security
16.5K
compliance
Compliance expert for SOC 2, GDPR, HIPAA, PCI-DSS, and security frameworks
RightNow-AI
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
16.5K
crypto-expert
Cryptography expert for TLS, symmetric/asymmetric encryption, hashing, and key management
RightNow-AI
testing-security
security
16.5K
oauth-expert
OAuth 2.0 and OpenID Connect expert for authorization flows, PKCE, and token management
RightNow-AI
testing-security
security
16.5K
security-audit
Security audit expert for OWASP Top 10, CVE analysis, code review, and penetration testing methodology
RightNow-AI
testing-security
security
15K
openmaic
Guided SOP for setting up and using OpenMAIC from OpenClaw. Use when the user wants to clone the OpenMAIC repo, choose a startup mode, configure recommended API keys, start the service, or generate a classroom from requirements or a PDF. Run one phase at a time and ask for confirmation before each state-changing step.
THU-MAIC
testing-security
security
14.2K
abp-authorization
ABP permission system - PermissionDefinitionProvider, [Authorize] attribute, CheckPolicyAsync, IsGrantedAsync, ICurrentUser, IPermissionManager, multi-tenancy side. Use when working with permissions, authorization, role-based access, or security in ABP projects.
abpframework
testing-security
security
14.1K
router-coreauth-and-guards
Route protection with beforeLoad, redirect()/throw redirect(), isRedirect helper, authenticated layout routes (_authenticated), non-redirect auth (inline login), RBAC with roles and permissions, auth provider integration (Auth0, Clerk, Supabase), router context for auth state.
TanStack
testing-security
security
14K
getting-started
Get started with your Open SaaS project — fetches docs, checks Wasp installation, and helps you start your database and app.
wasp-lang
testing-security
security
13.5K
prowler-api
Prowler API patterns: RLS, RBAC, providers, Celery tasks. Trigger: When working in api/ on models/serializers/viewsets/filters/tasks involving tenant isolation (RLS), RBAC, or provider lifecycle.
prowler-cloud
testing-security
security
13.5K
prowler-compliance
Creates and manages Prowler compliance frameworks. Trigger: When working with compliance frameworks (CIS, NIST, PCI-DSS, SOC2, GDPR, ISO27001, ENS, MITRE ATT&CK).
prowler-cloud
testing-security
security
13.5K
prowler-sdk-check
Creates Prowler security checks following SDK architecture patterns. Trigger: When creating or updating a Prowler SDK security check (implementation + metadata) for any provider (AWS, Azure, GCP, K8s, GitHub, etc.).
prowler-cloud
testing-security
security
13.5K
skill-security-auditor
Security auditing for code, configs, and infrastructure. Use when the user wants to audit or improve security: scan for vulnerabilities (SQL injection, XSS, command injection, path traversal), detect hardcoded secrets and credentials, review auth and authorization, check dependencies for known CVEs, audit config files for insecure defaults, or generate security reports. Trigger on "security audit", "vulnerability scan", "code review for security", "find secrets", "check for vulnerabilities", "OWASP", "CVE", or questions about code security.
eigent-ai
testing-security
security
12.6K
create-hec-event-integration
Use when adding a new HEC (HTTP Event Collector) event integration to the Bitwarden web client. Implements the Splunk token authentication model (Bearer token + URI). Covers feature flag setup and card registration behind the flag. Does not apply to API key integrations or integrations requiring a custom connect dialog.
bitwarden
testing-security
security
12.2K
security-and-hardening
Hardens code against vulnerabilities. Use when handling user input, authentication, data storage, or external integrations. Use when building any feature that accepts untrusted data, manages user sessions, or interacts with third-party services.
addyosmani
testing-security
security
11.6K
security-review
Security audit for code changes and PRs — OWASP top 10, auth flows, data handling, secrets exposure, supply chain risks. Writes findings as actionable items.
nearai
testing-security
security
11.3K
cloudflare
Deploy and manage Cloudflare Workers, Pages, and services via Code Mode MCP (API queries) + wrangler (deploys). OAuth auth for wrangler (tokens lack Pages perms). USE WHEN Cloudflare, worker, deploy, Pages, MCP server, wrangler, DNS, KV, R2, D1, Vectorize.
danielmiessler
testing-security
security
10.4K
secrets-vault-manager
Use when the user asks to set up secret management infrastructure, integrate HashiCorp Vault, configure cloud secret stores (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager), implement secret rotation, or audit secret access patterns.
alirezarezvani
testing-security
security
10.4K
security-pen-testing
Use when the user asks to perform security audits, penetration testing, vulnerability scanning, OWASP Top 10 checks, or offensive security assessments. Covers static analysis, dependency scanning, secret detection, API security testing, and pen test report generation.
alirezarezvani
testing-security
security
10.4K
senior-security
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guidance, cryptography patterns, and security scanning tools. Use when the user asks about security reviews, threat analysis, vulnerability assessments, secure coding practices, security audits, attack surface analysis, CVE remediation, or security best practices.
alirezarezvani
testing-security
security
10.4K
gdpr-dsgvo-expert
GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.
alirezarezvani
testing-security
security
10.4K
information-security-manager-iso27001
ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
alirezarezvani
testing-security
security
10.4K
isms-audit-expert
Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control assessment, and certification support. Use when the user mentions ISO 27001, ISMS audit, Annex A controls, Statement of Applicability (SOA), gap analysis, nonconformity management, internal audit, surveillance audit, or security certification preparation. Helps review control implementation evidence, document audit findings, classify nonconformities, generate risk-based audit plans, map controls to Annex A requirements, prepare Stage 1 and Stage 2 audit documentation, and support corrective action workflows.
alirezarezvani
testing-security
security
10.4K
soc2-compliance
Use when the user asks to prepare for SOC 2 audits, map Trust Service Criteria, build control matrices, collect audit evidence, perform gap analysis, or assess SOC 2 Type I vs Type II readiness.
alirezarezvani
testing-security
security
9.9K
bilibili-upload
当 agent 需要通过已安装的 `sau` CLI 完成 Bilibili 登录、账号校验或视频上传时使用这个 skill。优先使用 `sau bilibili ...`,程序会自动准备 `biliup`,不要求用户手动安装。
dreammis
testing-security