Loading...
Loading...
Found 283 Skills
The drum sounds. Spider, Raccoon, and Turtle gather for complete security work. Use when implementing auth, auditing security, or hardening code end-to-end.
Use before committing code - validates Drupal coding standards, SOLID/DRY principles, security practices, and CSS standards
Defines evaluation criteria and scoring methodologies for deliverable assessment
Use when preparing any project for production deployment, performing security audits, or release preparation. Triggers on "make production ready", "security audit", "prepare for release", "hardening", "pre-deployment checklist".
Software engineering best practices for code review. Use when reviewing code, analyzing code quality, checking for bugs, security vulnerabilities, or providing feedback on code changes.
Security audit for vulnerabilities, compliance issues, and sensitive data exposure. Use before production deployments or when reviewing security-sensitive code.
Audits security and supply-chain risk between two git refs, 预发布安全审计
Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.
Reverse-engineer a product into a mechanically verifiable feature catalog + code map + specs using an RPI-style loop. Triggers: reverse engineer product, catalog full feature set, docs->code mapping, feature inventory, code map, “Ralph loop”, SaaS boundary mapping, security audit reverse engineering, authorized binary analysis.
Review Python code for quality, security, and best practices
Comprehensive thoroughness framework. Auto-invoked when planning features, implementing code, fixing bugs, writing tests, analyzing existing code, auditing features, reviewing architecture, or investigating issues. Forces systematic consideration of all edge cases, failure modes, error scenarios, security implications, state transitions, and hidden assumptions so nothing gets missed. Do NOT invoke for trivial changes like typos, renames, single-line fixes, adding imports, or updating config values.
Use this agent when you need to perform security audits, vulnerability assessments, or security reviews of code. This includes checking for common security vulnerabilities, validating input handling, reviewing authentication/authorization implementations, scanning for hardcoded secrets, and ensuring OWASP compliance. <example>Context: The user wants to ensure their newly implemented API endpoints are secure before deployment.\nuser: "I've just finished implementing the user authentication endpoints. Can you check them for security issues?"\nassistant: "I'll use the security-sentinel agent to perform a comprehensive security review of your authentication endpoints."\n<commentary>Since the user is asking for a security review of authentication code, use the security-sentinel agent to scan for vulnerabilities and ensure secure implementation.</commentary></example> <example>Context: The user is concerned about potential SQL injection vulnerabilities in their database queries.\nuser: "I'm worried about SQL inj...