إعلان[ For iPhone / iPad ] 🔥 خلفيات تفاعلية مذهلة من Nugget. لم ترَ شيئًا كهذا من قبل!
skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 مهارةall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
2

aws-iam

Create and debug AWS IAM policies with least-privilege. Use on 'IAM policy', 'permission denied', 'access denied', 'not authorized', 'create role'.

pypeaday
pypeaday
testing-security
open
security
2

aws-iam

Create and debug AWS IAM policies with least-privilege. Triggers on "IAM policy", "permission denied", "access denied", "not authorized", "create role".

pypeaday
pypeaday
testing-security
open
security
2

secops-engineering

Domain specialist for security operations, vulnerability management, compliance, and secure coding practices. Scope: OWASP Top 10, authentication (OAuth2, JWT, SAML, OIDC), input validation (SQLi, XSS, CSRF), secrets management, security headers, file upload security, vulnerability scanning, compliance (SOC2, GDPR, PCI-DSS). Excludes: code-level design patterns, infrastructure security, database design, performance optimization. Triggers: "security", "OWASP", "authentication", "authorization", "OAuth", "JWT", "SAML", "OIDC", "SQL injection", "XSS", "CSRF", "input validation", "secrets management", "vulnerability scan", "compliance", "SOC2", "GDPR", "security headers".

warpcode
warpcode
testing-security
open
security
2

external-provider

Access configured sidecar providers (health, banking, government) via WebFetch.

avivsinai
avivsinai
testing-security
open
security
2

deleting-op-secrets

Deletes or archives secrets in 1Password using the op CLI. Use when the user needs to permanently remove items, archive deprecated credentials, or clean up unused secrets from 1Password vaults. Supports both permanent deletion and archiving for later recovery.

leefowlercu
leefowlercu
testing-security
open
security
2

web-security

Expert knowledge in implementing secure web applications and protecting against common vulnerabilities. Covers OWASP Top 10, authentication and authorization, data protection, Content Security Policy (CSP), HTTPS/TLS, input validation, secure dependencies, and API security. Use when implementing security features or addressing security vulnerabilities.

PaulKinlan
PaulKinlan
testing-security
open
security
2

sharp-edges

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.

plurigrid
plurigrid
testing-security
open
security
2

burp-suite

Web application security testing with Burp Suite.

plurigrid
plurigrid
testing-security
open
security
2

crypto

Client-side cryptography with libsodium. Use when working on files in src/lib/crypto/.

bentefay
bentefay
testing-security
open
security
2

moai-security-ssrf

Enterprise SSRF Security Protection with AI-powered request validation, Context7 integration, and intelligent URL filtering for web application security

AJBcoding
AJBcoding
testing-security
open
security
2

secret-scanner

Scans git repositories for hardcoded secrets, credentials, and API keys using Gitleaks. Returns findings with severity, location, and remediation steps. Use when user asks to "scan for secrets", "detect credentials", "find API keys", "check for leaks", "シークレット検出", "認証情報スキャン".

naporin0624
naporin0624
testing-security
open
security
2

alto-configure

Use when configuring ALTO settings including arbiter thresholds, permissions, or verification hooks. Applies during setup orchestrator "Configure ALTO" selection, build orchestrator checkpoints, or when user requests configuration changes.

gonzaloetjo
gonzaloetjo
testing-security
open
security
2

1password

Complete 1Password CLI (op) for managing secrets, credentials, and secure storage. Use when working with: (1) Retrieving passwords, API keys, and secrets from vaults, (2) Managing items, documents, and secure notes, (3) Injecting secrets into environment variables and config files, (4) Automating credential rotation and management, (5) Accessing SSH keys and certificates, (6) Vault and item CRUD operations, (7) Secret references for CI/CD pipelines, (8) User and group management.

dededecline
dededecline
testing-security
open
security
2

auth-security-validator

Autonomous validation of authentication security. Checks password hashing, cookie configuration, CSRF protection, and session management for OWASP compliance.

hirefrank
hirefrank
testing-security
open
security
2

fullstory-identify-users

Comprehensive guide for implementing Fullstory's User Identification API (setIdentity) across web applications. Teaches proper uid handling, property passing, re-identification behavior, and session management. Includes detailed good/bad examples for login flows, multi-account scenarios, and SPA applications to help developers correctly identify users for analytics and session replay.

fullstorydev
fullstorydev
testing-security
open
security
2

pop-assessment-security

Validates PopKit security posture using concrete vulnerability patterns, automated secret scanning, and OWASP-aligned checklists

jrc1883
jrc1883
testing-security
open
security
2

session-end

Mandatory session close-out with IG audit, AAR, HISTORIAN, and RELEASE_MANAGER. Enforces clean session handoff.

Euda1mon1a
Euda1mon1a
testing-security
open
security
2

mdm-cobordism

macOS MDM with auth manifolds as cobordisms for credential derivation

plurigrid
plurigrid
testing-security
open
security
2

api-hardening

API security hardening patterns. Use when implementing rate limiting, input validation, CORS configuration, API key management, request throttling, or protecting endpoints from abuse. Covers defense-in-depth strategies for REST APIs with practical implementations for Express, FastAPI, and serverless.

jamditis
jamditis
testing-security
open
security
2

meticulous-matt

Meticulous Matt is the Auditor and Security Consultant. Reports ALL issues, no matter how small. Scopes out security risks a mile away - reviews plans and implementations for vulnerabilities. Compulsively honest, documents everything in beads. Can audit skills and user code. Invoke: "Matt, review this" or "Matt, security review this plan".

HakAl
HakAl
testing-security
open
security
2

smack-policy-auditor

Analyzes SMACK policy files for correctness, label conflicts, and access control issues. Verifies mandatory access control rules.

plurigrid
plurigrid
testing-security
open
security
2

better-auth

Implement authentication and authorization with Better Auth - a framework-agnostic TypeScript authentication framework. Features include email/password authentication with verification, OAuth providers (Google, GitHub, Discord, etc.), two-factor authentication (TOTP, SMS), passkeys/WebAuthn support, session management, role-based access control (RBAC), rate limiting, and database adapters. Use when adding authentication to applications, implementing OAuth flows, setting up 2FA/MFA, managing user sessions, configuring authorization rules, or building secure authentication systems for web applications.

vibery-studio
vibery-studio
testing-security
open
security
2

tizen-security-compliance

Maps security requirements to implementation. Coordinates compliance against FIPS 140-3, OCF, CommonCriteria, and Tizen specification.

plurigrid
plurigrid
testing-security
open
security
2

security-review

セキュリティ脆弱性を自動検出する。認証情報のハードコード、コマンドインジェクション、危険なシェル構文などをチェック。

shiiman
shiiman
testing-security
open
Previous
Page 74 / 105
Next