Loading...
Loading...
Found 2,960 Skills
Expert in infrastructure security, DevSecOps pipelines, and zero-trust architecture design.
Security engineering that protects applications, data, and users from real-world threatsUse when "security, authentication, authorization, encryption, OWASP, vulnerability, XSS, SQL injection, CSRF, secrets, password, JWT, OAuth, permissions, audit, compliance, security, authentication, authorization, encryption, vulnerabilities, OWASP, compliance, audit" mentioned.
Security audit worker (L3). Scans codebase for hardcoded secrets, SQL injection, XSS, insecure dependencies, missing input validation. Returns findings with severity (Critical/High/Medium/Low), location, effort, and recommendations.
Resolve npm dependency vulnerabilities detected by security scans.
Security auditing and vulnerability assessment specialist. Use when conducting security reviews, analyzing code for vulnerabilities, performing OWASP assessments, or creating security audit reports.
Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling.
Modern security standards including Zero Trust Architecture, supply chain security, DevSecOps integration, and cloud-native protection
Expert security engineering covering application security, infrastructure security, threat modeling, penetration testing, and compliance.
Run ScoutSuite for multi-cloud security auditing. Collects configuration data from AWS, Azure, GCP, Oracle, and Alibaba Cloud and generates an interactive security report.
Security standards for authentication, input validation, and OWASP compliance
Understand the defense-in-depth security architecture of Secure Vibe Coding OS. Use this skill when you need to understand the overall security approach, the 5-layer security stack, OWASP scoring, or when to use other security skills. Triggers include "security architecture", "defense in depth", "security layers", "how does security work", "OWASP score", "security overview", "security principles".
[AUTO-INVOKE] MUST be invoked BEFORE deploying DeFi contracts (DEX, lending, staking, LP, token). Covers anti-whale, anti-MEV, flash loan protection, launch checklists, and emergency response. Trigger: any deployment or security review of DeFi-related contracts.