Security (857)

🛡️ Supabase Postgres Best Practices

This skill helps optimize Postgres queries, schemas, and configs with Supabase best practices to boost performance and security.

databasesqlperformancesecurity

4.4k

🛡️ Audit Website

Audit websites for SEO, performance, security, technical, content, and 15 other issue cateories with 150+ rules using the squirrelscan CLI. Returns LLM-optimized reports with health scores, broken links, meta tag analysis, and actionable recommendations. Use to discover and asses website or webapp i

squirrelscansecurity

4.1k

🛡️ Create Auth

This skill guides you to add robust authentication in TypeScript/JavaScript apps using Better Auth across frontend, backend, and migrations.

backendfrontendfullstacksecurity

1.6k

🛡️ Email Best Practices

This skill helps you implement email best practices for deliverability, compliance, and reliable sending across transactional and marketing emails.

marketingsecurityoperationsbackend

1k

🛡️ Code Reviewer

This skill guides you through professional code reviews, targeting local changes or remote PRs to improve correctness and maintainability.

code-reviewgittestingsecurity

611

🛡️ Stripe Best Practices

This skill guides Stripe integration design using CheckoutSessions and APIs, ensuring up-to-date practices and safe migration paths for robust payments.

apibackendfrontendfullstack

580

🛡️ Api Platform Filters

This skill helps define explicit Symfony API Platform contracts and filters, ensuring security, mapping, and validation align across operations.

apibackendsecuritytesting

523

🛡️ Project Setup

This skill guides you through initializing a new Firebase project with TypeScript, emulators, and architecture choices for a solid foundation.

backendclouddevopstesting

523

🛡️ Agent Nestjs Skills

NestJS best practices and architecture patterns for building production-ready applications. This skill should be used when writing, reviewing, or refactoring NestJS code to ensure proper patterns for modules, dependency injection, security, and performance.

kadajettsecurity

505

🛡️ Elevenlabs Agents

This skill helps you configure and troubleshoot ElevenLabs voice agents with RAG knowledge bases, tool integration, and secure deployment.

aiautomationcloudsecurity

211

🛡️ Postgres Patterns

This skill helps you optimize PostgreSQL queries, schemas, and security using best practices from Supabase, boosting performance and reliability.

databasesqlperformancesecurity

190

🛡️ Auth Module Architecture

This skill helps you design and enforce RBAC-based auth architectures across IAM, OAuth, and resource permissions for BK-CI.

backendsecurityci-cddevops

183

🛡️ Code Review

This skill provides structured code review guidance, comprehensive checklists, and constructive feedback to improve functionality, security, performance, and

code-reviewsecurityperformancetesting

169

🛡️ Permission Model Change Guide

This skill guides users through IAM RBAC permission model changes, covering resource types, actions, migrations, and validation for safe rollout.

ci-cddevopssecuritymigration

141

🛡️ Java Spring Boot

Build production Spring Boot applications - REST APIs, Security, Data, Actuator

pluginagentmarketplacesecurity

112

🛡️ Terraform Style Guide

This skill helps you generate Terraform configurations following HashiCorp style, ensuring proper structure, naming, and security best practices.

infracloudsecurityformatting

110

🛡️ Go Code Review

This skill reviews Encore Go code for best practices, highlighting infrastructure placement, context usage, error handling, and security improvements to guide

code-reviewbackendsecuritydatabase

98

🛡️ Openai Agentkit

This skill guides building production-ready multi-agent systems with OpenAI AgentKit and Agents SDK, optimizing handoffs, routines, and orchestration.

aiautomationbackendmonitoring

86

🛡️ Tanstack Start

This skill helps you implement TanStack Start best practices for full-stack React apps, improving security, SSR reliability, and deployment efficiency.

fullstackbackendsecuritydevops

86

🛡️ Security Audit

This skill guides secure code reviews and vulnerability assessments, delivering actionable OWASP mappings, remediation roadmaps, and evidence for robust

securitycode-reviewtestingpython

81

🛡️ Fastify

This skill helps you implement production-grade Fastify TypeScript patterns with schema validation, plugins, security, testing, and graceful shutdown.

backendapitestingsecurity

74

🛡️ Nextjs Patterns

This skill helps you implement advanced Next.js patterns with Clerk, including middleware, server actions, and strategic caching for secure, efficient apps.

nextjssecurityperformancedebugging

72

🛡️ Security Review

Comprehensive security code review covering OWASP Top 10, authentication, authorization, and secure coding practices. Use when reviewing code for vulnerabilities or implementing security features.

langconfigsecurity

72

🛡️ Mcp Architecture

This skill helps you design and deploy MCP servers that enable standardized AI-to-data integrations across resources, tools, and prompts.

aibackendapidata

71

🛡️ Code Review

Systematic code review guidance covering best practices, security, performance, and maintainability. Use when reviewing code, checking PRs, or analyzing code quality.

langconfigsecurity

70

🛡️ Qa Checklist

Formal Quality Assurance Checklist before every Merge/Deploy. 6-phase validation with Build Verification, Test Suite, No-Touch Zones, Region Check, Security Review, and QA Report generation. Activate on "merge", "deploy", "release", "production", or /qa command.

svenja-devsecurity

68

🛡️ Auth Web

This skill helps you implement Web frontend authentication with CloudBase, supporting multiple login methods and seamless user management for your app.

cloudfrontendsecuritybackend

61

🛡️ Wp Plugin Development

This skill helps you develop secure, maintainable WordPress plugins by guiding architecture, hooks, settings, migrations, and packaging.

backendsecuritycode-reviewtesting

56

🛡️ Auth Tool

This skill helps you configure and manage CloudBase authentication providers and login methods across apps using MCP tools.

cloudbackendapisecurity

54

🛡️ Database

This skill helps you manage Encore database operations, including queries, migrations, and Drizzle ORM integration for secure, efficient data access.

databasesqlbackendmigration

54

🛡️ React 19

This skill helps you write React 19 components and hooks efficiently by enforcing proper imports, server components-first patterns, and ref-as-prop usage.

frontenddebuggingrefactorcode-review

54

🛡️ Cloudbase Platform

This skill helps you understand CloudBase platform concepts, configure authentication, deploy functions, manage databases, and optimize data models across web

cloudbackenddatabasesecurity

49

🛡️ Iac Security Auditor

Use this skill AFTER a terraform plan has been generated. This skill audits a terraform plan file for security vulnerabilities (using tfsec/checkov) and company compliance policies. It either APPROVES or REJECTS the plan.

jgtolentinosecurity

49

🛡️ Backend Development

This skill helps design, secure, and optimize production-grade backends across Node/Python stacks with scalable APIs and robust security.

backendapisecurityperformance

48

🛡️ Security

Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.

openhandssecurity

48

🛡️ Unit Test Security Authorization

This skill provides patterns for unit testing Spring Security authorization, enabling RBAC and expression-based checks without full security context.

springsecurityunit-teststesting

44

🛡️ Capacitor Security

Comprehensive security guide for Capacitor apps using Capsec scanner. Covers 63+ security rules across secrets, storage, network, authentication, cryptography, and platform-specific vulnerabilities. Use this skill when users need to secure their mobile app or run security audits.

cap-gosecurity

42

🛡️ Resend Skills

This skill routes to Resend sub-skills for sending, receiving, or AI inbox handling to streamline email workflows.

aibackendapiautomation

42

🛡️ Acl Security

This skill should be used when the user asks to "create ACL", "access control", "security rule", "restrict access", "role based access", "row level security", "field level security", or any ServiceNow ACL and security configuration.

groeimetaisecurity

40

🛡️ Cloud Storage Web

This skill helps you manage CloudBase cloud storage in web apps by uploading, generating temporary URLs, downloading, and deleting files with the Web SDK.

cloudfrontendapitypescript

39

🛡️ Capacitor Best Practices

Best practices for Capacitor app development including project structure, plugin usage, performance optimization, security, and deployment. Use this skill when reviewing Capacitor code, setting up new projects, or optimizing existing apps.

cap-gosecurity

38

🛡️ Security Engineering

This skill helps you design secure architectures, implement authentication and authorization, and enforce compliance through threat modeling and incident

securityinfracloudcode-review

38

🛡️ Ms365 Tenant Manager

This skill helps Global Administrators streamline Microsoft 365 tenant setup, security, and governance with actionable guidance and automation.

cloudsecurityautomationscripting

37

🛡️ 0 Research

This skill streamlines technical research by applying YAGNI, KISS, and DRY to evaluate technologies, architectures, and best practices for scalable solutions.

researchbackendsecurityperformance

29

🛡️ Spring Ai Mcp Server Patterns

This skill helps you implement MCP servers with Spring AI, exposing tools, resources, and prompts for scalable AI integrations.

aibackendspringsecurity

28

🛡️ Code Review

This skill reviews Encore.ts code for best practices, highlighting anti-patterns and guiding fixes to improve reliability and maintainability.

code-reviewbackendsecuritydebugging

26

🛡️ Code Review

This skill should be used when the user asks to "review code", "code review", "check my code", "audit code", "find bugs", "security review", "performance review", or any ServiceNow code quality assessment.

groeimetaisecurity

26

🛡️ Mcp Complete Guide

Complete 11-phase guide for building production-ready MCP (Model Context Protocol) servers with semantic layer integration. Covers foundation to deployment, including agent-centric design, tool development, testing, error handling, performance optimization, monitoring, security, governance, and sema

jgtolentinosecurity

25

🛡️ Infra Engineer

This skill helps you design and operate multi-cloud infrastructure with IaC, CI/CD, GitOps, security, and FinOps to optimize performance and cost.

infraclouddevopssecurity

24

🛡️ Azure Devops

Comprehensive skill for working with Azure DevOps REST API across all services including Boards (work items, queries, backlogs), Repos (Git, pull requests, commits), Pipelines (builds, releases, deployments), Test Plans, Artifacts, organizations, projects, security, extensions, and more. Use when im

markpittsecurity

23

🛡️ Pulumi Best Practices

This skill guides you in writing reliable Pulumi programs by enforcing proper Output handling, component structure, secrets management, and safe refactoring.

devopsinfracloudcode-review

22

🛡️ Sqlite

This skill helps you build secure SQLite database operations with parameterized queries, migrations, and FTS5 support for desktop apps.

databasesqlsecurityperformance

20

🛡️ Aws Cloudformation Ec2

This skill provides reusable AWS CloudFormation patterns for EC2, security groups, IAM roles, and ALB configurations to speed infrastructure as code.

awscloudinfradevops

18

🛡️ Aws Cloudformation Iam

This skill helps you implement AWS CloudFormation IAM resources with least privilege, cross-account access, and structured templates for secure infrastructure.

awscloudinfrasecurity

18

🛡️ Django Rest Framework

This skill helps you build robust RESTful APIs with Django REST Framework serializers, viewsets, and authentication, boosting backend productivity.

djangorestbackendapi

18

🛡️ Iac Executor

Use this skill ONLY after a plan has been APPROVED by both the `iac-security-auditor` skill and the human user. This skill safely applies a confirmed terraform plan.

jgtolentinosecurity

17

🛡️ Aws Cloudformation Dynamodb

This skill helps you design production-ready DynamoDB infrastructure with CloudFormation, covering tables, keys, indexes, auto-scaling, encryption, TTL,

cloudawsdatabaseinfra

14

🛡️ Mobile Development

This skill helps you design, implement, and optimize cross-platform mobile apps with offline-first architecture and platform-aware UX.

performancetestinguxsecurity

14

🛡️ Security Hardening Checklist

This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, cookie configuration, RLS policies, input sanitization, rate limiting, and other security measures. It generates a comprehensive security audit report with actionable reco

hopeoverturesecurity

13

🛡️ Pulumi Esc

This skill helps you manage environments, secrets, and configuration with Pulumi ESC, enabling secure, auditable, and scalable infrastructure setups.

devopscloudsecurityautomation

12