Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
auditing-access-control
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
majiayu000/claude-skill-registry 163
-
json-validation
Centralized JSON validation for AGENT_SUCCESS_CRITERIA with defensive parsing and injection attack prevention (CVSS 8.2)
majiayu000/claude-skill-registry 163
-
plugin-auditor
Audit automatically audits AI assistant code plugins for security vulnerabilities, best practices, AI assistant.md compliance, and quality standards when user mentions audit plugin, security review, or best practices check. specific to AI assistant-code-plugins repositor... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
majiayu000/claude-skill-registry 163
-
openwebf-security-remote-content
Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.
majiayu000/claude-skill-registry 163
-
path-traversal-finder
Path Traversal Finder - Auto-activating skill for Security Fundamentals.
Triggers on: path traversal finder, path traversal finder
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
pr-to-ticket
File Linear tickets from PR review feedback and notify the PR author. Use when asked to file a ticket from PR comments, create a ticket from PR feedback, ticket PR concerns, or create a Linear ticket from a PR review. Triggers on phrases like "file ticket from PR", "ticket the PR concerns", "linear ticket for PR", "create ticket from PR feedback", or "ticket this review".
majiayu000/claude-skill-registry 163
-
voice-dna-creator
Analyze writing samples to create a comprehensive voice DNA profile. Use when the user wants to capture their unique writing voice, needs to create a voice profile for AI content, or is setting up a new writing system.
majiayu000/claude-skill-registry 163
-
repo-structure-reviewer
Audit a repository's structure and propose a safe, approval-gated reorganization plan. Use when asked to review repo anatomy, propose folder changes, or apply an approved reorg with rollback.
majiayu000/claude-skill-registry 163
-
pal-codereview
Systematic code review covering quality, security, performance, and architecture using PAL MCP. Use for pull request reviews, code audits, or pre-commit validation. Triggers on review requests, PR reviews, or code quality checks.
majiayu000/claude-skill-registry 163
-
web-application-pentesting
Lead web application penetration testing coordinator that orchestrates comprehensive security assessments by spawning specialized vulnerability testing subagents. Delegates all vulnerability testing to specialized subagents in .claude/agents directory.
majiayu000/claude-skill-registry 163
-
moai-security
Auth0 security specialist covering attack protection, multi-factor authentication, token security, sender constraining, and compliance. Use when implementing Auth0 security features, configuring attack defenses, setting up MFA, or meeting regulatory requirements.
majiayu000/claude-skill-registry 163
-
single-source-validator
ENFORCEMENT tool that detects when Skills automation is duplicated in agent definitions, lessons learned, or process docs. Prevents "single source of truth nightmare" by finding bash commands, step-by-step procedures, or process descriptions that replicate Skills. BLOCKING AUTHORITY - workflow cannot complete with violations.
majiayu000/claude-skill-registry 163
-
analyzing-session-management
Detects session management vulnerabilities including session fixation, session hijacking, and insecure cookie handling. Use when analyzing authentication sessions, cookie security, or investigating session-related vulnerabilities.
majiayu000/claude-skill-registry 163
-
security-flutter
Flutter Security. Use when reviewing security, implementing auth, or hardening code.
majiayu000/claude-skill-registry 163
-
iam-policy-reviewer
Iam Policy Reviewer - Auto-activating skill for Security Advanced.
Triggers on: iam policy reviewer, iam policy reviewer
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
authentication-authorization-security
認証・認可の設計とセキュリティ検証(OAuth 2.0、JWT、セッション管理、アクセス制御)の実務指針を提供するスキル。
脅威モデリング、トークン管理、権限モデルの選択を整理し、安全な認証基盤の設計判断を支援します。
Anchors:
• Web Application Security / 適用: 脅威モデリング / 目的: 認証・認可の脅威整理
• OAuth 2.0 Simplified / 適用: フロー選定 / 目的: OAuth実装の安全性確保
• OWASP ASVS / 適用: セキュリティ検証 / 目的: 要件基準の確認
Trigger:
Use when designing or reviewing authentication/authorization flows, selecting OAuth/JWT/session strategies, or validating access control and token security.
majiayu000/claude-skill-registry 163
-
risk-assessor
Perform comprehensive risk assessments on OSCAL systems including threat modeling, vulnerability analysis, risk scoring, and POA&M generation. Use this skill to evaluate security posture and prioritize remediation efforts.
majiayu000/claude-skill-registry 163
-
integration-generator
Generate new OAuth integration providers for Dafthunk with backend providers, type definitions, frontend configurations, and integration nodes
majiayu000/claude-skill-registry 163
-
google-docs-sheets
Export Google Docs and Google Sheets (spreadsheets) to Markdown files or stdout. Use when asked to fetch, download, or ingest Google Docs/Sheets content for summarization, analysis, or context loading. Tries gcloud ADC first with browser OAuth fallback.
majiayu000/claude-skill-registry 163
-
justfile-security-patterns
Level 2 patterns - vulns, lic, sbom, doctor (security, compliance, environment health)
majiayu000/claude-skill-registry 163
-
security-guardian
Expert en sécurité applicative pour détecter les vulnérabilités, auditer le code, et guider les bonnes pratiques de sécurité. OWASP Top 10, authentification, autorisation, cryptographie, gestion de secrets. Utiliser pour audits sécurité, reviews de code sensible, conception de features sécurisées, ou résolution de failles.
majiayu000/claude-skill-registry 163
-
cloudflare-security-hardening
Use this skill whenever the user wants to harden security for Cloudflare Workers/Pages APIs (e.g. Hono + TypeScript), including WAF-style protections, rate limiting, IP restrictions, secrets handling, and secure headers.
majiayu000/claude-skill-registry 163
-
atlas-agent-security
Security audits, vulnerability analysis, and security best practices enforcement
majiayu000/claude-skill-registry 163
-
checking-session-security
Analyze session management implementations to identify security vulnerabilities in web applications.
Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security.
Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".
majiayu000/claude-skill-registry 163