Loading...
Loading...
Found 2,968 Skills
Universal security and robustness scanner for any codebase. Use when auditing code for vulnerabilities, security issues, bugs, or robustness problems. Automatically detects tech stack, creates custom audit plans, and performs recursive deep analysis.
This skill should be used when the user asks to "review code", "review PR", "code review", "audit code", "check for bugs", "security review", "review my changes", "find issues in this code", "review the diff", or asks for pull request review or code audit.
Operate the Prelude Security platform CLI for continuous security testing (Detect) and endpoint posture monitoring (SCM). Manages endpoints, schedules tests, evaluates security control policies, integrates with EDR/XDR partners, and generates reports. Use when working with the `prelude` CLI or managing security infrastructure.
Create and harden systemd service unit files following modern best practices. Use when writing new systemd units for web applications, background workers, or daemons, or when hardening existing services with security sandboxing and isolation features. Covers service types, dependencies, restart policies, security options, and filesystem restrictions.
Generate secure code following OWASP Secure Coding rules. Automatically detects the security domain and produces code with inline Rule ID citations (e.g., [INPUT-04], [AUTH-07]) plus a rules-applied summary.
Run SpotBugs with Find Security Bugs plugin on Java code. Detects injection flaws, XXE, insecure crypto, SSRF, deserialization, and other JVM security bugs.
Run gosec SAST scans on Go code. Detects SQL injection, hardcoded credentials, insecure TLS, command injection, and other Go security issues.
Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.
Use when initializing or configuring the Bknd authentication system. Covers enabling auth, configuring password strategy, setting up JWT and cookie options, defining roles, and production security settings.
Use when implementing password reset or change functionality in a Bknd application. Covers server-side password changes, building forgot-password flows with email tokens, and security considerations.
Authentication and authorization expert specializing in JWT, OAuth 2.0, session management, RBAC, password security. Use for auth implementation, token management, or security issues.
Generate Ralph-compatible prompts for research, analysis, and planning tasks. Creates prompts with systematic research phases, synthesis requirements, and deliverable specifications. Use when analyzing codebases, creating migration plans, researching technologies, auditing security, or any task requiring investigation before action.