Loading...
Loading...
Found 2,960 Skills
Analyze Flutter and mobile applications for OWASP Mobile Top 10 (2024) security compliance. Use this skill when performing security audits, vulnerability assessments, or compliance checks on mobile applications. Performs automated scans for hardcoded secrets, insecure storage, weak cryptography, network security issues, and provides detailed remediation guidance.
[Architecture] Use when reviewing code for security vulnerabilities, implementing authorization, or ensuring data protection.
Lint Docker Compose files for Makefile-first deployment environments using .deploy.env.common + .deploy.env.<ENV_MODE>. Use when validating local/test/prod/custom compose files for image/build declaration, restart, healthcheck, logging, and external network settings.
Teaches AI agents to recognize and avoid security threats during normal activity. Covers phishing detection, credential protection, domain verification, and social engineering defense. Use when building agents that access email, credential vaults, web browsers, or sensitive data.
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations
安全自动化的专业技能和方法论
Security best practices for Mapbox access tokens, including scope management, URL restrictions, rotation strategies, and protecting sensitive data. Use when creating, managing, or advising on Mapbox token security.
Professional Skills and Methodologies for Mobile Application Security Testing
Assists developers with understanding Tauri application lifecycle security threats spanning development, build, distribution, and runtime phases, including threat mitigation strategies and security best practices.
Credential exposure detection, OAuth flow validation, API key management testing, and data sanitization verification for n8n workflows. Use when validating n8n workflow security.
GitHub Actions security review for workflow exploitation vulnerabilities. Use when asked to "review GitHub Actions", "audit workflows", "check CI security", "GHA security", "workflow security review", or review .github/workflows/ for pwn requests, expression injection, credential theft, and supply chain attacks. Exploitation-focused with concrete PoC scenarios.
iOS security best practices including Keychain Services, CryptoKit encryption, biometric authentication with Face ID and Touch ID, Secure Enclave key storage, LAContext configuration, App Transport Security (ATS), certificate pinning, data protection classes, secure coding patterns, and encryption implementation. Use when implementing app security features, auditing privacy manifests, configuring App Transport Security, securing keychain access, adding biometric authentication, or encrypting sensitive data with CryptoKit.