Реклама[ For iPhone / iPad ] 🔥 Невероятные интерактивные обои от Nugget. Вы никогда не видели ничего подобного!
skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 skillsall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
2

code-security-review

Conducts comprehensive security code reviews including vulnerability detection (OWASP Top 10, CWE), authentication/authorization flaws, injection attacks, cryptography issues, sensitive data exposure, API security, dependency vulnerabilities, security misconfigurations, and compliance validation (PCI-DSS, GDPR, HIPAA). Produces detailed security assessment reports with CVE references, CVSS scores, exploit scenarios, and remediation guidance. Use when reviewing code security, performing security audits, checking for vulnerabilities, validating security controls, assessing security risks, or when users mention "security review", "vulnerability scan", "security audit", "penetration test", "OWASP", "security assessment", "secure coding", or "security compliance".

DauQuangThanh
DauQuangThanh
testing-security
open
security
2

vulnerability-scanner

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

whodaniel
whodaniel
testing-security
open
security
2

creating-op-secrets

Creates secrets in 1Password using the op CLI. Use when the user needs to store new passwords, API keys, login credentials, or secure notes in 1Password. Supports Login, Password, API Credential, and Secure Note item types with optional vault selection and password generation.

leefowlercu
leefowlercu
testing-security
open
security
2

secops-engineer

Senior Security Engineer with 12+ years application security experience. Use when implementing authentication/authorization, configuring JWT/OAuth2, conducting security reviews, implementing rate limiting, ensuring GDPR compliance, or performing security scanning.

olehsvyrydov
olehsvyrydov
testing-security
open
security
2

postgres-rls

MANDATORY when touching auth tables, tenant isolation, RLS policies, or multi-tenant database code - enforces Row Level Security best practices and catches common bypass vulnerabilities

troykelly
troykelly
testing-security
open
security
2

security-auditor

Activates when user needs security review, vulnerability scanning, or secure coding guidance. Triggers on "security review", "find vulnerabilities", "is this secure", "check for injection", "security audit", "OWASP", "secure this code", or security-related questions.

always-further
always-further
testing-security
open
security
2

security-audit

Security-focused code audit for healthcare and military contexts. Use when reviewing authentication, authorization, data handling, HIPAA compliance, or OPSEC/PERSEC requirements. Essential for PHI handling and military medical residency schedules.

Euda1mon1a
Euda1mon1a
testing-security
open
security
2

staging-token

Retrieve staging credentials/JWT token for the Aircall dashboard

kentoje
kentoje
testing-security
open
security
2

keycloak-administration

Provides comprehensive KeyCloak administration guidance including realm management, user/group administration, client configuration, authentication flows, identity brokering, authorization policies, security hardening, and troubleshooting. Covers SSO configuration, SAML/OIDC setup, role-based access control (RBAC), user federation (LDAP/AD), social login integration, multi-factor authentication (MFA), and high availability deployments. Use when configuring KeyCloak, setting up SSO, managing realms and clients, troubleshooting authentication issues, implementing RBAC, or when users mention "KeyCloak", "SSO", "OIDC", "SAML", "identity provider", "IAM", "authentication flow", "user federation", "realm configuration", or "access management".

DauQuangThanh
DauQuangThanh
testing-security
open
security
2

oscal-catalog-provider

Fetch official NIST 800-53 and FedRAMP OSCAL catalogs from authoritative sources

euCann
euCann
testing-security
open
security
2

ekkos-vault

Securely store and retrieve credentials. Activate when the user shares an API key, password, token, secret, or any sensitive credential. Also activate when you need to use a stored credential or when the user asks about their stored secrets. All secrets are encrypted with AES-256-GCM.

ekkostech
ekkostech
testing-security
open
security
2

form-security-analyzer

Static security analysis of HTML forms without sending any requests. Checks for CSRF tokens, insecure actions, missing validation, hidden field issues, and common security misconfigurations. Safe to run - no payloads sent. Use when user asks to "analyze form security", "check form for vulnerabilities", "static security check".

naporin0624
naporin0624
testing-security
open
security
2

security-scanner

Scan code and infrastructure for security vulnerabilities and compliance issues

eddiebe147
eddiebe147
testing-security
open
security
2

web-resource-checker

Validates essential web resource files (sitemap.xml, robots.txt, llms.txt, security.txt) for compliance with their specifications. Use when user asks about "sitemap validation", "robots.txt check", "llms.txt", "security.txt", "RFC 9116", "RFC 9309", "web resource audit", "サイトマップ", "セキュリティ", or wants to verify crawler/LLM accessibility files.

naporin0624
naporin0624
testing-security
open
security
2

component-definition-builder

Create and manage OSCAL component definitions for reusable security control implementations. Inspired by CivicActions components and community patterns. Use for building component libraries and shared control implementations.

euCann
euCann
testing-security
open
security
2

advanced-oscal-validator

Perform comprehensive OSCAL validation using community-inspired patterns including JSON schema validation, business rule validation, cross-reference checking, and best practices from IBM Trestle, oscal-pydantic, and Lula. Use for thorough document quality assurance.

euCann
euCann
testing-security
open
security
2

security-patterns

Security patterns for input validation, PII protection, and cryptographic operations

JasonDocton
JasonDocton
testing-security
open
security
1

security-practices

Master secure development, OWASP top 10, testing, and compliance. Use when building secure systems, conducting security reviews, or implementing best practices.

pluginagentmarketplace
pluginagentmarketplace
testing-security
open
security
1

kompliance-x

Performs intelligent compliance audits for software projects. Automatically detects which regulatory frameworks (GDPR, HIPAA, PCI-DSS, CCPA, SOC 2) apply based on project analysis and user context. Provides tiered reports with executive summaries and detailed technical findings. Use when the user asks about compliance, regulatory requirements, security standards, data protection, or wants to audit their codebase for legal/regulatory adherence.

disruptica
disruptica
testing-security
open
security
1

security-assessment

Master security assessments with vulnerability scanning, penetration testing, security testing, and security audits.

spjoshis
spjoshis
testing-security
open
security
1

security-prompts-threat-modeling

Security analysis and threat modeling prompt templates for STRIDE analysis, code review, OWASP compliance, and vulnerability assessment. Use for security planning, pre-deployment reviews, and ongoing threat assessment. Triggers include "STRIDE", "threat model", "security review", "code review", "OWASP", "payment security", "security analysis", "vulnerability assessment".

harperaa
harperaa
testing-security
open
security
1

security-review

A specialist skill for security reviews, threat modeling, and remediation guidance. Use for auth/permissions changes, secrets or PII handling, public endpoints, or dependency upgrades.

nicholasgriffintn
nicholasgriffintn
testing-security
open
security
1

neo-llm-security

AI security co-pilot for identifying, testing, and fixing vulnerabilities in LLM-powered applications. Use when: (1) Securing LLM applications or agents, (2) Generating security test suites with promptfoo, (3) Testing for prompt injection, jailbreaking, data exfiltration, (4) Hardening system prompts, (5) Compliance mapping for OWASP LLM Top 10, NIST AI RMF, CJIS, SOC2, (6) Threat modeling AI systems, (7) Analyzing security eval results, (8) Research on LLM attack/defense techniques. Triggers: "secure my LLM", "prompt injection", "jailbreak test", "AI security", "red team", "system prompt hardening", "LLM vulnerability", "promptfoo", "OWASP LLM", "AI compliance".

Cornjebus
Cornjebus
testing-security
open
Previous
Page 76 / 105
Next