skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 اسکلزall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
11

current-date

Gets, checks, and verifies the current UTC date and time for unambiguous temporal reference. Use when starting tasks, verifying temporal context, ensuring date awareness before time-sensitive operations, or when incorrect date assumptions are detected.

melodic-software
melodic-software
testing-security
open
security
11

api-fuzzing-for-bug-bounty

This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.

zebbern
zebbern
testing-security
open
security
11

security-review

Security audit for changes touching secrets, services, terraform, or hosts.

codgician
codgician
testing-security
open
security
10

gitlab-stack-secrets-manager

Manages Docker secrets for GitLab stack projects, ensuring secrets are never in .env or docker-compose.yml, properly stored in ./secrets directory, and securely integrated with Docker secrets. Use when users need to create secrets, migrate from environment variables, validate secret configuration, audit secret usage, or ensure secrets are never committed to git.

rknall
rknall
testing-security
open
security
10

ca-policy-investigation

Use this skill when asked to investigate Conditional Access policy changes, sign-in failures related to CA policies (error codes 53000, 50074, 530032), or suspected policy bypass/manipulation. Triggers on keywords like "Conditional Access", "CA policy", "device compliance", "policy bypass", "53000", "50074", or when investigating why a user was blocked then suddenly unblocked. This skill provides forensic analysis of CA policy modifications correlated with sign-in failures.

SCStelz
SCStelz
testing-security
open
security
10

security-patterns

Security best practices, API key management, input validation. Use when handling secrets, user input, or security-sensitive code.

akaszubski
akaszubski
testing-security
open
security
10

laravel-validation

Form request validation and comprehensive validation testing. Use when working with validation rules, form requests, validation testing, or when user mentions validation, form requests, validation rules, conditional validation, validation testing.

leeovery
leeovery
testing-security
open
security
10

id-generator

Generate intelligent session IDs based on detected content source type. Analyzes ContentSummary and creates meaningful IDs (podcast-xyz, transcript-abc, etc.).

memorysaver
memorysaver
testing-security
open
security
10

encore-auth

Implement authentication with auth handlers and gateways in Encore.ts.

encoredev
encoredev
testing-security
open
security
10

authentication-tracing

Use this skill when asked to trace authentication flows, analyze SessionId chains, investigate token reuse vs interactive MFA, or assess geographic anomalies in sign-ins. Triggers on keywords like "trace authentication", "trace back to interactive MFA", "SessionId analysis", "token reuse", "geographic anomaly", "impossible travel", or when investigating suspicious sign-in locations. This skill provides forensic analysis of Entra ID authentication chains to distinguish legitimate activity from credential/token theft.

SCStelz
SCStelz
testing-security
open
security
10

requesting-gcloud-bq-auth

gcloudやbqコマンド実行時に認証エラー(Reauthentication required等)を検出した場合に使用。エージェントが自動で認証コマンドを実行することを防ぎ、ユーザーに認証を依頼します。

syou6162
syou6162
testing-security
open
security
10

user-investigation

Use this skill when asked to investigate a user account for security issues, suspicious activity, or compliance review. Triggers on keywords like "investigate user", "security investigation", "user investigation", "check user activity", "analyze sign-ins", or when a UPN/email is mentioned with investigation context. This skill provides comprehensive Entra ID user security analysis including sign-in anomalies, MFA status, device compliance, audit logs, security incidents, Identity Protection risk, and automated HTML reports.

SCStelz
SCStelz
testing-security
open
security
10

encore-go-auth

Implement authentication with Encore Go.

encoredev
encoredev
testing-security
open
security
10

laravel-policies

Authorization policies for resource access control. Use when working with authorization, permissions, access control, or when user mentions policies, authorization, permissions, can, ability checks.

leeovery
leeovery
testing-security
open
security
10

env-helper

Read environment variables via get_env tool (mask secrets).

aevatarAI
aevatarAI
testing-security
open
security
9

auth-builder

Guide for adding authentication to web applications. This skill should be used when users want to implement login, signup, or access control.

Rehan-Ul-Haq
Rehan-Ul-Haq
testing-security
open
security
9

llm-security

LLM and AI application security testing skill for prompt injection, jailbreaking, and AI system vulnerabilities. This skill should be used when testing AI/ML applications for security issues, performing prompt injection attacks, testing LLM guardrails, analyzing AI system architectures for vulnerabilities, or assessing RAG pipeline security. Triggers on requests to test LLM security, perform prompt injection, jailbreak AI systems, test AI guardrails, or audit AI application security.

hardw00t
hardw00t
testing-security
open
security
9

auth-architecture

LiteLLM-RS Authentication Architecture. Covers JWT + API Key + RBAC multi-method auth, rate limiting with DashMap, middleware pipeline, and secure credential management.

majiayu000
majiayu000
testing-security
open
security
9

cloud-security

Multi-cloud security assessment skill for AWS, Azure, and GCP. This skill should be used when performing cloud security audits, scanning for misconfigurations, testing IAM policies, auditing storage permissions, and identifying privilege escalation paths. Triggers on requests to audit cloud security, scan AWS/Azure/GCP, check cloud misconfigurations, or perform cloud penetration testing.

hardw00t
hardw00t
testing-security
open
security
9

uncertainty-verification

Use when providing exact commands, flags, config keys, file paths, API details, standards, or version-specific behavior - enforces verification via official docs (Context7/web fetch), explicit citations, and bans assumption-based specifics

CatsMiaow
CatsMiaow
testing-security
open
security
9

osworld-version

Get the API version information from the OSWorld server. Returns API version, server version, and protocol.

bdambrosio
bdambrosio
testing-security
open
security
9

auth-builder

Implements secure authentication for web applications. This skill should be used when users want to add login/signup, protect routes, or integrate auth providers into their applications.

Rehan-Ul-Haq
Rehan-Ul-Haq
testing-security
open
security
8

security-reporter

Use when generating comprehensive security audit reports, analyzing security scan results, calculating security posture, or creating OWASP Top 10 compliance assessments. Invoked for security reporting, vulnerability aggregation, and remediation planning.

jpoley
jpoley
testing-security
open
Previous
Page 63 / 105
Next