Loading...
Loading...
Found 201 Skills
In-depth code review for large PRs (>500 lines). Full analysis including architecture, performance, security, and maintainability.
Ghost Security - Software Composition Analysis (SCA) scanner. Scans dependency lockfiles for known vulnerabilities, identifies CVEs, and generates findings with severity levels and remediation guidance. Use when the user asks about dependency vulnerabilities, vulnerable packages, CVE checks, security audits of dependencies, or wants to scan lockfiles like package-lock.json, yarn.lock, go.sum, or Gemfile.lock.
Harden configuration and defaults for safer deployment. Use when a mid-level developer needs to reduce misconfig risks.
Review PyTorch pull requests for code quality, test coverage, security, and backward compatibility. Use when reviewing PRs, when asked to review code changes, or when the user mentions "review PR", "code review", or "check this PR".
This skill should be used when the user asks to "check for misconfigurations", "analyze security headers", "find misconfigured settings", "check CORS policy", "find debug mode", "audit server configuration", or mentions "misconfiguration" in a security context. Maps to OWASP Top 10 2021 A05: Security Misconfiguration.
This skill should be used when the user asks to "check for SSRF", "analyze server-side request forgery", "find URL fetching vulnerabilities", "check for internal network access", or mentions "SSRF", "URL fetching", "cloud metadata", "169.254.169.254", or "request forgery" in a security context. Maps to OWASP Top 10 2021 A10: Server-Side Request Forgery.
Analyzes system and application logs to detect anomalies and security threats in blue-team operations.
Real-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.
Use when reviewing code for bugs, security issues, race conditions, N+1 queries, trust boundary violations, or any pre-merge quality check
Use when handling authentication, authorization, encryption, HIPAA compliance, SOC 2, privacy policies, penetration testing, or any security and compliance concerns
Builds and queries multi-language source code graphs for security analysis. Includes pre-analysis passes for blast radius, taint propagation, privilege boundaries, and entry point enumeration. Use when analyzing call paths, mapping attack surface, finding complexity hotspots, enumerating entry points, tracing taint propagation, measuring blast radius, or building a code graph for audit prioritization. Supports 16 languages including Solidity, Cairo, Circom, Rust, Go, Python, C/C++, TypeScript.
Review code changes and identify high-confidence, actionable bugs. Use when the user wants to: - Review a pull request or branch diff - Find bugs, security issues, or correctness problems in code changes - Get a structured summary of review findings