Security (840)

🛡️ Supabase Postgres Best Practices

This skill helps optimize Postgres queries, schemas, and configs with Supabase best practices to boost performance and security.

databasesqlperformancesecurity

4.4k

🛡️ Create Auth

This skill guides you to add robust authentication in TypeScript/JavaScript apps using Better Auth across frontend, backend, and migrations.

backendfrontendfullstacksecurity

1.6k

🛡️ Code Reviewer

This skill guides you through professional code reviews, targeting local changes or remote PRs to improve correctness and maintainability.

code-reviewgittestingsecurity

611

🛡️ Api Platform Filters

This skill helps define explicit Symfony API Platform contracts and filters, ensuring security, mapping, and validation align across operations.

apibackendsecuritytesting

523

🛡️ Project Setup

This skill guides you through initializing a new Firebase project with TypeScript, emulators, and architecture choices for a solid foundation.

backendclouddevopstesting

523

🛡️ Elevenlabs Agents

This skill helps you configure and troubleshoot ElevenLabs voice agents with RAG knowledge bases, tool integration, and secure deployment.

aiautomationcloudsecurity

211

🛡️ Postgres Patterns

This skill helps you optimize PostgreSQL queries, schemas, and security using best practices from Supabase, boosting performance and reliability.

databasesqlperformancesecurity

190

🛡️ Auth Module Architecture

This skill helps you design and enforce RBAC-based auth architectures across IAM, OAuth, and resource permissions for BK-CI.

backendsecurityci-cddevops

183

🛡️ Code Review

This skill provides structured code review guidance, comprehensive checklists, and constructive feedback to improve functionality, security, performance, and

code-reviewsecurityperformancetesting

169

🛡️ Permission Model Change Guide

This skill guides users through IAM RBAC permission model changes, covering resource types, actions, migrations, and validation for safe rollout.

ci-cddevopssecuritymigration

141

🛡️ Go Code Review

This skill reviews Encore Go code for best practices, highlighting infrastructure placement, context usage, error handling, and security improvements to guide

code-reviewbackendsecuritydatabase

98

🛡️ Openai Agentkit

This skill guides building production-ready multi-agent systems with OpenAI AgentKit and Agents SDK, optimizing handoffs, routines, and orchestration.

aiautomationbackendmonitoring

86

🛡️ Tanstack Start

This skill helps you implement TanStack Start best practices for full-stack React apps, improving security, SSR reliability, and deployment efficiency.

fullstackbackendsecuritydevops

86

🛡️ Security Audit

This skill guides secure code reviews and vulnerability assessments, delivering actionable OWASP mappings, remediation roadmaps, and evidence for robust

securitycode-reviewtestingpython

81

🛡️ Fastify

This skill helps you implement production-grade Fastify TypeScript patterns with schema validation, plugins, security, testing, and graceful shutdown.

backendapitestingsecurity

74

🛡️ Security Review

Comprehensive security code review covering OWASP Top 10, authentication, authorization, and secure coding practices. Use when reviewing code for vulnerabilities or implementing security features.

langconfigsecurity

72

🛡️ Mcp Architecture

This skill helps you design and deploy MCP servers that enable standardized AI-to-data integrations across resources, tools, and prompts.

aibackendapidata

71

🛡️ Code Review

Systematic code review guidance covering best practices, security, performance, and maintainability. Use when reviewing code, checking PRs, or analyzing code quality.

langconfigsecurity

70

🛡️ Qa Checklist

Formal Quality Assurance Checklist before every Merge/Deploy. 6-phase validation with Build Verification, Test Suite, No-Touch Zones, Region Check, Security Review, and QA Report generation. Activate on "merge", "deploy", "release", "production", or /qa command.

svenja-devsecurity

68

🛡️ Auth Web

This skill helps you implement Web frontend authentication with CloudBase, supporting multiple login methods and seamless user management for your app.

cloudfrontendsecuritybackend

61

🛡️ Wp Plugin Development

This skill helps you develop secure, maintainable WordPress plugins by guiding architecture, hooks, settings, migrations, and packaging.

backendsecuritycode-reviewtesting

56

🛡️ Auth Tool

This skill helps you configure and manage CloudBase authentication providers and login methods across apps using MCP tools.

cloudbackendapisecurity

54

🛡️ Database

This skill helps you manage Encore database operations, including queries, migrations, and Drizzle ORM integration for secure, efficient data access.

databasesqlbackendmigration

54

🛡️ React 19

This skill helps you write React 19 components and hooks efficiently by enforcing proper imports, server components-first patterns, and ref-as-prop usage.

frontenddebuggingrefactorcode-review

54

🛡️ Cloudbase Platform

This skill helps you understand CloudBase platform concepts, configure authentication, deploy functions, manage databases, and optimize data models across web

cloudbackenddatabasesecurity

49

🛡️ Iac Security Auditor

Use this skill AFTER a terraform plan has been generated. This skill audits a terraform plan file for security vulnerabilities (using tfsec/checkov) and company compliance policies. It either APPROVES or REJECTS the plan.

jgtolentinosecurity

49

🛡️ Backend Development

This skill helps design, secure, and optimize production-grade backends across Node/Python stacks with scalable APIs and robust security.

backendapisecurityperformance

48

🛡️ Security

Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.

openhandssecurity

48

🛡️ Unit Test Security Authorization

This skill provides patterns for unit testing Spring Security authorization, enabling RBAC and expression-based checks without full security context.

springsecurityunit-teststesting

44

🛡️ Capacitor Security

Comprehensive security guide for Capacitor apps using Capsec scanner. Covers 63+ security rules across secrets, storage, network, authentication, cryptography, and platform-specific vulnerabilities. Use this skill when users need to secure their mobile app or run security audits.

cap-gosecurity

42

🛡️ Resend Skills

This skill routes to Resend sub-skills for sending, receiving, or AI inbox handling to streamline email workflows.

aibackendapiautomation

42

🛡️ Acl Security

This skill should be used when the user asks to "create ACL", "access control", "security rule", "restrict access", "role based access", "row level security", "field level security", or any ServiceNow ACL and security configuration.

groeimetaisecurity

40

🛡️ Cloud Storage Web

This skill helps you manage CloudBase cloud storage in web apps by uploading, generating temporary URLs, downloading, and deleting files with the Web SDK.

cloudfrontendapitypescript

39

🛡️ Capacitor Best Practices

Best practices for Capacitor app development including project structure, plugin usage, performance optimization, security, and deployment. Use this skill when reviewing Capacitor code, setting up new projects, or optimizing existing apps.

cap-gosecurity

38

🛡️ Security Engineering

This skill helps you design secure architectures, implement authentication and authorization, and enforce compliance through threat modeling and incident

securityinfracloudcode-review

38

🛡️ Ms365 Tenant Manager

This skill helps Global Administrators streamline Microsoft 365 tenant setup, security, and governance with actionable guidance and automation.

cloudsecurityautomationscripting

37

🛡️ 0 Research

This skill streamlines technical research by applying YAGNI, KISS, and DRY to evaluate technologies, architectures, and best practices for scalable solutions.

researchbackendsecurityperformance

29

🛡️ Spring Ai Mcp Server Patterns

This skill helps you implement MCP servers with Spring AI, exposing tools, resources, and prompts for scalable AI integrations.

aibackendspringsecurity

28

🛡️ Code Review

This skill reviews Encore.ts code for best practices, highlighting anti-patterns and guiding fixes to improve reliability and maintainability.

code-reviewbackendsecuritydebugging

26

🛡️ Code Review

This skill should be used when the user asks to "review code", "code review", "check my code", "audit code", "find bugs", "security review", "performance review", or any ServiceNow code quality assessment.

groeimetaisecurity

26

🛡️ Mcp Complete Guide

Complete 11-phase guide for building production-ready MCP (Model Context Protocol) servers with semantic layer integration. Covers foundation to deployment, including agent-centric design, tool development, testing, error handling, performance optimization, monitoring, security, governance, and sema

jgtolentinosecurity

25

🛡️ Infra Engineer

This skill helps you design and operate multi-cloud infrastructure with IaC, CI/CD, GitOps, security, and FinOps to optimize performance and cost.

infraclouddevopssecurity

24

🛡️ Sqlite

This skill helps you build secure SQLite database operations with parameterized queries, migrations, and FTS5 support for desktop apps.

databasesqlsecurityperformance

20

🛡️ Aws Cloudformation Ec2

This skill provides reusable AWS CloudFormation patterns for EC2, security groups, IAM roles, and ALB configurations to speed infrastructure as code.

awscloudinfradevops

18

🛡️ Aws Cloudformation Iam

This skill helps you implement AWS CloudFormation IAM resources with least privilege, cross-account access, and structured templates for secure infrastructure.

awscloudinfrasecurity

18

🛡️ Django Rest Framework

This skill helps you build robust RESTful APIs with Django REST Framework serializers, viewsets, and authentication, boosting backend productivity.

djangorestbackendapi

18

🛡️ Iac Executor

Use this skill ONLY after a plan has been APPROVED by both the `iac-security-auditor` skill and the human user. This skill safely applies a confirmed terraform plan.

jgtolentinosecurity

17

🛡️ Aws Cloudformation Dynamodb

This skill helps you design production-ready DynamoDB infrastructure with CloudFormation, covering tables, keys, indexes, auto-scaling, encryption, TTL,

cloudawsdatabaseinfra

14

🛡️ Mobile Development

This skill helps you design, implement, and optimize cross-platform mobile apps with offline-first architecture and platform-aware UX.

performancetestinguxsecurity

14

🛡️ Security Hardening Checklist

This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, cookie configuration, RLS policies, input sanitization, rate limiting, and other security measures. It generates a comprehensive security audit report with actionable reco

hopeoverturesecurity

13

🛡️ Hooks Builder

Create event-driven hooks for Claude Code automation. Use when the user wants to create hooks, automate tool validation, add pre/post processing, enforce security policies, or configure settings.json hooks. Triggers: create hook, build hook, PreToolUse, PostToolUse, event automation, tool validation

mike-coulbournsecurity

11

🛡️ Preview Testing

Comprehensive E2E + Security Tests for Vercel Preview Deployments. Combines Playwright automation with Claude-in-Chrome MCP for interactive debugging. Activate on PR creation, before merge, or manual /preview-test.

svenja-devsecurity

11

🛡️ Solodit Api Skill

This skill helps you search and filter 50,000+ smart contract vulnerabilities across major audits for rapid security insights.

securitydatabaseanalyticsapi

11

🛡️ Aws Cloudformation Cloudfront

This skill helps you define production CloudFront distributions with CloudFormation, multiple origins, caching, security headers, and cross-stack references.

awscloudautomationperformance

9

🛡️ Langchain4j Mcp Server Patterns

This skill helps you implement MCP servers with LangChain4j to standardize tools, resources, and prompts for scalable AI apps.

aibackendjavaspring

9

🛡️ Ln 620 Codebase Auditor

This skill coordinates nine audit workers to assess codebase quality and writes a consolidated report to docs/project/codebase_audit.md.

automationcode-reviewsecuritydocs

9

🛡️ Prompt Guard

This skill defends AI agents against prompt injection by detecting and blocking suspicious inputs with offline 577-pattern defense and optional API access.

securitypythonapicli

9

🛡️ Audit Skill

Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis. Use this skill when performing security audits, code reviews, vulnerability assessments, module structure validation, or generating audit reports.

jgtolentinosecurity

8

🛡️ Codex Code Review

This skill performs automated code reviews using Codex CLI to analyze diffs, PRs, or files and provide actionable quality, security, and performance feedback.

code-reviewsecurityperformancebackend

8

🛡️ Security Threat Model

This skill guides secure threat modeling for systems handling sensitive data, enabling STRIDE analysis, trust boundary mapping, and prioritized mitigations.

securitybackendapidata

8