skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 स्किल्सall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
1K

analyzing-security-headers

This skill analyzes HTTP security headers of a given domain to identify potential vulnerabilities and misconfigurations. It provides a detailed report with a grade, score, and recommendations for improvement. Use this skill when the user asks to "analyze security headers", "check HTTP security", "scan for security vulnerabilities", or requests a "security audit" of a website. It will automatically activate when security-related keywords are used in conjunction with domain names or URLs.

jeremylongshore
jeremylongshore
testing-security
open
security
1K

analyzing-security-headers

Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations. Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications. Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".

jeremylongshore
jeremylongshore
testing-security
open
security
1K

apple

Emulated Sign in with Apple / Apple OIDC for local development and testing. Use when the user needs to test Apple sign-in locally, emulate Apple OIDC discovery, handle Apple token exchange, configure Apple OAuth clients, or work with Apple userinfo without hitting real Apple APIs. Triggers include "Apple OAuth", "emulate Apple", "mock Apple login", "test Apple sign-in", "Sign in with Apple", "Apple OIDC", "local Apple auth", or any task requiring a local Apple OAuth/OIDC provider.

vercel-labs
vercel-labs
testing-security
open
security
1K

google

Emulated Google OAuth 2.0, OpenID Connect, Gmail, Calendar, and Drive for local development and testing. Use when the user needs to test Google sign-in locally, emulate OIDC discovery, handle Google token exchange, configure Google OAuth clients, work with Gmail messages/drafts/threads/labels, manage Calendar events, upload or list Drive files, or work with Google userinfo without hitting real Google APIs. Triggers include "Google OAuth", "emulate Google", "mock Google login", "test Google sign-in", "OIDC emulator", "Google OIDC", "Gmail API", "Google Calendar", "Google Drive", "local Google auth", or any task requiring a local Google API.

vercel-labs
vercel-labs
testing-security
open
security
1K

microsoft

Emulated Microsoft Entra ID (Azure AD) OAuth 2.0 / OpenID Connect for local development and testing. Use when the user needs to test Microsoft sign-in locally, emulate Entra ID OIDC discovery, handle Microsoft token exchange, configure Azure AD OAuth clients, work with Microsoft Graph /me, or test PKCE/client credentials flows without hitting real Microsoft APIs. Triggers include "Microsoft OAuth", "Entra ID", "Azure AD", "emulate Microsoft", "mock Microsoft login", "test Microsoft sign-in", "Microsoft OIDC", "local Microsoft auth", or any task requiring a local Microsoft OAuth/OIDC provider.

vercel-labs
vercel-labs
testing-security
open
security
992

winapp-identity

Enable Windows package identity for desktop apps to access Windows APIs like push notifications, background tasks, share target, and startup tasks. Use when adding Windows notifications, background tasks, or other identity-requiring Windows features to a desktop app.

microsoft
microsoft
testing-security
open
security
992

winapp-signing

Create and manage code signing certificates for Windows apps and MSIX packages. Use when generating a certificate, signing a Windows app or installer, or fixing certificate trust issues.

microsoft
microsoft
testing-security
open
security
987

auth-nodejs-cloudbase

CloudBase Node SDK auth guide for server-side identity, user lookup, and custom login tickets. This skill should be used when Node.js code must read caller identity, inspect end users, or bridge an existing user system into CloudBase; not when configuring providers or building client login UI.

TencentCloudBase
TencentCloudBase
testing-security
open
security
987

auth-tool-cloudbase

CloudBase auth provider configuration and login-readiness guide. This skill should be used when users need to inspect, enable, disable, or configure auth providers, publishable-key prerequisites, login methods, SMS/email sender setup, or other provider-side readiness before implementing a client or backend auth flow.

TencentCloudBase
TencentCloudBase
testing-security
open
security
987

auth-web-cloudbase

CloudBase Web Authentication Quick Guide for frontend integration after auth-tool has already been checked. Provides concise and practical Web authentication solutions with multiple login methods and complete user management.

TencentCloudBase
TencentCloudBase
testing-security
open
security
987

auth-wechat-miniprogram

CloudBase WeChat Mini Program native authentication guide. This skill should be used when users need mini program identity handling, OPENID/UNIONID access, or `wx.cloud` auth behavior in projects where login is native and automatic.

TencentCloudBase
TencentCloudBase
testing-security
open
security
946

ssh-penetration-testing

This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.

benchflow-ai
benchflow-ai
testing-security
open
security
946

jackson-security

Security considerations for Jackson JSON deserialization in Java applications. Covers timing of validation, raw input interception, and common deserialization attack patterns.

benchflow-ai
benchflow-ai
testing-security
open
security
946

spring-security-6

Migrate Spring Security 5 to Spring Security 6 configuration. Use when removing WebSecurityConfigurerAdapter, replacing @EnableGlobalMethodSecurity with @EnableMethodSecurity, converting antMatchers to requestMatchers, or updating to lambda DSL configuration style. Covers SecurityFilterChain beans and authentication manager changes.

benchflow-ai
benchflow-ai
testing-security
open
security
934

auth-http-api-cloudbase

Use when you need to implement CloudBase Auth v2 over raw HTTP endpoints (login/signup, tokens, user operations) from backends or scripts that are not using the Web or Node SDKs.

TencentCloudBase
TencentCloudBase
testing-security
open
security
934

auth-web-cloudbase

Complete guide for CloudBase Auth v2 using Web SDK (@cloudbase/js-sdk@2.x) - all login flows, user management, captcha handling, and best practices in one file.

TencentCloudBase
TencentCloudBase
testing-security
open
security
934

auth-nodejs-cloudbase

Complete guide for CloudBase Auth using the CloudBase Node SDK – caller identity, user lookup, custom login tickets, and server-side best practices.

TencentCloudBase
TencentCloudBase
testing-security
open
security
934

auth-wechat-miniprogram

Complete guide for WeChat Mini Program authentication with CloudBase - native login, user identity, and cloud function integration.

TencentCloudBase
TencentCloudBase
testing-security
open
security
915

owasp-agentic

OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
security
915

owasp-cicd

OWASP CI/CD Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in continuous integration and continuous delivery environments - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
security
915

owasp-infrastructure

OWASP Infrastructure Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in internal IT infrastructure environments - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
security
915

owasp-llm

OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in large language model systems - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
security
915

owasp-mcp

OWASP MCP Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in Model Context Protocol environments - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
security
915

owasp-top-10

OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.

microsoft
microsoft
testing-security
open
Previous
Page 48 / 105
Next