Master authentication and authorization patterns including OAuth 2.0, OpenID Connect, JWT tokens, refresh tokens, role-based access control (RBAC), claims-based authorization, and secure token storage for .NET applications with OpenIddict and ABP Framework.
Login to the Agentuity Platform using a browser-based authentication flow. Use for managing authentication credentials
Security scanning templates and checklists for OWASP Top 10, authentication, authorization, data protection. Use when conducting security testing or vulnerability assessment. This skill provides comprehensive security testing: - OWASP Top 10 checklist with remediation - Authentication and authorization testing - Data protection verification - Security report generation - Integration with Codex CLI MCP for automated scanning Triggers: "security scan", "vulnerability check", "OWASP", "security test", "セキュリティスキャン", "脆弱性チェック", "セキュリティテスト"
HTTP client configuration, API providers, error handling, and request/response patterns
Execute secure credential recovery procedures.
Detects session management vulnerabilities including session fixation, session hijacking, and insecure cookie handling. Use when analyzing authentication sessions, cookie security, or investigating session-related vulnerabilities.
Create and verify integrity signatures for protocol artifacts.
執行完整的應用程式安全掃描,檢查 OWASP Top 10 漏洞、敏感資料洩漏、依賴套件漏洞和安全配置問題。
Comprehensive guide for Harness Platform API authentication, rate limiting, error handling, and endpoint operations
Enforces security rules for AAW sessions. Activated automatically when handling sensitive operations, external connections, package installations, or file access to protected paths.
Detects logic bypass vulnerabilities including authentication bypass, authorization bypass, and business logic flaws. Use when analyzing authentication mechanisms, access controls, or investigating security control bypasses.
Implement MFA login providers for Umbraco backoffice using official docs
Compare OpenAPI versions for Terraform provider updates
Set a secret. Requires authentication. Use for Agentuity cloud platform operations
This skill should be used when the user asks to "analyze security", "security audit", "check for vulnerabilities", "review authentication", "check authorization", "find security issues", "OWASP review", or mentions security patterns, input validation, secrets handling, or secure coding practices.
Security compliance frameworks and governance for regulatory adherence
Validate WebSocket and HTTP stream health for WaveCap-SDR channels. Use when debugging streaming issues, measuring latency or throughput, detecting packet loss, or verifying audio/spectrum delivery.
檢查應用程式的安全配置,包括 HTTPS、CORS、Security Headers、Cookie 等
5-check quantitative validation ensuring 90% confidence before implementation. Prevents wrong-direction work through systematic verification: duplicate check (25%), architecture compliance (25%), official docs (20%), working OSS (15%), root cause (15%). Thresholds: ≥90% proceed, ≥70% clarify, <70% STOP. Proven 25-250x token ROI from SuperClaude.
When you need to run code before a request completes: auth checks, redirects, headers, A/B testing. **Version Context**: Next.js 16.0+ uses `proxy.ts` (replaces `middleware.ts` from v15 and earlier).
