Search Results: application-security

Found 42 Skills

Security & Complianceshipshitdev/library

security-expert

Expert in application security, OWASP Top 10, authentication, authorization, data protection, and security best practices for React, Next.js, and NestJS applications

🇺🇸|EnglishTranslated

Security & Compliancedchuk/claude-code-tauri-s...

configuring-tauri-csp

Guides users through configuring Content Security Policy (CSP) in Tauri v2 applications to prevent XSS attacks and enhance security by restricting resource loading.

🇺🇸|EnglishTranslated

Security & Compliancevasilyu1983/ai-agents-pub...

software-security-appsec

Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

dast-zap

Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.

🇺🇸|EnglishTranslated

Security & Complianceibuildingsnl/reusable-ai-...

asvs-audit

OWASP ASVS 5.0 Level 1 security audit with deterministic, evidence-based findings. Use this when asked for a security audit or asvs audit.

🇺🇸|EnglishTranslated

Security & Complianceyaklang/hack-skills

race-condition

Race condition and TOCTOU testing for web apps. Use when testing one-time operations, concurrent HTTP abuse, rate-limit bypass, Turbo Intruder gates, HTTP/2 single-packet attacks, and CWE-362-style synchronization gaps.

🇺🇸|EnglishTranslated

Platform Servicesvtex/skills

vtex-io-app-settings

Apply when defining, validating, or consuming VTEX IO app settings. Covers settingsSchema, app-level configuration boundaries, and how backend or frontend code should depend on settings safely. Use for merchant-configurable behavior, settings forms, or reviewing whether settings belong in app configuration rather than hardcoded logic or custom data entities.

🇺🇸|EnglishTranslated

Security & Compliancespatie/guidelines-skills

spatie-security

Apply Spatie's security guidelines when configuring applications, databases, or servers, or when reviewing code for security concerns; use for SSL setup, CSRF protection, password hashing, database permissions, and server hardening.

🇺🇸|EnglishTranslated

Security & Compliancemartinholovsky/claude-ski...

appsec-expert

Elite Application Security engineer specializing in secure SDLC, OWASP Top 10 2025, SAST/DAST/SCA integration, threat modeling (STRIDE), and vulnerability remediation. Expert in security testing, cryptography, authentication patterns, and DevSecOps automation. Use when securing applications, implementing security controls, or conducting security assessments.

🇺🇸|EnglishTranslated

Security & Compliancetuckerandrew21/eft-tracke...

security-auth

Authentication and security patterns for EFT-Tracker using NextAuth. Covers password reset, session management, CSRF protection, and security reviews. Activates when user mentions: auth, authentication, password, NextAuth, session, security, login, logout, CSRF, rate limit, token, JWT.

🇺🇸|EnglishTranslated

Security & Compliancenickcrew/claude-ctx-plugi...

secure-coding-practices

Secure coding practices and defensive programming patterns for building security-first applications. Use when implementing authentication, handling user input, managing sensitive data, or conducting secure code reviews.

🇺🇸|EnglishTranslated

Security & Complianceakillness/oh-my-skills

strix

Install, configure, and operate Strix for AI-driven application security testing. Use when you need to run authorized vulnerability scans against local codebases, GitHub repositories, staging URLs, domains, or CI pipelines; configure Docker and LLM providers; choose quick, standard, or deep scan depth; or pass authenticated testing instructions to Strix. Triggers on: strix, ai pentest, vulnerability scan cli, appsec scan, bug bounty automation, strix ci, strix docker, strix scan mode, strix instruction file, headless security scan.

🇺🇸|EnglishTranslated

3 scripts/Attention