Loading...
Loading...
Found 57 Skills
Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling.
프로젝트의 모든 verify 스킬을 순차 실행하여 통합 검증 보고서를 생성합니다. 기능 구현 후, PR 전, 코드 리뷰 시 사용.
Implement security scanning, vulnerability detection, and compliance checks. Use when working with security audits, dependency vulnerabilities, secret detection, CodeQL scanning, SAST/DAST tools, or security best practices. Handles threat modeling and security hardening.
Configure identify security misconfigurations in infrastructure-as-code, application settings, and system configurations. Use when you need to audit Terraform/CloudFormation templates, check application config files, validate system security settings, or ensure compliance with security best practices. Trigger with phrases like "find security misconfigurations", "audit infrastructure security", "check config security", or "scan for misconfigured settings".
Check and configure GitHub Pages deployment
Check and configure code coverage thresholds and reporting
Comprehensive security and authentication workflow that orchestrates security architecture, identity management, access control, and compliance implementation. Handles everything from authentication system design and authorization frameworks to security auditing and threat protection.
Check and configure Sentry error tracking for project standards
Expert iOS App Store submission and approval system. 9 specialized agents providing senior App Review Team-level expertise across compliance, design, privacy, monetization, metadata, technical requirements, timing, rejection recovery, and learning. Triggers on keywords like app store, iOS submission, apple review, app rejection, aso, privacy manifest, privacy labels, ATT, iap, in-app purchase, subscription, storekit, review guidelines, HIG, testflight, app store connect.
Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.
Run Checkov to scan Infrastructure as Code for misconfigurations. Supports Terraform, CloudFormation, Kubernetes, Helm, ARM, Ansible, and Dockerfiles.
Automatically generate product documentation that complies with Doom framework specifications, supporting PRD transformation, architectural analysis, and multi-type document generation.