Loading...
Loading...
Found 2,241 Skills
Detect privilege escalation attempts including token manipulation, UAC bypass, unquoted service paths, kernel exploits, and sudo/doas abuse across Windows and Linux.
Env & Secrets Manager
Expert guide for building CI/CD pipelines with GitHub Actions, Vercel, and other platforms. Use when automating builds, tests, deployments, or release workflows.
Analyzes PHP code for SSRF vulnerabilities. Detects unvalidated URLs, internal network access, DNS rebinding, cloud metadata access, URL parsing bypass attempts.
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
Scan your project for exposed credentials, API keys, and secrets before running OpenClaw skills. Prevents accidental exfiltration.
Role-based access control (RBAC) with permissions and policies. Use for admin dashboards, enterprise access, multi-tenant apps, fine-grained authorization, or encountering permission hierarchies, role inheritance, policy conflicts.
Identifies and fixes XSS, SQL injection, and command injection vulnerabilities with validation schemas, sanitization libraries, and safe coding patterns. Use for "input validation", "XSS prevention", "SQL injection", or "sanitization".
Configures CORS policy for development and production
Guides users through running Node.js as a sidecar process in Tauri applications, enabling JavaScript backend functionality without requiring end-user Node.js installations.
Expert-level Spring Boot, Spring Framework, REST APIs, and microservices development
This skill should be used when the user asks to "review my changes", "review this code", "check my work", "what's wrong with my changes", "review before I push", "security review", "do a code review", or mentions reviewing, auditing, or analyzing local code changes before committing or opening a PR.