home/categories/security

category focus

Security

Encryption, auth, and vulnerability scanning.

2506 skillsall categories

sorting

stars

current ordering strategy

query

all entries

refine the visible subset

security

119

net-jwt-auth

Implement JWT authentication and authorization for ASP.NET Core

mitkox

testing-security

open

security

115

Guide for implementing Better Auth - a framework-agnostic authentication and authorization framework for TypeScript. Use when adding authentication features like email/password, OAuth, 2FA, passkeys, or advanced auth functionality to applications.

einverne

testing-security

open

security

109

building-with-cloud-security

Use when implementing Kubernetes security patterns including RBAC, NetworkPolicies, Pod Security Standards, secrets management, image scanning with Trivy, Cosign signing, and Dapr security. Covers 4C model, compliance fundamentals.

panaversity

testing-security

open

security

107

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

Microck

testing-security

open

security

101

react-security

Security practices for React (XSS, Auth, Dependencies).

HoangNguyen0403

testing-security

open

security

101

nestjs-security

Authentication, RBAC, and Hardening standards.

HoangNguyen0403

testing-security

open

security

101

nextjs-data-fetching

Fetch API, Caching, and Revalidation strategies.

HoangNguyen0403

testing-security

open

security

101

flutter-networking-retrofit-dio

HTTP networking standards using Dio and Retrofit with Auth interceptors.

HoangNguyen0403

testing-security

open

security

101

nextjs-authentication

Secure token storage (HttpOnly Cookies) and Middleware patterns.

HoangNguyen0403

testing-security

open

security

azure-role-selector

When a user is asking for guidance for which role to assign to an identity given desired permissions, this agent helps them understand the role that will meet the requirements with least privilege access and how to apply that role.

microsoft

testing-security

open

security

security-patterns

Implement comprehensive security patterns to protect applications against OWASP Top 10 vulnerabilities including XSS, CSRF, SQL injection, authentication bypass, and data exposure. Use when handling user data, implementing authentication and authorization, validating input, encrypting sensitive data, preventing injection attacks, securing API endpoints, managing sessions and tokens, implementing rate limiting, configuring security headers, or building security-critical features that require defense-in-depth protection.

korallis

testing-security

open

security

data-privacy-compliance

Data privacy and regulatory compliance specialist for GDPR, CCPA, HIPAA, and international data protection laws. Use when implementing privacy controls, conducting data protection impact assessments, ensuring regulatory compliance, or managing data subject rights. Expert in consent management, data minimization, and privacy-by-design principles.

aiskillstore

testing-security

open

security

auth

Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures. Framework-agnostic patterns that work with any tech stack.

aiskillstore

testing-security

open

security

api-jwt-authenticator

A conceptual skill for securing FastAPI REST APIs with JWT authentication

aiskillstore

testing-security

open

security

auth-handler

Manage authentication, authorization, and user sessions. Use when dealing with login, sign-up, API protection, middleware, or user data fetching.

aiskillstore

testing-security

open

security

frontend-api-client-with-jwt

A conceptual skill for building an API client in Next.js that handles JWT tokens

aiskillstore

testing-security

open

security

delon-auth-authentication-authorization

Implement authentication and authorization using @delon/auth. Use this skill when adding login/logout flows, JWT token management, role-based access control (RBAC), route guards, HTTP interceptors, and session management. Integrates with Firebase Auth and custom permission systems. Ensures secure token storage, automatic token refresh, and consistent authorization checks across components and services.

aiskillstore

testing-security

open

security

rn-auth

React Native authentication patterns for Expo apps. Use when implementing login flows, Google/Apple sign-in, token management, session handling, or debugging auth issues in Expo/React Native.

aiskillstore

testing-security

open

security

web-auth

Authentication patterns for React web applications. Use when implementing login flows, OAuth, JWT handling, session management, or protected routes in React web apps.

aiskillstore

testing-security

open

security

iac-checkov

Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates. Use when: (1) Scanning IaC files for security misconfigurations and compliance violations, (2) Validating cloud infrastructure against CIS, PCI-DSS, HIPAA, and SOC2 benchmarks, (3) Detecting secrets and hardcoded credentials in IaC, (4) Implementing policy-as-code in CI/CD pipelines, (5) Generating compliance reports with remediation guidance for cloud security posture management.

aiskillstore

testing-security

open

security

sast-horusec

Multi-language static application security testing using Horusec with support for 18+ programming languages and 20+ security analysis tools. Performs SAST scans, secret detection in git history, and provides vulnerability findings with severity classification. Use when: (1) Analyzing code for security vulnerabilities across multiple languages simultaneously, (2) Detecting exposed secrets and credentials in git history, (3) Integrating SAST into CI/CD pipelines for secure SDLC, (4) Performing comprehensive security analysis during development, (5) Managing false positives and prioritizing security findings.

aiskillstore

testing-security

open

security

compliance-checker

Check code against security compliance standards and best practices.

aiskillstore

testing-security

open

security

security-fundamentals

Auto-invoke when reviewing authentication, authorization, input handling, data exposure, or any user-facing code. Enforces OWASP top 10 awareness and security-first thinking.

aiskillstore

testing-security

open

security

global-validation

Implement comprehensive server-side validation with allowlists, type checking, input sanitization, and consistent error messages, while using client-side validation for user experience. Use this skill when validating user input, form data, API requests, implementing security checks, preventing injection attacks, checking data types/formats/ranges, or providing validation feedback. Apply when working with form validation, API endpoint validation, input sanitization, business rule enforcement, or any code that accepts and validates external data to ensure security, data integrity, and proper user feedback across all entry points.

aiskillstore

testing-security

open

Page 54 / 105