Loading...
Loading...
Found 24 Skills
Run security audit with GitLeaks pre-commit hook setup and code analysis
Expert in application security, OWASP Top 10, authentication, authorization, data protection, and security best practices for React, Next.js, and NestJS applications
Expert security engineering covering application security, infrastructure security, threat modeling, penetration testing, and compliance.
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.
Plans security penetration tests for web applications. Analyzes codebase, API routes, auth implementation, and infrastructure config to generate comprehensive pentest plans. For authorized testing only.
Use when the user asks to perform security audits, penetration testing, vulnerability scanning, OWASP Top 10 checks, or offensive security assessments. Covers static analysis, dependency scanning, secret detection, API security testing, and pen test report generation.
Security best practices, OWASP Top 10, and secure coding guidelines
Use this skill when securing web applications, preventing OWASP Top 10 vulnerabilities, implementing input validation, or designing authentication. Triggers on XSS, SQL injection, CSRF, SSRF, broken authentication, security headers, input validation, output encoding, OWASP, and any task requiring application security hardening.
Identify security vulnerabilities and anti-patterns providing feedback on security issues a senior developer would catch. Use when user mentions security/vulnerability/safety concerns, code involves user input/authentication/data access, working with sensitive data (passwords/PII/financial), code includes SQL queries/file operations/external API calls, user asks about security best practices, or security-sensitive files are being modified (auth, payment, data access).
Test automate security vulnerability testing covering OWASP Top 10, SQL injection, XSS, CSRF, and authentication issues. Use when performing security assessments, penetration tests, or vulnerability scans. Trigger with phrases like "scan for vulnerabilities", "test security", or "run penetration test".
Deep security scanning for .NET applications across 6 layers: vulnerable packages, secrets detection, OWASP code patterns, auth configuration, CORS policy, and data protection. Produces severity-rated findings with specific remediation steps. Load this skill when: "security scan", "security audit", "check for vulnerabilities", "find secrets", "OWASP", "auth review", "CORS check", "security review", "penetration test prep", "CVE check", "vulnerability scan", "hardcoded password", "data protection", "security posture".
Threat modeling methodologies (STRIDE, PASTA, LINDDUN), attack tree analysis, common attack patterns (OWASP Top 10, CWE), risk assessment frameworks, and security architecture patterns