Security
Security scanning and vulnerability detection
seo-audit
by prabha-oss
When the user wants to run an SEO audit, site audit, technical SEO check, or SEO analysis on a website. Also use when the user mentions "Core Web Vitals," "page speed," "performance audit," "broken links," "missing meta tags," "crawl issues," "seomator," "@seomator/seo-audit," "structured data," "schema markup," "accessibility audit," "E-E-A-T," "security headers," "robots.txt," or "sitemap audit." For creating SEO pages at scale, see programmatic-seo. For optimizing content, see seo-optimizing.
ai-vuln-harness
by daedalus
Design and implement multi-agent vulnerability research harnesses following the Project Glasswing / Cloudflare methodology. Use this skill when building or improving Hunt/Validate/Dedupe/Trace security pipelines, reducing false positives in AI vuln scanning, or operationalizing large-scale LLM-assisted code audit workflows.
technical-writing-styleguide
by artivilla
Technical writing styleguide for clear, consistent documentation. Use when writing, editing, or reviewing technical content, guides, tutorials, or documentation. Triggers on article review, writing style, brand names, grammar check, screenshot guidelines, guide audit, technical docs.
codeless-security-check
by sunu-py-jp
"Security audit for Claude Code skills (.skill packages) and MCP servers. Detect malicious code, data exfiltration, prompt injection, and excessive permissions before installation. Use when the user asks to check security, audit this skill/MCP, is this safe to install, review for vulnerabilities, セキュリティチェック, 安全性を確認, or any request to evaluate the safety of a skill or MCP server before use. Also trigger when user mentions installing a skill, adding an MCP server, or shares a .skill file or MCP repository for review."
flutter-app-builder
by nodelabstudio
Complete Flutter mobile app development from initial setup through App Store deployment. Use when building Flutter apps, adding features (authentication, databases, APIs), implementing security, or preparing apps for production release. Includes project templates, architecture patterns, and deployment guidance.
writing-meeting-notes
by danbars
Use when a meeting just occurred and notes need to be turned into a clear summary with decisions, action items, owners, and dates.
Audit Specialist
by Alpizar28
Especialista senior en auditoría de sistemas transaccionales y consistencia de dominio, con enfoque en sistemas críticos y reservas.
guardrailx-scan
by k-kaundal
Provide secure coding guidance to prevent secrets, credentials, sensitive configuration, and PII exposure without inspecting or reproducing repository content.
audit-code-health
by kyzooghost
Scans codebases for security vulnerabilities, bugs, and code health issues. Creates structured work items for remediation. Triggers on "audit", "code review", "security scan", "find bugs", "tech debt", or "assess code quality".
solidity-adversarial-analysis
by whackur
Adversarial scenario analysis and threat modeling for Solidity smart contracts. Use when analyzing contracts from an attacker's perspective, identifying multi-step attack vectors, or performing threat modeling. Covers flash loan attacks, oracle manipulation, MEV/front-running, governance exploits, reentrancy scenarios, access control bypasses, economic logic exploits, and cross-contract composability risks. Triggers on tasks involving adversarial analysis, threat modeling, attack scenarios, attack vectors, exploit analysis, or red team review.
prepare-security-prs
by Soyio-id
"Triage and prepare automated dependency security PRs for merge with minimal risk. Identify bot PRs that need intervention, resolve required issues only, refresh stale branches safely, detect superseded PRs, and keep diffs dependency-focused."
skills-audit
by shieldon-dev
Security scanner for AI agent skills. Audits skill files for credential theft, data exfiltration, dangerous commands, and obfuscation before installation. Use before installing any new skill to get a structured risk report with score (0-100), severity level, and actionable findings. Runs locally with zero external dependencies — nothing is sent over the network.
pharos-flashloan-detector
by ruzkypazzy
AI Agent skill for detecting flash loan attack patterns on Pharos blockchain
qms-audit-expert
by nimeshgurung
Senior QMS Audit Expert for internal and external quality management system auditing. Provides ISO 13485 audit expertise, audit program management, nonconformity identification, and corrective action verification. Use for internal audit planning, external audit preparation, audit execution, and audit follow-up activities.
electron-dev
by fanthus
Build cross-platform desktop applications with Electron using best practices for security, performance, and user experience. Use this skill when developing system tools (file managers, screenshot tools, productivity apps) or when working with Electron projects. Triggers include requests to create Electron apps, implement file operations, system tray functionality, window management, IPC communication, or optimize Electron performance. Supports vanilla JavaScript, React, and Vue frameworks with comprehensive code templates that embed security and performance best practices directly in comments.
ogt-docs-audit-task
by OpenDNDApps
Audit tasks in docs/todo/done/ to verify claimed implementations actually exist in the codebase. Use when reviewing completed tasks, validating work before release, or periodically auditing task accuracy. Moves unverified tasks back to pending/.
maui-authentication
by Rimblehelm
A brief description of what this skill does
analyze-deps
by nexuslabs-ai
Analyze dependencies for updates, breaking changes, deprecations, and migration paths. Generates actionable reports with codebase impact assessment.
seo-audit
by ferdiboxman
Audit any landing page for SEO issues like a senior growth operator
wallet-compliance-scanner
by tawf-labs
Scan crypto wallets and tokens for Sharia (Islamic finance) compliance. Checks tokens against halal/haram criteria including riba (interest), gharar (uncertainty), maysir (gambling), and prohibited protocol types. Outputs per-token verdicts and overall wallet health score.
project-showcase
by ayushxx7
"Automate the creation of high-quality project showcases, including UI captures using Playwright, professional README galleries, and feature summaries for portfolios or social media."
ciso-coach
by campbellmcgregor
Expert CISO coaching and mentorship for security leaders in training. Use when the user asks for CISO coach guidance, executive communication advice, security leadership strategies, or needs help translating technical security issues for non-technical audiences. Also activates for discussions about current security events, threat landscape analysis, board-level security topics, risk communication, or security program development from a CISO perspective.
security
by dottiedreamworks-dot
Comprehensive AI agent security and privacy guidelines. Covers prompt injection defense, data protection, access controls, system integrity, and safe system integration practices. Complements the healthcheck skill (which handles host-level hardening).
SKILL.md — Security Audit
by iamthetonyb
Correlate with external threat intelligence if available