home/categories/testing-security

domain cluster

Testing & Security

QA, penetration testing, and code quality.

9326 اسکلزall categories

sorting

stars

current ordering strategy

query

all entries

refine the visible subset

security

jwt-authentication

Generate JWTs for GitHub App authentication. Direct JWT generation for app-level operations, installation discovery, and bootstrapping workflows.

adaptive-enforcement-lab

testing-security

open

security

Security pattern for input validation and sanitization. Use when implementing input handling, preventing injection attacks (SQL, XSS, command), ensuring data integrity, or processing data from untrusted sources. Addresses "Entity provides unexpected data" problem.

igbuend

testing-security

open

security

reverse-proxy

Manage incoming internet traffic and reverse proxy configuration on the home network gateway. Configure Caddy, OAuth2 authentication, fail2ban security, and traffic routing.

lakowske

testing-security

open

security

security-auditor

security-auditor skill Trigger terms: security audit, vulnerability scan, OWASP, security analysis, penetration testing, security review, threat modeling, security best practices, CVE Use when: User requests involve security auditor tasks.

gaebalai

testing-security

open

security

sdd-design-security

Design threat mitigation, input validation, and secure execution. Use when: sdd-design assigns Security Considerations section. Triggers: "security design", "threat model", "input validation", "xss prevention"

h2b-dev-studio

testing-security

open

security

crypto-audit

Audit cryptographic implementations for weak algorithms, insecure defaults, predictable randomness, key management issues, and timing attacks. Use when reviewing security-critical crypto code.

MAF2414

testing-security

open

security

rate-limit-setup

Implement rate limiting for API endpoints. Use when user mentions "rate limit", "quota", "usage tracking", "throttle", or "limit requests".

AppleLamps

testing-security

open

security

ask-questions-v2

Clarify requirements before implementing. Do not use automatically, only when invoked explicitly.

pascalandy

testing-security

open

security

constitution

Load and confirm core principles, guardrails, and project context for MacroFlow sessions.

acornsoft

testing-security

open

security

authentication

Implement secure authentication with JWT, sessions, OAuth, and password hashing. Use when adding login/logout, token auth, or integrating OAuth providers.

ProfPowell

testing-security

open

security

auth-web-cloudbase

Complete guide for CloudBase Auth v2 using Web SDK (@cloudbase/js-sdk@2.x) - all login flows, user management, captcha handling, and best practices in one file.

binggg

testing-security

open

security

pkce-reviewer

Review test cases for PKCE (Proof Key for Code Exchange) implementation. Covers code_challenge/code_verifier validation, S256 transformation, and all PKCE requirements per OAuth 2.1 Sections 4.1.1, 4.1.3, 7.5.1, 7.5.2. PKCE is MANDATORY in OAuth 2.1.

maronnjapan

testing-security

open

security

security-review

RBAC/監査ログ/秘密情報/マルチテナント越境/LLMプロンプト注入の観点でレビューする。

rozwer

testing-security

open

security

do-platform-auth0

Auth0 보안 전문가로서 공격 방어, 다중 인증, 토큰 보안, 발신자 제약(DPoP/mTLS), 규정 준수(FAPI, GDPR, HIPAA)를 다룸. Auth0 보안 기능 구현, MFA 설정, 토큰 보안, 규정 요구사항 충족 시 사용.

yejune

testing-security

open

security

Security best practices covering OWASP Top 10, authentication, authorization, and common vulnerabilities. Trigger: When implementing authentication, when handling user input, when storing sensitive data, when building APIs, when conducting security reviews, when implementing authorization.

Dsantiagomj

testing-security

open

security

security-scanner

Automated security validation for OWASP Top 10, CVE detection, and secrets scanning with confidence-scored vulnerability reports.

christianearle01

testing-security

open

security

auditing-security

セキュリティ監査と脆弱性対策を支援します。OWASP Top 10に基づく包括的な脆弱性チェック、コード分析、リスク評価を提供します。セキュリティ脆弱性の特定、コンプライアンス確認、セキュアコーディング実装が必要な場合に使用してください。

sekka

testing-security

open

security

security-audit

Audit code for security vulnerabilities using OWASP Top 10, STRIDE threat modeling, and secure coding practices. Identifies SQL injection, XSS, CSRF, auth issues, and secrets exposure. Returns prioritized findings with remediation.

ils15

testing-security

open

security

moai-security-api

API security patterns - authentication, authorization, rate limiting, OWASP

jg-chalk-io

testing-security

open

security

vkc-visa-assessment-engine

Design and implement the Viet K-Connect visa assessment engine (DB-driven ruleset JSON schema + versioning + effective dates). No hardcoded rules in code. Use for building /api/visa/assess and admin ruleset management.

LEE-SANG-BOK

testing-security

open

security

curriculum-validate-cc

Validate IMS Common Cartridge 1.3 packages against spec, check manifest schema, verify file references, validate QTI assessments, and ensure LMS compatibility. Use when validating CC packages before delivery. Activates on "validate Common Cartridge", "check CC package", "verify IMS CC", or "CC validation".

pauljbernard

testing-security

open

security

fix-review

Verify that security fixes actually resolve the vulnerability without introducing new issues. Reviews fix commits against original findings. Inspired by Trail of Bits methodology.