Search Results: owasp

Found 183 Skills

Security & Compliancevasilyu1983/ai-agents-pub...

software-security-appsec

Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.

🇺🇸|EnglishTranslated

Security & Compliancescientiacapital/skills

security

Application security patterns - authentication, secrets management, input validation, OWASP Top 10. Use when: auth, JWT, secrets, API keys, SQL injection, XSS, CSRF, RLS, security audit, pen testing basics.

🇺🇸|EnglishTranslated

Security & Complianceoutfitter-dev/agents

security

This skill should be used when auditing code for security issues, reviewing authentication/authorization, evaluating input validation, analyzing cryptographic usage, or reviewing dependency security. Provides OWASP patterns, CWE analysis, and threat modeling guidance.

🇺🇸|EnglishTranslated

Security & Compliances-hiraoku/synapse-a2a

security-audit

General-purpose security auditing guide. Covers OWASP Top 10, dependency vulnerabilities, authentication, authorization, input validation, and secret management. Use this when performing a security review or audit.

🇺🇸|EnglishTranslated

Security & Compliancesgcarstrends/sgcarstrends

security

Security auditing for code vulnerabilities (OWASP Top 10, XSS, SQL injection) and dependency scanning (pnpm audit, Snyk). Use when handling user input, adding authentication, before deployments, or resolving CVEs.

🇺🇸|EnglishTranslated

Security & Complianceyonatangross/orchestkit

security-patterns

Security patterns for authentication, defense-in-depth, input validation, OWASP Top 10, LLM safety, and PII masking. Use when implementing auth flows, security layers, input sanitization, vulnerability prevention, prompt injection defense, or data redaction.

🇺🇸|EnglishTranslated

4 scripts/Checked

Security & Compliancejwynia/agent-skills

security-scan

Scan code for security vulnerabilities including OWASP Top 10, secrets, and misconfigurations. Use when you need comprehensive security analysis of a codebase.

🇺🇸|EnglishTranslated

Security & Compliancebagelhole/devops-security...

dast-scanning

Perform dynamic application security testing with OWASP ZAP, Burp Suite, and Nikto. Test running applications for security vulnerabilities through automated and manual testing. Use when testing web applications, APIs, or performing penetration testing.

🇺🇸|EnglishTranslated

Security & Compliancesickn33/antigravity-aweso...

laravel-security-audit

Security auditor for Laravel applications. Analyzes code for vulnerabilities, misconfigurations, and insecure practices using OWASP standards and Laravel security best practices.

🇺🇸|EnglishTranslated

Security & Complianceghostsecurity/skills

ghost-scan-code

Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Complianceoakoss/agent-skills

application-security

Application security covering threat modeling (STRIDE), OWASP Top 10 (2025), OWASP API Security Top 10 (2023), secure coding review, authentication/authorization patterns, input validation, encryption, security headers, supply chain security, compliance (GDPR/HIPAA/SOC2/PCI-DSS), and security monitoring. Use when reviewing code for vulnerabilities, implementing auth patterns, securing APIs, configuring security headers, hardening supply chain, preventing injection attacks, or preparing for compliance audits.

🇺🇸|EnglishTranslated

Security & Compliancejd-opensource/joysafeter

pentest-mobile-app

OWASP Mobile Top 10 security testing for Android and iOS — local storage, certificate pinning bypass, IPC abuse, and binary protections.

🇺🇸|EnglishTranslated