security
0
file-upload-handling
Implement secure file uploads with validation, size limits, type checking, virus scanning, and UUID naming. Use when handling file uploads like profile photos, documents, or resources.
PrasadTelasula
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
0
seo-security-guardrails
Checklists mínimos obligatorios de SEO y seguridad antes de confirmar cambios en archivos sensibles.
pqem
testing-security
security
0
laravel-auth
Implement authentication with Sanctum, Passport, Socialite, Fortify, policies, and gates. Use when setting up user authentication, API tokens, social login, or authorization.
fusengine
testing-security
security
0
moai-domain-security
OWASP Top 10, SAST/DAST, dependency security, and secrets management.
kivo360
testing-security
security
0
authentication-security-pattern
Security pattern for implementing authentication in software systems. Use when designing or reviewing authentication mechanisms, implementing login systems, verifying user identity, protecting system access, or addressing OWASP authentication flaws. Provides guidance on enforcers, verifiers, evidence providers, subject registration, credential management, and security considerations.
igbuend
testing-security
security
0
security-audit
Security vulnerability scanning and audit. Use when user needs security check, dependency updates, vulnerability scan, or says "check security", "audit code", "security vulnerabilities", "update gems", "CVE check".
GangWooLee
testing-security
security
0
agentuity-cli-auth-logout
Logout of the Agentuity Cloud Platform. Use for managing authentication credentials
agentuity
testing-security
security
0
auth-web-cloudbase
Complete guide for CloudBase Auth v2 using Web SDK (@cloudbase/js-sdk@2.x) - all login flows, user management, captcha handling, and best practices in one file.
sycsky
testing-security
security
0
encrypted-tunnel
Security pattern for channel-level encryption (TLS/SSH). Use when implementing HTTPS, securing all communication between endpoints, setting up TLS connections, or when infrastructure should handle encryption transparently. Addresses "Leak action request or data in transit" problem.
igbuend
testing-security
security
0
web-security-expert
Expert knowledge of web application security including OWASP Top 10 vulnerabilities, input validation, authentication, authorization, API security, secrets management, security headers, and secure coding practices. Use when implementing security features, reviewing code for vulnerabilities, adding authentication, validating user input, or addressing security concerns.
WebDev70
testing-security
security
0
fact-check
Verify claims in generated output against sources. Use as a separate pass AFTER content generation to catch hallucinations. Critical constraint - cannot be reliably combined with generation in a single pass.
jwynia
testing-security
security
0
microservice-auth
IOE-DREAM微服务认证架构规范。涵盖Gateway集中认证(JWT验证、Token黑名单)、业务层授权(@PermissionCheck注解)、Spring Security依赖管理(业务服务排除)、Gateway身份头转发(X-User-Id等HTTP头)、RBAC规则引擎。使用时机:实现权限验证、配置Gateway、调试认证问题时。
wilson323
testing-security
security
0
security-engineer
Audits RLS policies, validates security implementations, and identifies vulnerabilities
oehm-smith
testing-security
security
0
login-redirector
Handle WordPress login/logout redirects. Use when implementing custom redirect logic.
dreamworks2050
testing-security
security
0
hsm-security-audit
Comprehensive security verification - audit dependencies, check for vulnerabilities, verify constant-time ops
stxkxs
testing-security
security
0
openwebf-security-remote-content
Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.
archview-ai
testing-security
security
0
astrolabe-local-users
.NET library for local user authentication with email verification, MFA, password resets, and account management. Use when implementing username/password authentication instead of external OAuth providers.
astrolabe-apps
testing-security
security
0
secrets-hunter
Hunt for hardcoded secrets, API keys, tokens, credentials, private keys, and sensitive configuration. Use when auditing code for credential exposure or before committing code.
MAF2414
testing-security
security
0
public-source-gating
Enforce public-sources-only verification for legal authority checking and hallucination classification.
jamescockburn47
testing-security
security
0
security-validation
Comprehensive security validation for password generator applications. Use when auditing, implementing, or reviewing security measures for password handling and generation.
yldgio
testing-security
security
0
building-mcp-servers
Use when building MCP servers in TypeScript, Python, or C#; when implementing tools, resources, or prompts; when configuring Streamable HTTP transport; when migrating from SSE; when adding OAuth authentication; when seeing MCP protocol errors
mhagrelius
testing-security
security
0
security-engineer
Application security, vulnerability assessment ve secure coding practices için kullanılır. Authentication, authorization, OWASP Top 10 ve security audit konularında uzman.
kafkaspanel1
testing-security
security
0
iso27001-controls
Эксперт ISO 27001. Используй для ISMS, security controls и compliance implementation.
dengineproblem
testing-security