Search Results: security

Found 1,610 Skills

codex-review

AI-powered code review via the OpenAI Codex CLI. This skill should be used when reviewing branch diffs before merging a PR, auditing uncommitted changes during development, inspecting a specific commit, performing custom-scoped reviews, or whenever changes touch security-sensitive paths or exhibit risky patterns.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicesitsmostafa/aws-agent-skil...

ec2

AWS EC2 virtual machine management for instances, AMIs, and networking. Use when launching instances, configuring security groups, managing key pairs, troubleshooting connectivity, or automating instance lifecycle.

🇺🇸|EnglishTranslated

Backend Developmentlaskar-ksatria/building-o...

nodejs-express-mongodb-backend-pattern

Scaffolds or references a production-ready Node.js REST API with Express 5, TypeScript, Mongoose (MongoDB), Redis, Sentry, JWT auth, bcrypt, rate limiting, and centralized error handling. Use when the user wants to start a new observable and resilient backend, needs a Node.js API boilerplate with security and monitoring, or asks to clone or adapt this template repository.

🇺🇸|EnglishTranslated

Backend Developmentmindrally/skills

solidity

Expert in Solidity smart contract development with security and gas optimization

🇺🇸|EnglishTranslated

Security & Compliancejwynia/agent-skills

dependency-scan

Detect CVEs and security issues in project dependencies. Use when you need to analyze packages for known vulnerabilities across npm, pip, cargo, and other ecosystems.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

supply-chain-risk-auditor

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

agentic-actions-auditor

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security for prompt injection risks, or evaluating agentic action configurations.

🇺🇸|EnglishTranslated

Security & Compliancesrstomp/pokayokay

security-audit

Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.

🇺🇸|EnglishTranslated

Security & Compliancefusengine/agents

auth-audit

Audit authentication and authorization patterns. Checks JWT, sessions, OAuth2, PKCE implementations for security best practices and common vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancejd-opensource/joysafeter

pentest-api-deep

Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.

🇺🇸|EnglishTranslated

Project Managementsamhvw8/dot-claude

research

Technical research methodology with YAGNI/KISS/DRY principles. Phases: scope definition, information gathering, analysis, synthesis, recommendation. Capabilities: technology evaluation, architecture analysis, best practices research, trade-off assessment, solution design. Actions: research, analyze, evaluate, compare, recommend technical solutions. Keywords: research, technology evaluation, best practices, architecture analysis, trade-offs, scalability, security, maintainability, YAGNI, KISS, DRY, technical analysis, solution design, competitive analysis, feasibility study. Use when: researching technologies, evaluating architectures, analyzing best practices, comparing solutions, assessing technical trade-offs, planning scalable/secure systems.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicesdelexw/claude-code-misc

datadog-analyser

Analyse Datadog observability data including metrics, logs, monitors, incidents, SLOs, APM traces, RUM, security signals, and more. Use when asked to investigate infrastructure health, query metrics, search logs, check monitors, diagnose errors, or analyse any Datadog data.

🇺🇸|EnglishTranslated