Loading...
Loading...
Found 57 Skills
PreToolUse security-anti-pattern hook for Claude Code. Catches 12 common security risks (command injection, XSS, SQL injection, unsafe deserialization, GitHub Actions workflow injection, eval/new Function code injection) BEFORE the Edit/Write/MultiEdit operation completes. Session-state caching prevents duplicate warnings on the same file+rule combo. Stdlib only — no dependencies. Use when you want a safety net during Claude Code sessions that touch security-sensitive code (auth, payments, user input handling, IaC). Disable with ENABLE_SECURITY_REMINDER=0 if you need to perform a verified-safe operation that would otherwise trip a pattern. Triggers — "add security hook", "block unsafe code", "detect command injection before write", "prevent SQL injection patterns", "security warning hook".
Comprehensive toolkit for validating, linting, testing, and automating Ansible playbooks, roles, and collections. Use this skill when working with Ansible files (.yml, .yaml playbooks, roles, inventories), validating automation code, debugging playbook execution, performing dry-run testing with check mode, or working with custom modules and collections.
Manage skills across 20+ AI platforms (Claude Code, Cursor, Copilot, Gemini, OpenClaw, Hermes, etc.). Use `list` as the unified entrypoint. Default behavior is listing skills only; only guide/recommend when the user explicitly asks what skill to use.
Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
Designs and implements CI/CD pipelines for automated testing, building, deployment, and security scanning across multiple platforms. Covers pipeline optimization, test integration, artifact management, and release automation.
One-time project onboarding for swain. Migrates existing CLAUDE.md content to AGENTS.md (with the @AGENTS.md include pattern), verifies vendored tk (ticket) for task tracking, configures pre-commit security hooks (gitleaks default), and offers to add swain governance rules. Run once when adopting swain in a new project — use swain-doctor for ongoing per-session health checks.
System Audit - Proactively identify bug risks, security vulnerabilities, performance issues, maintainability debt, and architecture drift from code, and generate a batch list of findings. Triggers: Users say "review the system", "audit code", "scan for issues", "find bugs", "what can be optimized".
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
This skill should be used when the user asks for "security status", "show findings", "security dashboard", "security posture", or invokes /appsec:status. Shows current security posture overview.