Loading...
Loading...
Found 7 Skills
Scan codebase for security vulnerabilities including secrets, insecure dependencies, and unsafe code patterns. Use when performing automated security scans.
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
Scan for unprotected MCP servers using @contextware/mcp-scan package. Enables security auditing of local AI tools and network endpoints.
Scan code repositories for security threats including data exfiltration, backdoors, malicious code injection, dependency chain risks, and sensitive file access. Use this skill when users want to audit a codebase (especially TypeScript/JavaScript/Node.js projects) for security vulnerabilities, detect hidden malware, review npm dependencies for supply-chain attacks, check for credential leaks, or perform a pre-deployment security review. Triggers on requests like "scan for malicious code", "security audit", "check for backdoors", "review dependencies for vulnerabilities", "detect data exfiltration".
WHEN: Performance analysis, bundle size optimization, rendering, Core Web Vitals, code splitting WHAT: Bundle analysis + large dependency detection + re-render issues + useMemo/useCallback suggestions + LCP/FID/CLS improvements WHEN NOT: Code quality → code-reviewer, Security → security-scanner
Security scanner for vibe-coded projects. AUTO-INVOKE this skill before any git commit, git push, or when user says "commit", "push", "ship it", "deploy", "is this safe?", "check for security issues", or "goodvibesonly". Also invoke after generating code that handles user input, authentication, database queries, or file operations.
Security scanner for code, addresses, and transactions