home/categories/security

category focus

Security

Encryption, auth, and vulnerability scanning.

2506 스킬all categories

sorting

stars

current ordering strategy

query

all entries

refine the visible subset

security

gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

rmyndharis

testing-security

open

security

input-validation-sanitization-auditor

Identifies and fixes XSS, SQL injection, and command injection vulnerabilities with validation schemas, sanitization libraries, and safe coding patterns. Use for "input validation", "XSS prevention", "SQL injection", or "sanitization".

patricio0312rev

testing-security

open

security

security-architect

Comprehensive security architecture combining threat modeling, security-first design, secure coding review, and compliance validation. Consolidated from threat-modeling, security-first-design, secure-coding-review, and compliance-validator.

daffy0208

testing-security

open

security

ask-questions-if-underspecified

Clarify requirements before implementing. Do not use automatically, only when invoked explicitly.

zby

testing-security

open

security

security-engineer

Implement security best practices across the application stack. Use when securing APIs, implementing authentication, preventing vulnerabilities, or conducting security reviews. Covers OWASP Top 10, auth patterns, input validation, encryption, and security monitoring.

daffy0208

testing-security

open

security

fact-check

Verify claims in generated output against sources. Use as a separate pass AFTER content generation to catch hallucinations. Critical constraint - cannot be reliably combined with generation in a single pass.

jwynia

testing-security

open

security

link-checker

Find and fix broken or insecure links across an entire site, including CMS content, to improve SEO and user experience. Audits HTTP/HTTPS issues and validates all internal and external links.

webflow

testing-security

open

security

deployment-validation-config-validate

You are a configuration management expert specializing in validating, testing, and ensuring the correctness of application configurations. Create comprehensive validation schemas, implement configurat

rmyndharis

testing-security

open

security

secrets-scanner

Detects leaked API keys, tokens, passwords, and credentials in code with pre-commit hooks, CI checks, scanning rules, and remediation procedures. Use for "secret scanning", "credential detection", "API key leaks", or "secret management".

patricio0312rev

testing-security

open

security

oauth2-oidc-implementer

Implements OAuth 2.0 and OpenID Connect authentication flows with secure token handling and provider integration. Use when users request "OAuth setup", "OIDC implementation", "social login", "SSO integration", or "authentication flow".

patricio0312rev

testing-security

open

security

rbac-permissions-builder

Implements role-based access control with permission matrix, route guards, policy functions, and UI permission hints. Provides middleware/guards, helper utilities, test suggestions, and permission checking patterns. Use when building "RBAC", "permissions", "access control", or "authorization".

patricio0312rev

testing-security

open

security

auth-js

Production-ready Auth.js v5 setup for Next.js and Cloudflare Workers. Use when: setting up authentication, implementing OAuth/credentials/magic links, configuring D1 or PostgreSQL adapters, debugging session issues, migrating from v4 to v5, fixing edge compatibility, troubleshooting JWT/database sessions, resolving AUTH_SECRET errors, fixing CallbackRouteError, or implementing RBAC. Covers: Next.js App Router & Pages Router, Cloudflare Workers + D1, OAuth providers (GitHub, Google, etc.), credentials auth, magic links, JWT vs database sessions, middleware patterns, role-based access control, token refresh, edge runtime compatibility, and common error prevention. Keywords: Auth.js, NextAuth.js, authentication, OAuth, credentials, magic links, D1 adapter, Cloudflare Workers, Next.js middleware, JWT session, database session, refresh tokens, RBAC, edge compatibility, AUTH_SECRET, CallbackRouteError, CredentialsSignin, JWEDecryptionFailed, session not updating, route protection

jackspace

testing-security

open

security

auth-security-reviewer

Reviews authentication and authorization implementation for session management, CSRF, cookie security, and auth flow vulnerabilities with findings, severity assessment, and fix recommendations. Use for "auth review", "session security", "CSRF protection", or "authentication audit".

patricio0312rev

testing-security

open

security

auth-patterns

Better-auth integration for authentication. Use when implementing login, registration, protected routes, or email verification.

spences10

testing-security

open

security

threat-modeling

Structured security analysis using OWASP Four-Question Framework and STRIDE methodology. Generates threat matrices with risk ratings, mitigations, and prioritization. Use for attack surface analysis, security architecture review, or when asking what can go wrong.

rjmurillo

testing-security

open

security

llm-security

Security guidelines for LLM applications based on OWASP Top 10 for LLM 2025. Use when building LLM apps, reviewing AI security, implementing RAG systems, or asking about LLM vulnerabilities like "prompt injection" or "check LLM security".

semgrep

testing-security

open

security

backend-auth-js

Authentication library for Next.js applications (NextAuth.js v5). Use when building Next.js 14+ apps that need OAuth providers (GitHub, Google, etc.), credentials login, or session management. Provides adapters for Prisma, Drizzle, and other databases. Choose Auth.js over Passport.js for Next.js App Router projects.

petbrains

testing-security

open

security

authentication-security

Автоматизация JWT аутентификации, Telegram OAuth и security middleware

ikeniborn

testing-security

open

security

backend-passport-js

Authentication middleware for Express.js and Node.js applications. Use when building Express APIs that need JWT authentication, OAuth, or custom auth strategies. Provides 500+ authentication strategies. Choose Passport.js over Auth.js for Express backends, pure API servers, or when you need maximum control over auth flow.

petbrains

testing-security

open

security

ask-questions-if-underspecified

Clarify requirements before implementing. Do not use automatically, only when invoked explicitly.

clawdbot

testing-security

open

security

auditing-permission-ux

Audits notification permission request flows. Use when reviewing or improving permission prompts, settings paths, or denial handling.

clix-so

testing-security

open

security

enforcement

Use when implementing hooks that BLOCK invalid actions, creating quality gates for state transitions, or enforcing tested:true verification. Load when designing enforcement mechanisms. Uses exit code 2 to block, JSON permissionDecision:deny, or updatedInput modification. Rules are instructions; hooks are enforcement.