security
0
security-hardener
Implement security headers, input validation, and CSRF protection. Use when hardening security, reviewing for vulnerabilities, or before releases.
ainexllc
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
0
daniel
Production-ready security analysis with CMMC Level 2 compliance. USE WHEN user needs vulnerability scanning, STRIDE threat modeling, security code review, CMMC compliance mapping, or multi-agent security analysis. Detects 50+ vulnerability patterns with remediation guidance.
banjoey
testing-security
security
0
authorization-endpoint-reviewer
Review test cases for Authorization Endpoint. Covers response_type=code, request parameters (scope, client_id, redirect_uri, state, nonce, prompt, display, max_age), and authorization response per OIDC Core 1.0 Section 3.1.2.
maronnjapan
testing-security
security
0
security-hardening
Comprehensive security implementation covering authentication, authorization, input validation, vulnerability detection, compliance, and security standards (OWASP, ISO 27001, SOC2, CWE). Use when securing applications, APIs, and infrastructure.
IbIFACE-Tech
testing-security
security
0
agentuity-cli-auth-apikey
Display the API key for the currently authenticated user. Requires authentication. Use for managing authentication credentials
agentuity
testing-security
security
0
1password
Guide for implementing 1Password secrets management - CLI operations, service accounts, and Kubernetes integration. Use when retrieving secrets, managing vaults, configuring CI/CD pipelines, integrating with External Secrets Operator, or automating secrets workflows with 1Password.
julianobarbosa
testing-security
security
0
helmet-config-generator
Generate Helmet.js security middleware configuration for Express applications. Triggers on "create helmet config", "generate helmet configuration", "express security headers", "helmet setup".
ehtbanton
testing-security
security
0
configuring-better-auth
Implement OAuth 2.1 / OIDC authentication using Better Auth with MCP assistance. Use when setting up a centralized auth server (SSO provider), implementing SSO clients in Next.js apps, configuring PKCE flows, or managing tokens with JWKS verification. Uses Better Auth MCP for guided setup. NOT when using simple session-only auth without OAuth/OIDC requirements.
bilalmk
testing-security
security
0
security-audit
Comprehensive security audit of the job analytics platform. Tests actual entry points (API, Supabase, frontend), scans for credential exposure, validates RLS policies, and generates prioritized remediation reports. Use when auditing security, preparing for launch, or hardening MVP.
RichJacobs69
testing-security
security
0
controller-roles
Controller role handling. Use when you need to setup a api endpoint with the right permissions and roles
griffnb
testing-security
security
0
security-reviewer
Security audit following OWASP Top 10 and best practices for web applications. Triggers: SEC, security, 安全, OWASP, 漏洞, vulnerability, audit, 稽核, 安全檢查, security check, CVE, 資安, penetration, pentest, 滲透, injection, XSS, CSRF, 認證, authentication, 授權, authorization, secrets, 敏感資料.
u9401066
testing-security
security
0
better-auth
Implement authentication and authorization with Better Auth - a framework-agnostic TypeScript authentication framework. Features include email/password authentication with verification, OAuth providers (Google, GitHub, Discord, etc.), two-factor authentication (TOTP, SMS), passkeys/WebAuthn support, session management, role-based access control (RBAC), rate limiting, and database adapters. Use when adding authentication to applications, implementing OAuth flows, setting up 2FA/MFA, managing user sessions, configuring authorization rules, or building secure authentication systems for web applications.
untangledfinance
testing-security
security
0
supabase-auth
Authentication and session management patterns with Supabase Auth. Use when implementing login flows, OAuth providers, session handling, protected routes, or RLS policies based on authentication.
Naw3
testing-security
security
0
security-engineer
Senior security engineer specializing in application security, vulnerability assessment, and secure coding practices. Masters penetration testing, security auditing, and implementing comprehensive security controls across the software development lifecycle.
vx-daniel
testing-security
security
0
don-security
Security standards and authentication tools for Dutch government software. Use when implementing DigiD, eHerkenning, OAuth, OIDC, PKIoverheid, or other Dutch government authentication and security standards.
dstotijn
testing-security
security
0
permissions
Multi-tenant permission checking for Wasp applications. Use when implementing authorization, access control, or role-based permissions. Includes organization/department/role patterns and permission helper functions.
ToonVos
testing-security
security
0
agentuity-cli-cloud-keyvalue-get
Get a value from the keyvalue storage. Requires authentication. Use for Agentuity cloud platform operations
agentuity
testing-security
security
0
message-authentication-code-mac
Security pattern for implementing Message Authentication Codes (MACs) to ensure data integrity and origin authentication. Use when implementing HMAC, CMAC, or other MAC algorithms, verifying message integrity, authenticating message origin with shared secrets, or when non-repudiation is NOT required. Specialization of Cryptographic action pattern.
igbuend
testing-security
security
0
opaque-token-based-authentication
Security pattern for server-side token authentication (e.g., session IDs). Use when implementing session management, designing stateful authentication where server maintains token-to-principal mapping, or building systems requiring immediate token revocation. Specialization of Authentication pattern.
igbuend
testing-security
security
0
governancecheck-roc-compliance
Checks session compliance against a Rule of Constraints policy.
venikman
testing-security