skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 스킬all categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
119

net-jwt-auth

Implement JWT authentication and authorization for ASP.NET Core

mitkox
mitkox
testing-security
open
security
115

better-auth

Guide for implementing Better Auth - a framework-agnostic authentication and authorization framework for TypeScript. Use when adding authentication features like email/password, OAuth, 2FA, passkeys, or advanced auth functionality to applications.

einverne
einverne
testing-security
open
security
109

building-with-cloud-security

Use when implementing Kubernetes security patterns including RBAC, NetworkPolicies, Pod Security Standards, secrets management, image scanning with Trivy, Cosign signing, and Dapr security. Covers 4C model, compliance fundamentals.

panaversity
panaversity
testing-security
open
security
107

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

Microck
Microck
testing-security
open
security
101

react-security

Security practices for React (XSS, Auth, Dependencies).

HoangNguyen0403
HoangNguyen0403
testing-security
open
security
101

nestjs-security

Authentication, RBAC, and Hardening standards.

HoangNguyen0403
HoangNguyen0403
testing-security
open
security
101

nextjs-authentication

Secure token storage (HttpOnly Cookies) and Middleware patterns.

HoangNguyen0403
HoangNguyen0403
testing-security
open
security
94

azure-role-selector

When a user is asking for guidance for which role to assign to an identity given desired permissions, this agent helps them understand the role that will meet the requirements with least privilege access and how to apply that role.

microsoft
microsoft
testing-security
open
security
93

security-patterns

Implement comprehensive security patterns to protect applications against OWASP Top 10 vulnerabilities including XSS, CSRF, SQL injection, authentication bypass, and data exposure. Use when handling user data, implementing authentication and authorization, validating input, encrypting sensitive data, preventing injection attacks, securing API endpoints, managing sessions and tokens, implementing rate limiting, configuring security headers, or building security-critical features that require defense-in-depth protection.

korallis
korallis
testing-security
open
security
90

data-privacy-compliance

Data privacy and regulatory compliance specialist for GDPR, CCPA, HIPAA, and international data protection laws. Use when implementing privacy controls, conducting data protection impact assessments, ensuring regulatory compliance, or managing data subject rights. Expert in consent management, data minimization, and privacy-by-design principles.

aiskillstore
aiskillstore
testing-security
open
security
90

auth

Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures. Framework-agnostic patterns that work with any tech stack.

aiskillstore
aiskillstore
testing-security
open
security
90

api-jwt-authenticator

A conceptual skill for securing FastAPI REST APIs with JWT authentication

aiskillstore
aiskillstore
testing-security
open
security
90

auth-handler

Manage authentication, authorization, and user sessions. Use when dealing with login, sign-up, API protection, middleware, or user data fetching.

aiskillstore
aiskillstore
testing-security
open
security
90

delon-auth-authentication-authorization

Implement authentication and authorization using @delon/auth. Use this skill when adding login/logout flows, JWT token management, role-based access control (RBAC), route guards, HTTP interceptors, and session management. Integrates with Firebase Auth and custom permission systems. Ensures secure token storage, automatic token refresh, and consistent authorization checks across components and services.

aiskillstore
aiskillstore
testing-security
open
security
90

rn-auth

React Native authentication patterns for Expo apps. Use when implementing login flows, Google/Apple sign-in, token management, session handling, or debugging auth issues in Expo/React Native.

aiskillstore
aiskillstore
testing-security
open
security
90

web-auth

Authentication patterns for React web applications. Use when implementing login flows, OAuth, JWT handling, session management, or protected routes in React web apps.

aiskillstore
aiskillstore
testing-security
open
security
90

iac-checkov

Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates. Use when: (1) Scanning IaC files for security misconfigurations and compliance violations, (2) Validating cloud infrastructure against CIS, PCI-DSS, HIPAA, and SOC2 benchmarks, (3) Detecting secrets and hardcoded credentials in IaC, (4) Implementing policy-as-code in CI/CD pipelines, (5) Generating compliance reports with remediation guidance for cloud security posture management.

aiskillstore
aiskillstore
testing-security
open
security
90

sast-horusec

Multi-language static application security testing using Horusec with support for 18+ programming languages and 20+ security analysis tools. Performs SAST scans, secret detection in git history, and provides vulnerability findings with severity classification. Use when: (1) Analyzing code for security vulnerabilities across multiple languages simultaneously, (2) Detecting exposed secrets and credentials in git history, (3) Integrating SAST into CI/CD pipelines for secure SDLC, (4) Performing comprehensive security analysis during development, (5) Managing false positives and prioritizing security findings.

aiskillstore
aiskillstore
testing-security
open
security
90

compliance-checker

Check code against security compliance standards and best practices.

aiskillstore
aiskillstore
testing-security
open
security
90

security-fundamentals

Auto-invoke when reviewing authentication, authorization, input handling, data exposure, or any user-facing code. Enforces OWASP top 10 awareness and security-first thinking.

aiskillstore
aiskillstore
testing-security
open
security
90

global-validation

Implement comprehensive server-side validation with allowlists, type checking, input sanitization, and consistent error messages, while using client-side validation for user experience. Use this skill when validating user input, form data, API requests, implementing security checks, preventing injection attacks, checking data types/formats/ranges, or providing validation feedback. Apply when working with form validation, API endpoint validation, input sanitization, business rule enforcement, or any code that accepts and validates external data to ensure security, data integrity, and proper user feedback across all entry points.

aiskillstore
aiskillstore
testing-security
open
Previous
Page 54 / 105
Next