Back to Home
shield

Security

About Security

The "Security" domain covers critical areas like penetration testing, vulnerability assessment, code auditing, and identity management for AI applications. For instance, the `harden` Skill empowers your AI Agent to automatically strengthen system security configurations, mitigating potential threats. These Agent Skills help developers and teams build and maintain robust AI systems, ensuring data protection and regulatory compliance.

Subcategory navigation

Categories:

All Security Skills

50 / 231 skills
system-hardening

harden

by @pbakaus

This skill aims to enhance the defensive capabilities of AI tools through secure design language, identifying and mitigating potential security risks, ensuring system and data security and reliability, and resisting malicious attacks.

4.7(1.7K)
53.3K
convex-security

convex-setup-auth

by @get-convex

Implement secure user authentication in Convex, supporting various authentication methods to ensure the security of user data and system access.

4.7(608)
51.3K
firebase

firebase-security-rules-auditor

by @firebase

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are extremely secure and robust.

4.6(120)
25.2K
authentication

create-auth-skill

by @better-auth

This skill provides a guide for adding authentication to TypeScript/JavaScript applications using Better Auth, covering planning, implementation, and best practices.

4.6(468)
22.0K
security

firestore-security-rules-auditor

by @firebase

Audits Firebase Security Rules, evaluating their correctness and robustness against strict security standards.

4.6(7)
20.3K
skill-assessment

skill-vetter

by @useai-pro

Conduct a security-first review of OpenClaw skills, checking for potential risks, permission scopes, and recommendations to ensure skill safety.

4.6(560)
18.0K
authentication

email-and-password-best-practices

by @better-auth

This skill provides best practices for email and password authentication, including enabling email/password features, configuring email verification, and adding password reset functionality.

4.6(20)
17.2K
2fa

two-factor-authentication-best-practices

by @better-auth

This skill provides best practices for two-factor authentication, guiding how to add 2FA plugins in server and client configurations to enhance account security.

4.5(20)
15.2K
ai-engineering

nia

by @nozomio-labs

Emphasizes a Nia-first workflow, requiring checking Nia index sources before web scraping or searching to ensure standardized information retrieval.

4.5(34)
14.6K
content-moderation

gws-modelarmor

by @googleworkspace

Filters user-generated content to ensure compliance with safety standards, protecting users from inappropriate information and maintaining platform security.

4.5(140)
14.4K
cybersecurity

security-best-practices

by @supercent-io

Provides security best practices, guiding new projects to consider security from the outset, and conducting security audits and API hardening.

4.5(564)
14.1K
authentication

better-auth-security-best-practices

by @better-auth

This skill provides security best practices for Better Auth, guiding users on how to configure and use Better Auth to ensure application authentication and authorization security.

4.5(20)
13.2K
security-requirements

security-requirement-extraction

by @wshobson

Focuses on security requirement extraction, utilizing intelligent automation and multi-agent orchestration techniques to efficiently identify and manage system security requirements.

4.5(273)
13.1K
solidity

solidity-security

by @wshobson

Focuses on Solidity smart contract security, utilizing intelligent automation and multi-agent orchestration to identify and fix vulnerabilities, ensuring Web3 application security.

4.5(20)
10.9K
oauth-2.0

authentication-setup

by @supercent-io

This skill is used for authentication setup, including user login systems, single sign-on (SSO), multi-factor authentication (MFA), API authentication, and third-party integration, ensuring secure application access.

4.5(424)
10.6K
code-review

security-review

by @affaan-m

Focuses on security reviews, especially for scenarios involving authentication, user input handling, etc., ensuring system security.

4.5(100)
8.9K
clerk.dev

clerk

by @clerk

Provides Clerk authentication routing services, helping users quickly integrate and manage application user authentication features, enhancing security.

4.5(20)
8.8K
secrets-management

secrets-management

by @wshobson

Focuses on secrets management in the security domain, ensuring secure storage and access of sensitive information through intelligent automation and multi-agent orchestration.

4.5(20)
7.8K
cloudflare

sandbox-sdk

by @cloudflare

Builds sandbox applications for secure code execution, suitable for AI code executors, CI/CD systems, etc.

4.5(48)
7.6K
api-security

api-security-best-practices

by @sickn33

Implementing secure API design patterns, including authentication and authorization, to protect APIs from attacks and ensure data security.

4.5(96)
7.2K
sandbox-environment

sandbox-agent

by @rivet-dev

Deploys, configures, and integrates Sandbox Agent—a universal API for orchestration.

4.5(84)
6.7K
threat-modeling

threat-mitigation-mapping

by @wshobson

Master threat mitigation mapping, combining intelligent automation and multi-agent orchestration to effectively identify, assess, and respond to security risks, ensuring system security.

4.5(20)
6.6K
stride-(threat-modeling)

stride-analysis-patterns

by @wshobson

Familiar with STRIDE threat modeling analysis patterns, combining intelligent automation and multi-agent orchestration to comprehensively assess system security and formulate defense strategies.

4.5(22)
6.6K
spring-security

springboot-security

by @affaan-m

Provides best practices for Spring Security authentication/authorization, data validation, and more, ensuring Spring Boot application security.

4.4(20)
5.3K
django-security

django-security

by @affaan-m

Focuses on Django security best practices, including authentication, authorization, and data protection, ensuring web applications resist common threats and building a secure and reliable backend.

4.4(20)
5.2K
security-scanning

security-scan

by @affaan-m

Scans the Claude Code configuration directory (.claude/) for potential security vulnerabilities and non-compliant settings to enhance code security.

4.4(20)
4.8K
elliptic-curve-cryptography

configure-ecc

by @affaan-m

Serves as an interactive installation wizard for Everything Claude Code, guiding users through the configuration process to ensure secure and efficient deployment and use of related services.

4.4(20)
4.4K
token-audit

query-token-audit

by @binance

Conduct security audits for tokens, detecting potential honeypots, rug pulls, scams, and malicious features to ensure transaction security.

4.4(20)
4.4K
ctf-(capture-the-flag)

ctf-reverse

by @ljagiello

Provides reverse engineering techniques for CTF challenges, used to analyze binary files, obfuscated code, and anti-debugging.

4.4(20)
4.2K
semgrep

semgrep

by @trailofbits

Run Semgrep security scans, supporting automatic language detection, parallel execution, and SARIF output merging.

4.4(20)
4.2K
token-risk

okx-security

by @okx

Offers five major security capabilities: token risk analysis, DApp phishing detection, transaction pre-execution security checks, signature security, and authorization management.

4.4(20)
4.2K
laravel

laravel-security

by @affaan-m

Comprehensive security guide for Laravel applications, defending against common vulnerabilities, covering authentication, authorization, user input, file uploads, API endpoints, and key management.

4.4(20)
4.1K
ctf-(capture-the-flag)

ctf-web

by @ljagiello

Provide web exploitation techniques for CTF cybersecurity challenges. AI Agent Skill to improve work efficiency and automation capabilities.

4.4(20)
4.0K
codeql

codeql

by @trailofbits

Performs CodeQL code security analysis, supporting multiple programming languages, and identifies potential vulnerabilities using reference files and templates.

4.4(21)
4.0K
security-misconfiguration

insecure-defaults

by @trailofbits

Discovers "open-door" vulnerabilities where applications run insecurely due to missing configurations. An AI Agent Skill to enhance work efficiency and automation.

4.4(22)
3.9K
ctf-exploitation

ctf-pwn

by @ljagiello

Provides binary exploitation (pwn) techniques for CTF challenges, helping to solve various code execution and privilege escalation issues.

4.4(20)
3.9K
secure-development-lifecycle-(sdlc)

secure-workflow-guide

by @trailofbits

Guides adherence to Trail of Bits' five-step secure development workflow to enhance smart contract security.

4.4(20)
3.8K
ctf-challenges

ctf-crypto

by @ljagiello

Provides cryptographic attack techniques for CTF (Capture The Flag) challenges, helping security enthusiasts and participants solve encryption puzzles and improve practical skills.

4.4(20)
3.8K
ctf

ctf-osint

by @ljagiello

Provides Open-Source Intelligence (OSINT) techniques for CTF challenges, collecting information from public sources like social media and DNS records.

4.4(20)
3.7K
ctf

ctf-forensics

by @ljagiello

Covers digital forensics and signal analysis techniques in CTF competitions, helping solve security challenges and improve practical skills.

4.4(20)
3.7K
ctf-challenges

ctf-misc

by @ljagiello

Provides miscellaneous techniques for CTF challenges, including encoding, steganography, etc., for solving non-traditional security problems.

4.4(20)
3.6K
ctf

solve-challenge

by @ljagiello

Solve CTF challenges by analyzing files, connecting to servers, etc., to enhance offensive and defensive security skills.

4.4(20)
3.6K
malware-analysis

ctf-malware

by @ljagiello

Provide malware analysis and network traffic analysis techniques for CTF competitions, identifying threats and solving challenges.

4.4(20)
3.5K
perl-security

perl-security

by @affaan-m

Provides a comprehensive security guide for Perl applications, covering code security, data protection, and other aspects to ensure application safety.

4.4(20)
3.5K
security

security-and-hardening

by @addyosmani

Web application secure development practices, treating all external input as hostile, every key as sacred, and every authorization check as mandatory; security is a constraint, not a phase.

4.4(20)
3.4K
supply-chain-security

supply-chain-risk-auditor

by @trailofbits

Specializes in supply chain risk auditing, assessing security risks of project dependencies, suitable for pre-security audits or supplier risk evaluation, ensuring software supply chain security.

4.4(20)
3.3K
fingerprint-analysis

fp-check

by @trailofbits

Verifies security vulnerability findings, checks for false positives, and assesses exploitability. An AI Agent Skill to enhance work efficiency and automation.

4.4(20)
3.1K
advanced-security

sharp-edges

by @trailofbits

Analyze APIs, configurations, and interfaces for resilience against developer misuse, identifying design flaws that lead to security issues.

4.4(20)
3.0K
security-best-practices

golang-security

by @samber

Audit Go code for security vulnerabilities, discovering common issues like SQL injection, path traversal, insecure random numbers, and providing remediation suggestions.

4.4(20)
3.0K
security

safety-guard

by @affaan-m

The safety-guard skill, built on the ECC framework, provides robust security protection for AI agents. It performs real-time scanning and auditing of agent-generated content, code, and interactions, identifying potential vulnerabilities, unsafe behaviors, and compliance risks to ensure secure and reliable AI task execution.

4.4(20)
2.9K