridonov.
cloud-design-patterns
by github
'Cloud design patterns for distributed systems architecture covering 42 industry-standard patterns across reliability, performance, messaging, security, and deployment categories. Use when designing, reviewing, or implementing distributed system architectures.'