ReddRadar
Agent skill
security
Security validation, vulnerability scanning, and compliance checking.
Install this agent skill to your Project
npx add-skill https://github.com/aiskillstore/marketplace/tree/main/skills/byronwilliamscpa/security
SKILL.md
Security Skill
Security validation, vulnerability scanning, and compliance checking.
Activation
Auto-activates on keywords: security, vulnerability, audit, OWASP, encryption, GPG, SSH, signing, secrets, scan, bandit
Workflows
Environment Validation
- validate-env.md: GPG/SSH key validation
Scanning
- scan.md: Security vulnerability scanning
Encryption
- encrypt.md: Secret encryption and management
Commands
# Validate GPG key
gpg --list-secret-keys
# Validate SSH key
ssh-add -l
# Check git signing configuration
git config --get user.signingkey
# Run Bandit security scanner
uv run bandit -r src/ -c pyproject.toml
# Check dependencies for vulnerabilities
uv run pip-audit
uv run safety check
# Run Semgrep security rules
uv run semgrep scan --config auto src/
Security Checklist
Pre-Commit
- No secrets in code (checked by gitleaks)
- Dependencies scanned for vulnerabilities
- Bandit security scan passes
Pre-Release
- All known vulnerabilities addressed
- Security advisory published (if applicable)
- Dependencies updated to secure versions
OWASP Top 10 Considerations
- Injection: Use parameterized queries, validate input
- Broken Authentication: Use secure session management
- Sensitive Data Exposure: Encrypt sensitive data at rest and in transit
- XML External Entities: Disable external entity processing
- Broken Access Control: Implement proper authorization checks
- Security Misconfiguration: Use secure defaults
- XSS: Escape output, use Content Security Policy
- Insecure Deserialization: Validate and sanitize serialized data
- Using Components with Known Vulnerabilities: Keep dependencies updated
- Insufficient Logging: Log security events, monitor for anomalies
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
aiskillstore/marketplace
perigon-backend
Perigon ASP.NET Core + EF Core + Aspire conventions
aiskillstore/marketplace
perigon-agent
Pointers for Copilot/agents to apply Perigon conventions
aiskillstore/marketplace
perigon-angular
Angular 21+ standalone/Material/signal conventions for Perigon WebApp
aiskillstore/marketplace
fastapi-mastery
Comprehensive FastAPI development skill covering REST API creation, routing, request/response handling, validation, authentication, database integration, middleware, and deployment. Use when working with FastAPI projects, building APIs, implementing CRUD operations, setting up authentication/authorization, integrating databases (SQL/NoSQL), adding middleware, handling WebSockets, or deploying FastAPI applications. Triggered by requests involving .py files with FastAPI code, API endpoint creation, Pydantic models, or FastAPI-specific features.
aiskillstore/marketplace
context7-efficient
Token-efficient library documentation fetcher using Context7 MCP with 86.8% token savings through intelligent shell pipeline filtering. Fetches code examples, API references, and best practices for JavaScript, Python, Go, Rust, and other libraries. Use when users ask about library documentation, need code examples, want API usage patterns, are learning a new framework, need syntax reference, or troubleshooting with library-specific information. Triggers include questions like "Show me React hooks", "How do I use Prisma", "What's the Next.js routing syntax", or any request for library/framework documentation.
aiskillstore/marketplace
browser-use
Browser automation using Playwright MCP. Navigate websites, fill forms, click elements, take screenshots, and extract data. Use when tasks require web browsing, form submission, web scraping, UI testing, or any browser interaction.
Didn't find tool you were looking for?