Loading...
Loading...
Found 116 Skills
Use when the user wants to create a GitHub fine-grained personal access token with minimal permissions for a specific task — determines minimal permissions and generates a prefill URL for the GitHub web UI
Use when the task involves authentication, user signups, logins, password recovery, OAuth providers, role-based access control, or protecting routes and functions. Always use `@netlify/identity`. Never use `netlify-identity-widget` or `gotrue-js` — they are deprecated.
Dataverse Security Model. Use when: designing security roles, column-level security, business units, teams (owner/access/AAD group), record sharing, hierarchy security, minimum viable privileges, security role management via Web API.
Apply when controlling access to VTEX IO app resources using role-based or resource-based policies. Covers policies.json for role-based access control, service.json policies for resource-based access, VRN syntax for principals, the difference between app-to-app and user/integration access, and GraphQL @auth directives. Use when deciding how to secure routes and restrict which apps, users, or integrations can access your endpoints.
Professional Skills and Methodologies for Insecure Direct Object Reference (IDOR) Testing
Database security, access control, and data protection
Implement granular user permissions in Umbraco backoffice using official docs
Safegres is Constructive's security protocol for expressing authorization as Authz* policy nodes (types + JSON configs). This skill defines each Authz* type, its config shape, semantics, and when to use it. No SQL and no SDK/grant/RLS steps.
飞书云文档权限管理。支持添加/删除/查看协作者、公开权限管理、分享密码、批量添加、 权限检查、转移所有权。当用户请求"添加权限"、"权限管理"、"共享文档"、"授权"、 "协作者"、"full_access"、"转移所有权"时使用。
Gatekeeper integration. Manage Users, Organizations. Use when the user wants to interact with Gatekeeper data.
Use when applying encapsulation and information hiding principles in object-oriented design. Use when controlling access to object state and behavior.
Smart contract security best practices for Solidity development. Use when writing, reviewing, or auditing Solidity code. Covers reentrancy prevention, access control patterns, safe external calls, input validation, upgrade safety, and OWASP Smart Contract Top 10 vulnerabilities. Triggers on tasks involving security, vulnerability detection, access control, CEI pattern, ReentrancyGuard, SafeERC20, or smart contract auditing.