Loading...
Loading...
Found 70 Skills
Use when preparing any project for production deployment, performing security audits, or release preparation. Triggers on "make production ready", "security audit", "prepare for release", "hardening", "pre-deployment checklist".
Validate CORS policies for security issues and misconfigurations. Use when reviewing cross-origin resource sharing. Trigger with 'validate CORS', 'check CORS policy', or 'review cross-origin'.
Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.
Comprehensive security audit skill for NEAR Protocol smart contracts written in Rust. Use when auditing NEAR contracts, reviewing security vulnerabilities, or analyzing contract code for issues like reentrancy, unhandled promises, unsafe math, access control flaws, and callback security.
Comprehensive pentesting toolkit using Kali Linux Docker container. Provides direct access to 200+ security tools without MCP overhead. Use when conducting security assessments, penetration testing, vulnerability scanning, or security research. Works via direct docker exec commands for maximum efficiency.
Security audit workflow - vulnerability scan → verification
This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp ...
Red-team security review for code changes. Use when reviewing pending git changes, branch diffs, or new features for security vulnerabilities, permission gaps, injection risks, and attack vectors. Acts as a pen-tester analyzing code.
Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.
Ensures baseline security practices are followed in the project. Use this when asked to perform a security audit on the codebase. Automatically creates Jira stories for each security finding.
Dependency management and auditing — evaluating new dependencies, security vulnerability scanning, update strategies, and license compliance. Use when adding or auditing dependencies.
Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.