Loading...
Loading...
Found 2,961 Skills
This skill should be used when the user asks to "validate a finding", "check if a vulnerability is real", "triage a security finding", "confirm a vulnerability", "determine if a finding is a true positive or false positive", or provides a security finding for review. It validates security vulnerability findings by tracing data flows, verifying exploit conditions, analyzing security controls, and optionally testing attack vectors against a live application.
Senior Data Security Architect & Forensic Auditor for 2026. Specialized in Row Level Security (RLS) enforcement, Zero-Trust database architecture, and automated data access auditing. Expert in neutralizing unauthorized access in Convex, Supabase, and Postgres environments through strict policy validation, JIT (Just-in-Time) access controls, and forensic trace analysis.
Skill for enhancing search optimization (SEO) and security. Covers meta tags, semantic HTML, and security vulnerability checks. Use proactively when user asks about search ranking, security hardening, or vulnerability fixes. Triggers: SEO, security, meta tags, XSS, CSRF, 보안, セキュリティ, 安全, seguridad, etiquetas meta, optimización de búsqueda, sécurité, balises méta, optimisation pour les moteurs de recherche, Sicherheit, Meta-Tags, Suchmaschinenoptimierung, sicurezza, tag meta, ottimizzazione per i motori di ricerca Do NOT use for: backend-only APIs, internal tools, or basic development setup.
Ensures baseline security practices are followed in the project. Use this when asked to perform a security audit on the codebase. Automatically creates Jira stories for each security finding.
Perform security analysis
Execute use when you need to work with security and compliance. This skill provides security scanning and vulnerability detection with comprehensive guidance and automation. Trigger with phrases like "scan for vulnerabilities", "implement security controls", or "audit security".
Security best practices and threat mitigation patterns for PACT framework development. Use when: implementing authentication or authorization, handling API credentials, integrating external APIs, processing sensitive data (PII, financial, health), reviewing code for vulnerabilities, or enforcing SACROSANCT security rules. Triggers on: security audit, credential handling, OWASP, auth flows, encryption, data protection, backend proxy pattern, frontend credential exposure.
Universal security checklist and fixes for ANY project type or language
Test skill for security scanning
Manage Serverless network security (traffic filters): create, update, and delete IP filters and AWS PrivateLink VPC filters. Use when restricting network access or configuring private connectivity.
Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.
Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.