Loading...
Loading...
Found 44 Skills
Android security patterns for secure storage, network security, input validation, and authentication.
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist a...
Review error handling, input validation, and exception patterns using 24-item checklist. Use when auditing defensive code, designing barricades, choosing assertion vs error handling, or deciding correctness vs robustness strategy. Triggers on: empty catch blocks, missing input validation, assertions with side effects, wrong exception abstraction level, garbage in garbage out mentality, deadline pressure to skip validation, trusted source rationalization. Produce status table with VIOLATION/WARNING/PASS per item, or barricade/error-handling design recommendations.
Use this skill when securing web applications, preventing OWASP Top 10 vulnerabilities, implementing input validation, or designing authentication. Triggers on XSS, SQL injection, CSRF, SSRF, broken authentication, security headers, input validation, output encoding, OWASP, and any task requiring application security hardening.
Use when you need to apply Java secure coding best practices — including validating untrusted inputs, defending against injection attacks with parameterized queries, minimizing attack surface via least privilege, applying strong cryptographic algorithms, handling exceptions securely without exposing sensitive data, managing secrets at runtime, avoiding unsafe deserialization, and encoding output to prevent XSS. Part of the skills-for-java project
Start and monitor workflows via WorkflowClient with strict input variable matching.
Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement. Use when: authentication implementation, authorization logic, payment processing, user data handling, API endpoint creation, file upload handling, database queries, external API integration. Skip when: read-only operations on public data, internal development tooling, static documentation, styling changes.
Use this skill when implementing Syncfusion WPF PercentTextBox controls for percentage input handling. Provides comprehensive guidance on value binding, min/max validation, number formatting with culture support, appearance customization with positive/negative/zero foregrounds, interactive features like scroll intervals and range adorners, watermark text, and data binding patterns for percentage-based input controls with international format support.
Implements the Syncfusion WPF SfTextInputLayout control to provide floating labels, assistive labels, and input validation UI for WPF text inputs. Use when adding floating labels, customizing input container styles, or showing validation/helper text.
MUST be used whenever reviewing a Dune app for security issues, or before shipping any feature that handles credentials, user input, or external data. Do NOT skip this when the user asks for a security review, security audit, or vulnerability check — run every step in order. Triggers: security, security review, security audit, vulnerability, XSS, injection, credentials, secrets, auth, authentication, authorization, token, sensitive data, input validation, CORS, CSP, dependency audit.
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
Security hardening and secure coding practices. Use when user asks to "harden security", "secure coding", "OWASP vulnerabilities", "input validation", "sanitization", "SQL injection prevention", "XSS protection", "CORS security", "secure headers", "vulnerability scanning", or mentions security best practices and threat mitigation.