Loading...
Loading...
Found 49 Skills
Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.
Run Flawfinder SAST scans on C/C++ code. Detects buffer overflows, format string vulnerabilities, race conditions, and other memory safety issues.
Identify security vulnerabilities and anti-patterns providing feedback on security issues a senior developer would catch. Use when user mentions security/vulnerability/safety concerns, code involves user input/authentication/data access, working with sensitive data (passwords/PII/financial), code includes SQL queries/file operations/external API calls, user asks about security best practices, or security-sensitive files are being modified (auth, payment, data access).
Use AddressSanitizer to detect memory safety bugs in C/C++ programs. Identifies use-after-free, buffer overflow, memory leaks, and other memory errors.
Hardcoded Credential Finder - Auto-activating skill for Security Fundamentals. Triggers on: hardcoded credential finder, hardcoded credential finder Part of the Security Fundamentals skill category.
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
Implement security scanning, vulnerability detection, and compliance checks. Use when working with security audits, dependency vulnerabilities, secret detection, CodeQL scanning, SAST/DAST tools, or security best practices. Handles threat modeling and security hardening.
Run Google's OSV-Scanner for Software Composition Analysis. Scans lockfiles and SBOMs across all major ecosystems (npm, PyPI, Maven, Go, Cargo, NuGet, RubyGems) for known vulnerabilities.
Analyze session management implementations to identify security vulnerabilities in web applications. Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security. Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".
Perform security-focused review of code diffs and pull requests, identifying newly introduced vulnerabilities, security regressions, and unsafe patterns in changed code.
Performs comprehensive security audits of KrakenD configurations to identify vulnerabilities, authentication gaps, and security best practices violations with Flexible Configuration support
Main security scanning orchestration. Detects language, runs OWASP Top 10 patterns, identifies vulnerabilities, generates structured reports. Use when scanning for XSS, SQL injection, command injection, secrets, or any security vulnerability.