Loading...
Loading...
Found 97 Skills
Rate Limiter Config - Auto-activating skill for Security Fundamentals. Triggers on: rate limiter config, rate limiter config Part of the Security Fundamentals skill category.
Use when designing, planning, implementing, or reviewing any non-trivial change — enforces defense in depth, input validation, secure defaults, and OWASP best practices to prevent vulnerabilities before they ship
Use when the user explicitly requests security best practices guidance, a security review or report, or secure-by-default coding help for Python, JavaScript or TypeScript, or Go code.
Secure Code Warrior integration. Manage data, records, and automate workflows. Use when the user wants to interact with Secure Code Warrior data.
Guideline for designing, implementing, and verifying secure Python applications following OWASP Top 10 best practices. Use when the user wants to: (1) review Python code for security vulnerabilities, (2) design a secure Python application architecture, (3) implement security features (authentication, authorization, cryptography, input validation), (4) audit Python dependencies for known vulnerabilities, (5) create security checklists or verification plans, (6) fix security bugs or harden existing Python code, (7) set up security testing and static analysis (bandit, safety, semgrep), or (8) handle any Python security concern including injection prevention, secure deserialization, SSRF protection, secrets management, and secure deployment.
OWASP Top 10 security audit and secure coding guidelines for Laravel + React/Inertia.js applications. Use when auditing for vulnerabilities ("run OWASP audit", "security review", "check my app security") or writing secure Laravel code involving auth, payments, file uploads, or API design. Triggers on security-related tasks, payment handling, authentication, or any request to audit a Laravel codebase.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Hardcoded Credential Finder - Auto-activating skill for Security Fundamentals. Triggers on: hardcoded credential finder, hardcoded credential finder Part of the Security Fundamentals skill category.
Xss Vulnerability Scanner - Auto-activating skill for Security Fundamentals. Triggers on: xss vulnerability scanner, xss vulnerability scanner Part of the Security Fundamentals skill category.
OWASP security guidelines and Top 10 vulnerabilities USE WHEN: user mentions "OWASP", "security audit", "vulnerability scan", asks about "injection", "XSS", "CSRF", "access control", "authentication security" DO NOT USE FOR: OWASP Top 10:2025 specific - use `owasp-top-10` instead
Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement. Use when: authentication implementation, authorization logic, payment processing, user data handling, API endpoint creation, file upload handling, database queries, external API integration. Skip when: read-only operations on public data, internal development tooling, static documentation, styling changes.
Use when reviewing code for security vulnerabilities, implementing authentication or authorization, handling user input, managing secrets, or auditing dependencies for known CVEs. Triggers: auth implementation, input handling, secrets management, dependency audit, pre-deployment security check, OWASP compliance review.