Реклама[ For iPhone / iPad ] 🔥 Невероятные интерактивные обои от Nugget. Вы никогда не видели ничего подобного!
skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 skillsall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
0

security-hardening

OWASP Top 10に準拠したセキュアなコード実装を支援。入力検証、認証・認可、 セキュアなエラーハンドリング、SQL/XSS/CSRF対策などのセキュリティ強化を実施。 「セキュリティチェック」「脆弱性スキャン」「OWASP準拠」などの指示で起動。

stkhr
stkhr
testing-security
open
security
0

verifiable-token-based-authentication

Security pattern for self-contained token authentication (e.g., JWT). Use when implementing stateless authentication, designing tokens with embedded claims, or building systems where tokens contain principal information and can be verified without server-side storage. Specialization of Authentication pattern.

igbuend
igbuend
testing-security
open
security
0

ttl-policy

Manage Time-To-Live policies for framework content freshness

ekson73
ekson73
testing-security
open
security
0

weavr-ui

Use when implementing Weavr UI components for secure payment flows, authentication (password/passcode), KYC/KYB verification, or card display

mcclowes
mcclowes
testing-security
open
security
0

reviewing-authentication-and-authorization-security

Use when reviewing authentication or authorization code. Provides comprehensive security guidance on JWT validation, token exchange, OAuth 2.0/2.1 compliance, PKCE, Resource Indicators, MCP authorization, session management, and API authentication. Covers critical vulnerabilities including token forwarding, audience validation, algorithm confusion, confused deputy attacks, and authentication bypass. Invoke when analyzing any authentication, authorization, or access control code changes.

bbrowning
bbrowning
testing-security
open
security
0

consent-integrate-production

Use this skill when integrating an external Go project with a production consent identity server. Triggers include setting up authentication, protecting routes with tokens, handling OAuth authorization codes, configuring ECDSA public keys, implementing CSRF protection, or connecting to a consent server.

jakintosh
jakintosh
testing-security
open
security
0

check-env

Validates environment configuration across all Diby applications. Checks that .env files exist, required variables are defined, no empty values for critical settings, and warns about insecure defaults. Covers web-app, admin-dashboard, api-gateway, auth-service, and analytics-service.

AndrijaSkontra
AndrijaSkontra
testing-security
open
security
0

fullstory-anonymize-users

Comprehensive guide for implementing Fullstory's User Anonymization API (setIdentity with anonymous:true) for web applications. Teaches proper logout handling, session management, privacy compliance, and user switching scenarios. Includes detailed good/bad examples for logout flows, multi-user applications, and privacy-conscious implementations.

rcmaples
rcmaples
testing-security
open
security
0

global-validation

Implement comprehensive input validation on both client and server sides with clear error messages, type checking, and sanitization to prevent security vulnerabilities. Use this skill when validating user input, implementing form validation, checking data types and formats, sanitizing input to prevent injection attacks (SQL, XSS, command injection), validating business rules, providing field-specific error messages, implementing server-side validation for all entry points (API endpoints, web forms, background jobs), using client-side validation for immediate user feedback, applying allowlists over blocklists, validating ranges and required fields, or ensuring consistent validation across the application. Apply this skill when handling any user input, building forms, creating API endpoints, or reviewing code for security and data integrity.

pdovhomilja
pdovhomilja
testing-security
open
security
0

firebase-auth

Implements Firebase Authentication with email, OAuth, phone auth, and custom tokens. Use when building apps with Firebase, needing flexible auth methods, or integrating with Firebase ecosystem.

mgd34msu
mgd34msu
testing-security
open
security
0

ops-identity-hygiene

Active Directory operational hygiene analyzer for OpsIdentity project. Detects administrative disorder, architectural debt, and suboptimal configurations—not offensive security. Use when (1) improving OpsIdentity PowerShell collection functions, (2) adding AI analysis prompts to server.js, (3) analyzing coverage gaps against 87 industry metrics, (4) implementing smart filtering or anti-hallucination rules. Triggers on AD health, GPO analysis, replication, trusts, token size, FSMO, site topology, DNS/DHCP hygiene, or requests to analyze existing OpsIdentity code.

gilberth
gilberth
testing-security
open
security
0

authentication-authorization

ログイン、セッション、JWT、OAuth、アクセス制御を実装する際に使用。

TakumiOkayasu
TakumiOkayasu
testing-security
open
securitymarketplace
0

local-ssl

Enable HTTPS for local development with trusted SSL certificates. Use when developers need to test SSL/TLS features, work with third-party APIs requiring HTTPS, or simulate production environments. Supports mkcert, OpenSSL, and automatic certificate trust configuration for macOS, Linux, and Windows.

caseymanos
caseymanos
testing-security
open
security
0

secure-coding

Security best practices for Go applications. Use when writing security-sensitive code.

IvanTorresEdge
IvanTorresEdge
testing-security
open
security
0

better-auth-v2

Production-ready authentication system using Better Auth v2 with latest features. Includes OAuth providers, advanced RBAC, multi-tenant support, and security best practices.

MrOwaisAbdullah
MrOwaisAbdullah
testing-security
open
security
0

wasp-auth

Complete Wasp authentication setup and user management. Use when implementing auth, setting up login/signup, or working with user authentication. Includes minimal User model, auth configuration, helper functions, and protected routes.

ToonVos
ToonVos
testing-security
open
security
0

privacy-encryption

Encrypts patient payload using AES-256-GCM cryptographic algorithm for HIPAA compliance

do-ops885
do-ops885
testing-security
open
security
0

rate-limiting-patterns

Redis-based rate limiting implementations with token bucket, leaky bucket, and sliding window algorithms. Use when implementing API rate limiting, throttling, or request quota management.

vanman2024
vanman2024
testing-security
open
security
0

system-security

This skill should be used when implementing authentication, authorization, API security, or securing systems. It provides guidance on authentication methods (JWT, OAuth 2.0), authorization models (RBAC, ABAC, ACL), and API security techniques (rate limiting, CORS, injection prevention).

thependalorian
thependalorian
testing-security
open
security
0

moai-core-env-security

Environment variable security, secrets management, and secure credential handling for MoAI-ADK projects

jg-chalk-io
jg-chalk-io
testing-security
open
security
0

security-scanner

Comprehensive security scanning for SAST, secrets, OWASP vulnerabilities, container and IaC security

nikhillinit
nikhillinit
testing-security
open
security
0

using-loaded-knowledge

MANDATORY protocol enforcing knowledge check before EVERY response - prevents explaining systems without reading docs, claiming without verification, and ignoring auto-loaded context

adilkalam
adilkalam
testing-security
open
security
0

security-audit-checklist

Provides exhaustive security vulnerability checklists with severity classifications, point deductions, and detection commands. Use when performing security audits, code reviews, penetration testing preparation, or checking OWASP compliance.

mgd34msu
mgd34msu
testing-security
open
security
0

token-usage

Sprawdzenie zużycia tokenów/kontekstu w sesji. Triggers: token usage, ile tokenów, ile zostało

kmylpenter
kmylpenter
testing-security
open
Previous
Page 93 / 105
Next