Agent skills

Skills you can use with AI coding agents, indexed from public GitHub repositories.

Latest Most Popular

break-filter-js-from-html Guidance for bypassing HTML/JavaScript sanitization filters in security testing contexts. This skill should be used when tasked with finding XSS filter bypasses, testing HTML sanitizers, or exploiting parser differentials between server-side filters and browsers. Applies to CTF challenges, authorized penetration testing, and security research involving HTML injection and JavaScript execution through sanitization bypasses.
majiayu000/claude-skill-registry 163
security-orchestrator Use this skill when you need to perform comprehensive security vulnerability assessments on a codebase. This skill launches the security-orchestrator agent to conduct systematic security reviews by breaking down the codebase into architectural units and performing deep security analysis.
majiayu000/claude-skill-registry 163
auditing-wallet-security Execute review crypto wallet security including private key management and transaction signing. Use when auditing wallet security practices. Trigger with phrases like "audit wallet", "check security", or "verify signatures".
majiayu000/claude-skill-registry 163
security/terminal Terminal Security security skill
majiayu000/claude-skill-registry 163
gate-validation Validate that quality, security, and release gates are correctly defined, implemented, and enforced with evidence.
majiayu000/claude-skill-registry 163
helm-charts-audit Audits Helm charts for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check Helm chart quality. Generates a comprehensive report under reports/YYYY-MM-DD/helm-charts-audit.md. (project)
majiayu000/claude-skill-registry 163
API JWT Authenticator A conceptual skill for securing FastAPI REST APIs with JWT authentication
majiayu000/claude-skill-registry 163
performing-security-code-review Execute this skill enables AI assistant to conduct a security-focused code review using the security-agent plugin. it analyzes code for potential vulnerabilities like sql injection, xss, authentication flaws, and insecure dependencies. AI assistant uses this skill wh... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
majiayu000/claude-skill-registry 163
auth-frontend-backend Expert skill for connecting frontend and backend with Better Auth, implementing user-isolated secure authentication using JWT tokens on every API call with rate limiting in Next.js 16 frontend and FastAPI backend.
majiayu000/claude-skill-registry 163
jwt-authentication Implement secure JWT (JSON Web Token) authentication in Node.js applications with access/refresh tokens and role-based access control
majiayu000/claude-skill-registry 163
dialogue-refiner Analyzes and refines dialogue for authentic character voices, natural flow, subtext, and emotional impact. Use this to elevate conversations from functional to compelling.
majiayu000/claude-skill-registry 163
astro-security Security patterns for Astro lead generation websites on Cloudflare. Forms, headers, bot protection, GDPR. Use for any production lead gen site.
majiayu000/claude-skill-registry 163
darkit-gin 基于 gin-gonic/gin 的企业级 Web 框架增强版，提供开箱即用的 JWT 认证、SSE 实时通信、缓存管理、OpenAPI 文档生成等企业级功能。涵盖选项式路由配置、统一响应格式、中间件管理、安全加固、性能优化等完整开发能力。
majiayu000/claude-skill-registry 163
webapp-nikto Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions. Use when: (1) Conducting authorized web server security assessments, (2) Identifying common web vulnerabilities and misconfigurations, (3) Detecting outdated server software and known vulnerabilities, (4) Performing compliance scans for web server hardening, (5) Enumerating web server information and enabled features, (6) Validating security controls and patch levels.
majiayu000/claude-skill-registry 163
argocd-audit Audits ArgoCD Application manifests and raw K8s resources for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check ArgoCD/GitOps quality. Generates a comprehensive report under reports/YYYY-MM-DD/argocd-audit.md. (project)
majiayu000/claude-skill-registry 163
oauth2-authentication Comprehensive OAuth2 authentication skill covering authorization flows, token management, PKCE, OpenID Connect, and security best practices for modern authentication systems
majiayu000/claude-skill-registry 163
web-performance-audit Conduct comprehensive web performance audits. Measure page speed, identify bottlenecks, and recommend optimizations to improve user experience and SEO.
majiayu000/claude-skill-registry 163
security-reactnative Security - React Native Best Practices. Use when reviewing security, implementing auth, or hardening code.
majiayu000/claude-skill-registry 163
api-key-manager Api Key Manager - Auto-activating skill for Security Fundamentals. Triggers on: api key manager, api key manager Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
secure-nextjs-api-routes A comprehensive security middleware system for Next.js 13+ App Router API routes that provides authentication, rate limiting, CSRF protection, audit logging, and security headers in a composable, production-ready pattern. Use when building secure Next.js APIs that need protection against common web vulnerabilities.
majiayu000/claude-skill-registry 163
jwt-token-validator Jwt Token Validator - Auto-activating skill for Security Fundamentals. Triggers on: jwt token validator, jwt token validator Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
secops-engineer Senior Security Engineer with 12+ years application security experience. Use when implementing authentication/authorization, configuring JWT/OAuth2, conducting security reviews, implementing rate limiting, ensuring GDPR compliance, or performing security scanning.
majiayu000/claude-skill-registry 163
reverse-engineering-firmware-analysis Extended firmware analysis for embedded/IoT images with deep extraction, emulation, and vulnerability assessment.
majiayu000/claude-skill-registry 163
atlas-agent-security Security audits, vulnerability analysis, and security best practices enforcement
majiayu000/claude-skill-registry 163