security
770
cloud-storage
Cloud storage integration with signed URLs, visibility control, multi-tenant path conventions, and presigned uploads for direct client uploads.
dadbodgeoff
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
770
oauth-social-login
Implement OAuth 2.0 social login with Google, GitHub, and other providers. Handles token exchange, user creation, and account linking.
dadbodgeoff
testing-security
security
770
row-level-security
Implement PostgreSQL Row Level Security (RLS) for multi-tenant SaaS applications. Use when building apps where users should only see their own data, or when implementing organization-based data isolation.
dadbodgeoff
testing-security
security
770
supabase-auth
Implement Supabase authentication with SSR support. Email/password auth with automatic session management via cookies. Includes login, signup, email confirmation, and user profiles.
dadbodgeoff
testing-security
security
762
vibesec-skill
This skill helps Claude write secure web applications. Use this when working on any web application or when a user requests a scan or audit to ensure security best practices are followed.
BehiSecc
testing-security
security
761
dotnet-devcert-trust
Diagnose and fix .NET HTTPS dev certificate trust issues on Linux. Covers the full certificate lifecycle from generation to system CA bundle inclusion, with distro-specific guidance for Ubuntu, Fedora, Arch, and WSL2.
Aaronontheweb
testing-security
security
759
signing-entitlements
Inspect signing, entitlements, hardened runtime, and Gatekeeper issues for macOS apps. Use when asked to diagnose code signing failures, missing entitlements, sandbox problems, notarization prerequisites, or trust-policy launch errors.
openai
testing-security
security
759
netlify-identity
Use when the task involves authentication, user signups, logins, password recovery, OAuth providers, role-based access control, or protecting routes and functions. Always use `@netlify/identity`. Never use `netlify-identity-widget` or `gotrue-js` — they are deprecated.
openai
testing-security
security
759
sign-in-with-vercel
Sign in with Vercel guidance — OAuth 2.0/OIDC identity provider for user authentication via Vercel accounts. Use when implementing user login with Vercel as the identity provider.
openai
testing-security
security
735
wsdiscovery
WS-Discovery protocol scanner for discovering and enumerating ONVIF cameras and IoT devices on the network. Use when you need to discover ONVIF devices, cameras, or WS-Discovery enabled equipment on a network.
BrownFineSecurity
testing-security
security
719
noise-reduction-integration
Add or modify noise-reduction providers in assistant-api with denoiser factory wiring, packet safety, and UI option compatibility.
rapidaai
testing-security
security
711
api-fuzzing-for-bug-bounty
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.
sickn33
testing-security
security
711
idor-vulnerability-testing
This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive guidance for detecting, exploiting, and remediating IDOR vulnerabilities in web applications.
sickn33
testing-security
security
710
gws-install
Quick install of the Google Workspace CLI (gws) on an additional machine using existing OAuth credentials. Requires client_secret.json from a previous gws-setup. Use when setting up gws on a new computer, reinstalling after a fresh OS, or configuring a second workstation. Triggers: "install gws", "gws on new machine", "gws install", "set up gws again".
jezweb
testing-security
security
709
run-toolset-tests
Run the razor-toolset-ci pipeline to validate the current branch against large third-party repositories (MudBlazor, OrchardCore, ASP.NET Core, etc.). Use when asked to run toolset tests, ecosystem tests, or third-party validation.
dotnet
testing-security
security
707
ask-questions-if-underspecified
Clarify requirements before implementing. Do not use automatically, only when invoked explicitly.
Dicklesworthstone
testing-security
security
707
send-request
Send HTTP requests with automatic configuration and authentication. Use when testing APIs, webhooks, or any HTTP endpoint.
Dicklesworthstone
testing-security
security
707
databricks-install-auth
Install and configure Databricks CLI and SDK authentication. Use when setting up a new Databricks integration, configuring tokens, or initializing Databricks in your project. Trigger with phrases like "install databricks", "setup databricks", "databricks auth", "configure databricks token", "databricks CLI".
Dicklesworthstone
testing-security
security
707
documenso-install-auth
Install and configure Documenso SDK/API authentication. Use when setting up a new Documenso integration, configuring API keys, or initializing Documenso in your project. Trigger with phrases like "install documenso", "setup documenso", "documenso auth", "configure documenso API key".
Dicklesworthstone
testing-security
security
707
evernote-install-auth
Install and configure Evernote SDK and OAuth authentication. Use when setting up a new Evernote integration, configuring API keys, or initializing Evernote in your project. Trigger with phrases like "install evernote", "setup evernote", "evernote auth", "configure evernote API", "evernote oauth".
Dicklesworthstone
testing-security
security
707
evernote-security-basics
Implement security best practices for Evernote integrations. Use when securing API credentials, implementing OAuth securely, or hardening Evernote integrations. Trigger with phrases like "evernote security", "secure evernote", "evernote credentials", "evernote oauth security".
Dicklesworthstone
testing-security
security
707
guidewire-install-auth
Install and configure Guidewire InsuranceSuite development environment and Cloud API authentication. Use when setting up a new Guidewire integration, configuring OAuth2 credentials, registering with Guidewire Hub, or initializing Guidewire Studio. Trigger with phrases like "install guidewire", "setup guidewire", "guidewire auth", "configure guidewire API", "guidewire cloud credentials".
Dicklesworthstone
testing-security