Vulnerability scanning, pentesting, code audits, dependency security, OWASP
by @greekr4
Bypass bot detection using Playwright. Provides effective technical strategies and implementation methods for users requesting to circumvent anti-scraping or anti-automation mechanisms.
by @sickn33
Configure mutual TLS (mTLS) to provide robust security for service-to-service communication in a zero-trust architecture.
by @jezweb
Integrates Cloudflare Turnstile to provide a frictionless CAPTCHA service, effectively defending against bot attacks and enhancing website security and user experience.
by @trailofbits
Specializes in supply chain risk auditing, assessing security risks of project dependencies, suitable for pre-security audits or supplier risk evaluation, ensuring software supply chain security.
by @googleworkspace
Provides Google Workspace Cloud Identity management, supporting operations on identity resources while adhering to shared authentication and security rules.
by @better-auth
This skill provides best practices for two-factor authentication, guiding how to add 2FA plugins in server and client configurations to enhance account security.
Verifies security vulnerability findings, checks for false positives, and assesses exploitability. An AI Agent Skill to enhance work efficiency and automation.
Creates production-grade Semgrep rules with appropriate testing and validation. This AI Agent Skill enhances work efficiency and automation.
by @jaganpro
Analyze Salesforce permissions and access controls, ensuring users have appropriate access levels and maintaining data security and compliance.
by @okx
Offers five major security capabilities: token risk analysis, DApp phishing detection, transaction pre-execution security checks, signature security, and authorization management.
Provides Google Workspace Vault management, supporting operations on Vault resources while adhering to shared authentication and security rules.
by @ghostsecurity
Collect repository context information by detecting projects and summarizing architecture, then write the results to `repo.md`.
Invokes external LLM CLI for independent code reviews, supporting OpenAI Codex and Google Gemini, to provide a second opinion.
Tests for HTML injection vulnerabilities, evaluating and enhancing web application security to prevent malicious attacks.
by @cinience
Alibaba Cloud Cloud Firewall (CloudFW) Minimum Viability Test skill, used to verify AK/SK and region configurations, and execute minimum test steps for Cloud Firewall services.
Validates security findings, determining true or false positives, and providing supporting evidence. An AI Agent Skill to improve work efficiency and automation.
by @auth0
Quickly starts Auth0 authentication, automatically detects project frameworks, and provides integration guides to simplify authentication process setup.
Ports existing Semgrep rules to new target languages, performing applicability analysis and test-driven verification.
Identifies security issues in code repositories, plans and executes vulnerability scans. An AI Agent Skill to enhance work efficiency and automation.
An open-source project developed by Google, providing free distributed infrastructure for continuous fuzz testing.
Tests for SQL injection vulnerabilities, helping users identify and fix database security risks, ensuring application data integrity.
by @wshobson
Master threat mitigation mapping, combining intelligent automation and multi-agent orchestration to effectively identify, assess, and respond to security risks, ensuring system security.
Tests cryptographic implementations for timing attack vulnerabilities, preventing the leakage of secret information through execution time differences.
Conduct penetration testing on WordPress websites, identify and assess potential security vulnerabilities, provide hardening recommendations, and enhance website security.
Utilize Burp Suite for web application penetration testing, discovering and exploiting security vulnerabilities.
Focuses on secrets management in the security domain, ensuring secure storage and access of sensitive information through intelligent automation and multi-agent orchestration.
by @phuryn
Privacy policy, an AI Agent Skill to improve work efficiency and automation capabilities.
by @ljagiello
Solve CTF challenges by analyzing files, connecting to servers, etc., to enhance offensive and defensive security skills.
by @antibrow
Launch Chromium instances with real device fingerprints via Playwright API to bypass anti-bot system detection.
Acts as the top-level coordinator for Software Composition Analysis (SCA) scans, responsible for invoking task tools and generating sub-agents to perform actual dependency detection.
This skill provides best practices for email and password authentication, including enabling email/password features, configuring email verification, and adding password reset functionality.
by @uniswap
Builds a security-first guide for Uniswap v4 Hooks, emphasizing understanding vulnerability risks to protect user funds.
by @poteto
Summons adversarial models for review, challenging work from different perspectives to provide comprehensive validation.
Provides reverse engineering techniques for CTF challenges, used to analyze binary files, obfuscated code, and anti-debugging.
Alibaba Cloud Cloud Firewall service, managing cloud firewall resources via OpenAPI, supporting official SDKs or OpenAPI Explorer.
by @waynesutton
Provides comprehensive security audits for Convex applications, deeply reviewing authorization logic, data access, and other security patterns.
by @pskoett
Provides a self-review function for programming agents after code completion, aiming to simplify code structure, enhance security, ensure code quality, and mitigate potential threats.
Provide web exploitation techniques for CTF cybersecurity challenges. AI Agent Skill to improve work efficiency and automation capabilities.
A fork of the original AFL fuzzer, offering superior fuzzing performance and advanced features.
by @cantinaxyz
Conducts security audits of OpenClaw deployments, identifying misconfigurations and actual attack paths, and generates detailed security reports to assess system vulnerabilities.
by @davila7
ISO27001 Information Security Manager skill, providing guidance and support for information security management compliant with ISO27001 standards.
Performs CodeQL code security analysis, supporting multiple programming languages, and identifies potential vulnerabilities using reference files and templates.
Focuses on implementing more secure authentication mechanisms, including multi-factor authentication and OAuth, to enhance user authentication security and experience, protecting systems from unauthorized access.
by @aj-geddes
Identify and fix system security vulnerabilities through Static/Dynamic Application Security Testing (SAST/DAST) and penetration testing.
Alibaba Cloud Security Center (SAS) service, managing Security Center resources via OpenAPI, supporting official SDKs or OpenAPI Explorer.
by @affaan-m
Scans the Claude Code configuration directory (.claude/) for potential security vulnerabilities and non-compliant settings to enhance code security.
Performs database penetration testing using sqlmap to discover and exploit SQL injection vulnerabilities.
Manages Claude's thinking process during the audit context building phase, enabling ultra-fine pure context mode.
Provides miscellaneous techniques for CTF challenges, including encoding, steganography, etc., for solving non-traditional security problems.
by @parcadei
Provides security audit workflows, conducting specialized security analysis on sensitive code to check for vulnerabilities and authentication code.