Agent skills

Skills you can use with AI coding agents, indexed from public GitHub repositories.

Latest Most Popular

cookie-security-analyzer Cookie Security Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: cookie security analyzer, cookie security analyzer Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
picocom Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
security-nextjs Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers
majiayu000/claude-skill-registry 163
agent-compliance-auditor Expert compliance auditor specializing in regulatory frameworks, data privacy laws, and security standards. Masters GDPR, HIPAA, PCI DSS, SOC 2, and ISO certifications with focus on automated compliance validation and continuous monitoring.
majiayu000/claude-skill-registry 163
auditing-project Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
majiayu000/claude-skill-registry 163
audit-log-generator Эксперт по аудит-логам. Используй для создания систем логирования, compliance требований, структуры логов и мониторинга.
majiayu000/claude-skill-registry 163
wp-orchestrator Master WordPress project orchestrator - coordinates all WordPress skills for complete site setup, audit, and optimization. Use for new project setup, site audits, or comprehensive reviews. Runs interview phases and manages todo lists.
majiayu000/claude-skill-registry 163
reverse-engineering-firmware-analysis Extended firmware analysis for embedded/IoT images with deep extraction, emulation, and vulnerability assessment.
majiayu000/claude-skill-registry 163
sbom-management Software Bill of Materials management including generation, formats, vulnerability tracking, and supply chain security
majiayu000/claude-skill-registry 163
tacosdedatos-writer Use this skill when helping write content for tacosdedatos newsletter/blog. Provides complete voice analysis, structural patterns, engagement mechanics, and writing principles for the distinctive bilingual tech-writer voice. Use for brainstorming post ideas, structuring drafts, writing posts, editing for voice authenticity, creating headlines, quality checking drafts, and generating quick outlines. Essential for maintaining the unique tacosdedatos voice that blends Spanish/English, technical depth with accessibility, vulnerability with expertise, and Mexican cultural identity with Bay Area tech culture.
majiayu000/claude-skill-registry 163
white-label Complete WordPress white-labeling using FREE plugins only - ASE, Branda, White Label CMS, Admin Menu Editor. Covers login page branding, admin cleanup, security hardening, and client handoff preparation.
majiayu000/claude-skill-registry 163
grey-haven-security-practices Grey Haven's security best practices - input validation, output sanitization, multi-tenant RLS, secret management with Doppler, rate limiting, OWASP Top 10 for TanStack/FastAPI stack. Use when implementing security-critical features.
majiayu000/claude-skill-registry 163
json-validation Centralized JSON validation for AGENT_SUCCESS_CRITERIA with defensive parsing and injection attack prevention (CVSS 8.2)
majiayu000/claude-skill-registry 163
oauth2-flows OAuth 2.0認可フローの実装パターンとセキュリティベストプラクティス。 Authorization Code Flow、PKCE、Refresh Token Flowの正確な実装を提供。 Web/SPA/モバイルアプリでの安全な認可フロー実装を支援。 Anchors: • OAuth 2.0 Simplified (Aaron Parecki) / 適用: 認可フロー全般 / 目的: RFC準拠の正確な実装 • Web Application Security (Andrew Hoffman) / 適用: セキュリティ設計 / 目的: 脅威モデリングと対策 • RFC 6749 (OAuth 2.0 Framework) / 適用: プロトコル仕様 / 目的: 標準準拠の担保 Trigger: Use when implementing OAuth 2.0 authentication, configuring authorization flows, integrating with OAuth providers, implementing PKCE for SPAs, or managing token lifecycle. oauth2, authorization code, pkce, access token, refresh token, oauth provider, google auth, github oauth
majiayu000/claude-skill-registry 163
cursor-install-auth Install Cursor IDE and configure authentication. Triggers on "install cursor", "setup cursor", "cursor authentication", "cursor login", "cursor license". Use when working with cursor install auth functionality. Trigger with phrases like "cursor install auth", "cursor auth", "cursor".
majiayu000/claude-skill-registry 163
internal-red-team-audit
majiayu000/claude-skill-registry 163
threat-model-creator Threat Model Creator - Auto-activating skill for Security Advanced. Triggers on: threat model creator, threat model creator Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
cursor-compliance-audit Execute compliance and security auditing for Cursor usage. Triggers on "cursor compliance", "cursor audit", "cursor security review", "cursor soc2", "cursor gdpr". Use when analyzing or auditing cursor compliance audit. Trigger with phrases like "cursor compliance audit", "cursor audit", "cursor".
majiayu000/claude-skill-registry 163
grey-haven-authentication-patterns Grey Haven's authentication patterns using better-auth - magic links, passkeys, OAuth providers, session management with Redis, JWT claims with tenant_id, and Doppler for auth secrets. Use when implementing authentication features.
majiayu000/claude-skill-registry 163
telnetshell Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.
majiayu000/claude-skill-registry 163
security-assessment Vulnerability review, OWASP patterns, secure coding practices, and threat modeling approaches. Use when reviewing code security, designing secure systems, performing threat analysis, or validating security implementations.
majiayu000/claude-skill-registry 163
research-finding Expert Security Analyst for deep research and exploitability analysis of security findings. Use when you have a specific finding from semgrep, trufflehog, or manual code review that needs thorough investigation to determine if it represents an exploitable vulnerability with real-world impact.
majiayu000/claude-skill-registry 163
gdpr-compliance-scanner Gdpr Compliance Scanner - Auto-activating skill for Security Advanced. Triggers on: gdpr compliance scanner, gdpr compliance scanner Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
dokploy-security-hardening Security best practices for Dokploy templates: secrets management, network isolation, least privilege, image security, and hardening recommendations.
majiayu000/claude-skill-registry 163