Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
asking-codex
Code review, security audits, bug detection, alternative implementations, second opinions via OpenAI Codex. Use when user asks for code review, security analysis, implementation advice, bug detection, code patterns, or wants a second opinion on code. Supports uncommitted changes review. Do not use for architecture design or web searches.
majiayu000/claude-skill-registry 163
-
Security Engineer
Implement security best practices across the application stack. Use when securing APIs, implementing authentication, preventing vulnerabilities, or conducting security reviews. Covers OWASP Top 10, auth patterns, input validation, encryption, and security monitoring.
majiayu000/claude-skill-registry 163
-
tasks
Manage Google Tasks with full CRUD operations via Ruby scripts. This skill should be used when working with Google Tasks - creating, reading, updating, deleting, and organizing tasks and task lists. Supports task completion, subtask creation, task ordering, and integration with other Google skills through shared OAuth authentication.
majiayu000/claude-skill-registry 163
-
auth-bypass
认证绕过漏洞检测与利用。当目标存在登录功能、权限控制、JWT/Session 认证时使用。包括 IDOR、越权访问等。
majiayu000/claude-skill-registry 163
-
security-audit-agent
Performs comprehensive security audits of codebases, identifying vulnerabilities and security best practices
majiayu000/claude-skill-registry 163
-
threat-mitigation-mapping
Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.
majiayu000/claude-skill-registry 163
-
sip-authentication-security
Use when implementing SIP authentication, security mechanisms, and encryption. Use when securing SIP servers, clients, or proxies.
majiayu000/claude-skill-registry 163
-
agent-dependency-manager
Expert dependency manager specializing in package management, security auditing, and version conflict resolution across multiple ecosystems. Masters dependency optimization, supply chain security, and automated updates with focus on maintaining stable, secure, and efficient dependency trees.
majiayu000/claude-skill-registry 163
-
smart-contract-generator
Generates Solidity smart contracts with security best practices (ERC-20, ERC-721, ERC-1155, custom). Use when user asks to "create smart contract", "solidity contract", "erc20 token", "nft contract", or "web3 contract".
majiayu000/claude-skill-registry 163
-
moai-domain-security
OWASP Top 10, SAST/DAST, dependency security, and secrets management.
majiayu000/claude-skill-registry 163
-
security-benchmark-runner
Security Benchmark Runner - Auto-activating skill for Security Advanced.
Triggers on: security benchmark runner, security benchmark runner
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
tasks
Manage Google Tasks with full CRUD operations via Ruby scripts. This skill should be used when working with Google Tasks - creating, reading, updating, deleting, and organizing tasks and task lists. Supports task completion, subtask creation, task ordering, and integration with other Google skills through shared OAuth authentication.
majiayu000/claude-skill-registry 163
-
x-cmd-security
This skill provides comprehensive security assessment and vulnerability management tools through x-cmd CLI, including network reconnaissance with Shodan, vulnerability scanning with OSV, and known exploited vulnerability tracking with KEV. This skill should be used when users need to perform security assessments, vulnerability research, network reconnaissance, or security monitoring from command line interfaces.
majiayu000/claude-skill-registry 163
-
content-security-policy-generator
Content Security Policy Generator - Auto-activating skill for Security Fundamentals.
Triggers on: content security policy generator, content security policy generator
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
shopify-api
Complete API integration guide for Shopify including GraphQL Admin API, REST Admin API, Storefront API, Ajax API, OAuth authentication, rate limiting, and webhooks. Use when making API calls to Shopify, authenticating apps, fetching product/order/customer data programmatically, implementing cart operations, handling webhooks, or working with API version 2025-10. Requires fetch or axios for JavaScript implementations.
majiayu000/claude-skill-registry 163
-
performing-security-audits
Analyze code, infrastructure, and configurations by conducting comprehensive security audits. It leverages tools within the security-pro-pack plugin, including vulnerability scanning, compliance checking, and cryptography review. Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
majiayu000/claude-skill-registry 163
-
integration-generator
Generate new OAuth integration providers for Dafthunk with backend providers, type definitions, frontend configurations, and integration nodes
majiayu000/claude-skill-registry 163
-
security-nextjs
Next.js security audit patterns. Load when reviewing Next.js apps (next.config.js present). Covers NEXT_PUBLIC_* exposure, Server Actions, middleware auth, API routes, and App Router security.
majiayu000/claude-skill-registry 163
-
vigil-security-patterns
Security best practices and patterns for Vigil Guard v2.0.0 development. Use when implementing authentication, handling secrets, validating input, preventing injection attacks, managing CORS, ensuring secure coding practices, 3-branch detection security, or implementing security audit fixes.
majiayu000/claude-skill-registry 163
-
security-prompts-controls
Simple security prompt templates for quick implementations using existing Secure Vibe Coding OS utilities. Use for straightforward features like contact forms, authenticated updates, and public APIs. Triggers include "contact form", "simple form", "authenticated update", "user update", "public API", "read-only API", "quick secure implementation".
majiayu000/claude-skill-registry 163
-
oauth2-flow-helper
Oauth2 Flow Helper - Auto-activating skill for Security Fundamentals.
Triggers on: oauth2 flow helper, oauth2 flow helper
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
Security Auditing
Audit security with vulnerability scanning, input validation checks, and auth/authz review against OWASP Top 10. Use when implementing authentication, reviewing security-sensitive code, or conducting security audits.
majiayu000/claude-skill-registry 163
-
picocom
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
-
webapp-nikto
Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions. Use when: (1) Conducting authorized web server security assessments, (2) Identifying common web vulnerabilities and misconfigurations, (3) Detecting outdated server software and known vulnerabilities, (4) Performing compliance scans for web server hardening, (5) Enumerating web server information and enabled features, (6) Validating security controls and patch levels.
majiayu000/claude-skill-registry 163