Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
marketplace-audit
Display plugin versions from marketplace.json. Use when user asks to "audit versions", "show plugin versions", "list marketplace versions", or wants to see the current state of plugin versioning.
majiayu000/claude-skill-registry 163
-
Top 100 Web Vulnerabilities Reference
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability definitions, root causes, impacts, and mitigation strategies across all major web security categories.
majiayu000/claude-skill-registry 163
-
security-reviewer
Use when reviewing code for security vulnerabilities, conducting threat modeling, ensuring SLSA compliance, or performing security assessments. Invoked for security analysis, vulnerability detection, and compliance verification.
majiayu000/claude-skill-registry 163
-
reverse-proxy
Manage incoming internet traffic and reverse proxy configuration on the home network gateway. Configure Caddy, OAuth2 authentication, fail2ban security, and traffic routing.
majiayu000/claude-skill-registry 163
-
access-management
RBAC/ABAC implementation patterns, least privilege access, row-level security, column masking, and access review workflows.
majiayu000/claude-skill-registry 163
-
nick-theriot
Talk to Nick Theriot Youtuber about their expertise. Nick Theriot Youtuber provides authentic advice using their mental models, core beliefs, and real-world examples.
majiayu000/claude-skill-registry 163
-
laravel-routing
Route configuration, route model binding, and authorization. Use when working with routes, route binding, URL patterns, or when user mentions routing, route model binding, conditional binding, route-level authorization.
majiayu000/claude-skill-registry 163
-
spider
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
majiayu000/claude-skill-registry 163
-
spider
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
majiayu000/claude-skill-registry 163
-
validating-csrf-protection
Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.
majiayu000/claude-skill-registry 163
-
owasp-top-10
OWASP Top 10 security vulnerabilities with detection and remediation patterns. Use when conducting security audits, implementing secure coding practices, or reviewing code for common security vulnerabilities.
majiayu000/claude-skill-registry 163
-
asking-codex
Code review, security audits, bug detection, alternative implementations, second opinions via OpenAI Codex. Use when user asks for code review, security analysis, implementation advice, bug detection, code patterns, or wants a second opinion on code. Supports uncommitted changes review. Do not use for architecture design or web searches.
majiayu000/claude-skill-registry 163
-
authorization-security
Authorization security standards covering RBAC, ABAC, policy enforcement, OAuth2 scopes, resource-based access control, and NIST 800-53 compliance (AC-3, AC-4, AC-6) for production systems
majiayu000/claude-skill-registry 163
-
langchain-core-workflow-a
Build LangChain chains and prompts for structured LLM workflows.
Use when creating prompt templates, building LCEL chains,
or implementing sequential processing pipelines.
Trigger with phrases like "langchain chains", "langchain prompts",
"LCEL workflow", "langchain pipeline", "prompt template".
majiayu000/claude-skill-registry 163
-
security-bluebook-builder
Create or refine a concise, normative security policy ("Blue Book") for sensitive applications. Use when users need a threat model, data classification rules, auth/session policy, logging and audit requirements, retention/deletion expectations, incident response, or security gates for apps handling PII/PHI/financial data.
majiayu000/claude-skill-registry 163
-
handling-authentication
Handling authentication and authorization in StickerNest. Use when the user asks about login, signup, auth, session, protected routes, user context, JWT, tokens, logout, or permission checks. Covers Supabase Auth, AuthContext, protected routes, and widget auth.
majiayu000/claude-skill-registry 163
-
github-security-review
Analyze GitHub repository security alerts and generate remediation plans. Use when the user asks to review security alerts, fix vulnerabilities, check dependabot alerts, review code scanning issues, or address secret scanning findings for a GitHub repository. Triggers on requests mentioning GitHub security, repo security review, vulnerability remediation, or security audit.
majiayu000/claude-skill-registry 163
-
ark-vulnerability-fixer
CVE research and security patch workflow for Ark. Provides CVE API integration, mitigation strategies, and security-focused PR templates. Works with research, analysis, and setup skills for comprehensive vulnerability fixing.
majiayu000/claude-skill-registry 163
-
secrets-scanner
Scan codebase for secrets, API keys, credentials, and PII. Detect hardcoded sensitive data. Use when auditing for secrets, checking for exposed keys, reviewing security, or scanning for PII.
majiayu000/claude-skill-registry 163
-
dependency-vulnerability-checker
Dependency Vulnerability Checker - Auto-activating skill for Security Fundamentals.
Triggers on: dependency vulnerability checker, dependency vulnerability checker
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
react-native-best-practices
Provides React Native performance optimization guidelines for FPS, TTI, bundle size, memory leaks, re-renders, and animations. Applies to tasks involving Hermes optimization, JS thread blocking, bridge overhead, FlashList, native modules, or debugging jank and frame drops.
majiayu000/claude-skill-registry 163
-
spider
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
majiayu000/claude-skill-registry 163
-
vulnerability-report-generator
Vulnerability Report Generator - Auto-activating skill for Security Advanced.
Triggers on: vulnerability report generator, vulnerability report generator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
argocd-audit
Audits ArgoCD Application manifests and raw K8s resources for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check ArgoCD/GitOps quality. Generates a comprehensive report under reports/YYYY-MM-DD/argocd-audit.md. (project)
majiayu000/claude-skill-registry 163