Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
attack-methods-lookup
Looks up OWASP Top 10 attack methods, CWE references, and form-specific vulnerability patterns with a bounty hunter mindset. Returns attack vectors, payloads, and payout estimates. Use when user asks about "XSS", "SQL injection", "CSRF", "OWASP", "CWE", "IDOR", "injection", "bypass", "vulnerability", "exploit", "SQLインジェクション", "クロスサイトスクリプティング", "脆弱性".
majiayu000/claude-skill-registry 163
-
auditing-project
Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
majiayu000/claude-skill-registry 163
-
oauth-client-setup
Oauth Client Setup - Auto-activating skill for API Integration.
Triggers on: oauth client setup, oauth client setup
Part of the API Integration skill category.
majiayu000/claude-skill-registry 163
-
auth-configs
Configure Supabase authentication providers (OAuth, JWT, email). Use when setting up authentication, configuring OAuth providers (Google/GitHub/Discord), implementing auth flows, configuring JWT settings, or when user mentions Supabase auth, social login, authentication setup, or auth configuration.
majiayu000/claude-skill-registry 163
-
security/threat-model
Threat Modeling security skill
majiayu000/claude-skill-registry 163
-
telnetshell
Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.
majiayu000/claude-skill-registry 163
-
generate-report-header
Create standardized report headers with metadata for all agent-generated reports. Use when generating bug reports, security audits, dependency reports, or any worker output requiring consistent formatting.
majiayu000/claude-skill-registry 163
-
http-header-security-audit
Http Header Security Audit - Auto-activating skill for Security Fundamentals.
Triggers on: http header security audit, http header security audit
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
secrets-management-gha
GitHub Actionsワークフローでの安全な秘密情報管理を実現する。
リポジトリ/環境/組織/Dependabotの4種類のシークレット使い分け、OIDCによるクラウド認証、ローテーション、監査を包括的に提供する。
Anchors:
• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング・セキュア設計 / 目的: シークレット管理戦略の基盤
• GitHub Actions Secrets API / 適用: シークレット設定・アクセス制御 / 目的: 各タイプの正確な使い分け
• OpenID Connect (OIDC) Specification / 適用: クラウドプロバイダー認証 / 目的: 長期認証情報の排除
Trigger:
Use when configuring GitHub Actions secrets, implementing cloud OIDC authentication, rotating secrets, or auditing secret access patterns.
GitHub secrets, OIDC, secret rotation, environment secrets, organization secrets, cloud authentication
majiayu000/claude-skill-registry 163
-
siem-rule-generator
Siem Rule Generator - Auto-activating skill for Security Advanced.
Triggers on: siem rule generator, siem rule generator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
prioritizing-improvements
Use when stakeholders pressure you to change technical priorities and you're tempted to compromise on security-first or call it synthesis - enforces risk-based prioritization over stakeholder preferences
majiayu000/claude-skill-registry 163
-
langchain-agents
Expert guidance for building LangChain agents with proper tool binding, memory, and configuration. Use when creating agents, configuring models, or setting up tool integrations in LangConfig.
majiayu000/claude-skill-registry 163
-
dependency-guardian
Automated dependency management with security scanning, update orchestration, and compatibility validation
majiayu000/claude-skill-registry 163
-
Provider Management
Skill for managing model provider priorities with authentication (OAuth/Subscription/API), usage limits, and automatic fallback across all major AI providers
majiayu000/claude-skill-registry 163
-
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
-
security/input-validation
Input Validation security skill
majiayu000/claude-skill-registry 163
-
nostr-wallet-connect
Use when implementing Nostr Wallet Connect (NIP-47) wallet service - provides complete patterns for generating NWC connection strings, publishing info events, listening for requests, processing wallet commands, and sending encrypted responses. Client-side patterns included for reference.
majiayu000/claude-skill-registry 163
-
compliance-auditor
Automated compliance auditing for SOC2, HIPAA, GDPR, and PCI-DSS. Activates for compliance checks, security audits, regulatory requirements, and compliance automation.
majiayu000/claude-skill-registry 163
-
sqlmodel-task-models
This skill should be used when defining a robust, type-safe, and async-compatible database schema for the Todo application using SQLModel, ensuring compatibility with Better Auth and optimized for PostgreSQL.
majiayu000/claude-skill-registry 163
-
fastapi-auth-patterns
Implement and validate FastAPI authentication strategies including JWT tokens, OAuth2 password flows, OAuth2 scopes for permissions, and Supabase integration. Use when implementing authentication, securing endpoints, handling user login/signup, managing permissions, integrating OAuth providers, or when user mentions JWT, OAuth2, Supabase auth, protected routes, access control, role-based permissions, or authentication errors.
majiayu000/claude-skill-registry 163
-
auditing-access-control
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
majiayu000/claude-skill-registry 163
-
chapter-authoring-agent
Writes educational textbook chapters following pedagogical best practices.
majiayu000/claude-skill-registry 163
-
senior-secops
Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices. Includes security scanning, vulnerability assessment, compliance checking, and security automation. Use when implementing security controls, conducting security audits, responding to vulnerabilities, or ensuring compliance requirements.
majiayu000/claude-skill-registry 163
-
shared-setup-patterns
Shared configuration patterns for project setup commands. Provides security hooks, Claude framework structure templates, and framework detection patterns used across multiple setup commands.
majiayu000/claude-skill-registry 163