security
0
dependency-security
Dependency security scanning. Use when auditing npm packages for vulnerabilities.
IvanTorresEdge
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
0
error-handling-reviewer
Review test cases for OAuth/OIDC error handling. Covers authorization endpoint errors, token endpoint errors, error response formats, HTTP status codes, and all error codes per OAuth 2.1 and OIDC Core 1.0.
maronnjapan
testing-security
security
0
owasp-top10-2025
OWASP Top 10:2025 웹 보안 취약점 가이드. 보안 전문가 서브에이전트가 코드 리뷰, 보안 감사, 취약점 분석 시 참조하는 스킬. A01 Broken Access Control부터 A10 Mishandling of Exceptional Conditions까지 10가지 주요 웹 보안 위협에 대한 배경, 설명, 예방법, 공격 시나리오, 관련 CWE 정보 제공.
onepunch-tk
testing-security
security
0
auditproxy-audit-session
Issues a proxy audit verdict for a session.
venikman
testing-security
security
0
ad-security-reviewer
Use when user needs Active Directory security analysis, privileged group design review, authentication policy assessment, or delegation and attack surface evaluation across enterprise domains.
404kidwiz
testing-security
security
0
global-validation
Implement server-side validation with allowlists, specific error messages, type checking, and sanitization to prevent security vulnerabilities and ensure data integrity. Use this skill when creating or editing form request classes, when validating API inputs, when implementing validation rules in controllers or services, when writing client-side validation for user experience, when sanitizing user input to prevent injection attacks, when validating business rules, when implementing error message display, or when ensuring consistent validation across all application entry points.
DevanB
testing-security
security
0
security-compliance
Implement comprehensive security for shared library. Use when working with security audits, dependency vulnerabilities, API security, token encryption, or secure coding practices for library consumers. Library security impacts all consuming plugins.
RicherTunes
testing-security
security
0
bandit-security-scan
Run Bandit security analysis to find common security issues and vulnerabilities in Python code. Use when the user mentions Bandit, security analysis, vulnerability scanning, security audit, software composition analysis (SCA), or wants to check for security issues in Python code.
visgwu
testing-security
security
0
moai-foundation-trust
Validates TRUST 5-principles (Test 85%+, Readable, Unified, Secured, Trackable). Use when aligning with TRUST governance.
kivo360
testing-security
security
0
auth-expert
Senior expert in Auth.js v5 (NextAuth), Edge-First authentication and security.
YuniorGlez
testing-security
security
0
session-management
Clerk session handling, JWT verification, token management, and multi-session workflows. Use when implementing session validation, JWT claims customization, token refresh patterns, session lifecycle management, or when user mentions session errors, authentication tokens, JWT verification, multi-device sessions, or session security.
vanman2024
testing-security
security
0
agentuity-cli-auth-whoami
Display information about the currently authenticated user. Requires authentication. Use for managing authentication credentials
agentuity
testing-security
security
0
security-practices
Security best practices for Python development. Activated when working with security concerns, input validation, injection prevention, or threat modeling.
tbhb
testing-security
security
0
astroapps-client-msal
Microsoft Authentication Library (MSAL) integration for @astroapps/client with Azure AD/Entra ID authentication. Use when building React apps that need Azure AD authentication with popup or redirect flows.
astrolabe-apps
testing-security
security
0
ip-whitelist
Manage IP whitelist for Provider Nexus API clients using TypeScript scripts that make curl calls to the admin API endpoints.
chaddm
testing-security
security
0
session-management
Implement database-backed session management with cookie handling, audit trails, and multiple device support. Use when building authentication systems that need session tracking, device management, or security audit capabilities.
rbarazi
testing-security
security
0
anti-scraping
Use when need to bypass Cloudflare protection, scrape websites with anti-bot measures, render JavaScript pages, or simulate real browser behavior for web scraping
aixier
testing-security
security
0
agentuity-cli-cloud-secret-set
Set a secret. Requires authentication. Use for Agentuity cloud platform operations
agentuity
testing-security
security
0
go-security-patterns
This skill should be used when the user asks about "gosec", "G115", "G404", "integer overflow", "weak random", "crypto/rand", "security lint", "hardcoded credentials", or needs guidance on fixing Go security vulnerabilities. Provides patterns for common security anti-patterns.
dkoosis
testing-security
security
0
self-managed-cryptography
Security pattern for systems that manage cryptographic keys themselves rather than delegating to an external service. Use when the application must store, retrieve, and manage cryptographic keys directly. Implementation of Cryptographic Key Management pattern. Covers key storage security, key derivation from passwords, limiting key exposure, and protecting key confidentiality and integrity throughout the lifecycle.
igbuend
testing-security