Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
Top 100 Web Vulnerabilities Reference
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability definitions, root causes, impacts, and mitigation strategies across all major web security categories.
majiayu000/claude-skill-registry 163
-
owasp-top-10
OWASP Top 10 security vulnerabilities with detection and remediation patterns. Use when conducting security audits, implementing secure coding practices, or reviewing code for common security vulnerabilities.
majiayu000/claude-skill-registry 163
-
vulnerability-validation
Validate security findings from commit-security-scan by assessing exploitability, filtering false positives, and generating proof-of-concept exploits. Use after running commit-security-scan to confirm vulnerabilities.
majiayu000/claude-skill-registry 163
-
log-analysis-skill
Helps an agent analyze application logs and identify security issues.
majiayu000/claude-skill-registry 163
-
taxpulse-repo-audit
Audit a repository for TaxPulse PH architecture, tax engine correctness, and Odoo CE/OCA parity. Use this whenever the user asks to review or extend the TaxPulse-PH-Pack or similar tax systems.
majiayu000/claude-skill-registry 163
-
checkpoints-rwb3n-haios
majiayu000/claude-skill-registry 163
-
ios-security
iOSアプリのセキュリティレビュー。OWASP Mobile Top 10、App Transport Security、Keychain使用をチェック。Use when: セキュリティ、脆弱性、認証、Keychain、ATS を依頼された時。
majiayu000/claude-skill-registry 163
-
vulnerability-assessor
Assess identified vulnerabilities for exploitability, impact, and risk. Provide CVSS scoring and remediation strategies. Use when analyzing security findings.
majiayu000/claude-skill-registry 163
-
security-privacy
Security and privacy engineering
majiayu000/claude-skill-registry 163
-
validating-authentication-implementations
Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.
majiayu000/claude-skill-registry 163
-
eufy
Manage Eufy Security (HomeBase S380 + SoloCam S340/E340) from the `eufy` CLI—capture snapshots, forward alarms to the Tuya hub, and change guard/alarm modes through eufy-security-ws.
majiayu000/claude-skill-registry 163
-
cva-setup-vertex
Complete Vertex AI and Google Cloud Platform setup for Clojure agent development. Includes GCP project saas3-476116 credentials, security best practices (IAM, key rotation, LGPD), cost analysis, API enablement, and environment configuration. Use when starting new Clojure+Vertex project, configuring GCP credentials, implementing security compliance, or troubleshooting authentication.
majiayu000/claude-skill-registry 163
-
internal-red-team-audit
Execute internal red team security audits to identify protocol vulnerabilities and alignment risks.
majiayu000/claude-skill-registry 163
-
claude-code-knowledge
Access official Claude Code documentation including comprehensive guides on hooks, MCP servers, agent skills, slash commands, settings, CLI reference, security, memory, plugins, and troubleshooting. Use when the user asks about Claude Code features, configuration, capabilities, or best practices. ALWAYS use this skill instead of guessing about Claude Code functionality - it contains the authoritative documentation from docs.anthropic.com with automatic updates. Also includes comprehensive skill creation guide with helper scripts when users want to create new skills.
majiayu000/claude-skill-registry 163
-
remediation-auth
Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.
majiayu000/claude-skill-registry 163
-
vulnerability-discovery
Systematic vulnerability finding, threat modeling, and attack surface analysis for AI/LLM security assessments
majiayu000/claude-skill-registry 163
-
threat-modeling
majiayu000/claude-skill-registry 163
-
dependency-vulnerability-checker
Dependency Vulnerability Checker - Auto-activating skill for Security Fundamentals.
Triggers on: dependency vulnerability checker, dependency vulnerability checker
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
atlas-agent-security
Security audits, vulnerability analysis, and security best practices enforcement
majiayu000/claude-skill-registry 163
-
tool-usage
Security tool command reference
majiayu000/claude-skill-registry 163
-
neo-llm-security
AI security co-pilot for identifying, testing, and fixing vulnerabilities in LLM-powered applications.
Use when: (1) Securing LLM applications or agents, (2) Generating security test suites with promptfoo,
(3) Testing for prompt injection, jailbreaking, data exfiltration, (4) Hardening system prompts,
(5) Compliance mapping for OWASP LLM Top 10, NIST AI RMF, CJIS, SOC2, (6) Threat modeling AI systems,
(7) Analyzing security eval results, (8) Research on LLM attack/defense techniques.
Triggers: "secure my LLM", "prompt injection", "jailbreak test", "AI security", "red team",
"system prompt hardening", "LLM vulnerability", "promptfoo", "OWASP LLM", "AI compliance".
majiayu000/claude-skill-registry 163
-
oauth-callback-handler
Oauth Callback Handler - Auto-activating skill for API Integration.
Triggers on: oauth callback handler, oauth callback handler
Part of the API Integration skill category.
majiayu000/claude-skill-registry 163
-
iso27001-gap-analyzer
Iso27001 Gap Analyzer - Auto-activating skill for Security Advanced.
Triggers on: iso27001 gap analyzer, iso27001 gap analyzer
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
remediation-auth
Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.
majiayu000/claude-skill-registry 163