Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
threat-model-creator
Threat Model Creator - Auto-activating skill for Security Advanced.
Triggers on: threat model creator, threat model creator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
obsidian-sop-authoring
Crear y mantener procedimientos como skills (SKILL.md) con objetivo, cuando usar, pasos y checklist.
majiayu000/claude-skill-registry 163
-
trivy
This skill should be used when scanning container images, filesystems, or repositories for vulnerabilities using Trivy. Use for CVE detection, security analysis, vulnerability comparison across image versions, understanding scan output (severity levels, status fields), and batch scanning multiple images.
majiayu000/claude-skill-registry 163
-
writing-agent-skills
Author and structure effective Agent Skills. Use when creating new skills, refining existing ones, or auditing skill structure and best practices.
majiayu000/claude-skill-registry 163
-
middleware-protection
Route protection and authorization patterns for Clerk middleware. Use when implementing route guards, protecting API routes, configuring middleware matchers, setting up role-based access control, creating auth boundaries, or when user mentions middleware, route protection, auth guards, protected routes, public routes, matcher patterns, or authorization middleware.
majiayu000/claude-skill-registry 163
-
api-connector-design
外部APIとの統合設計パターンに関する専門知識。RESTful API、GraphQL、WebSocket等の統合設計と実装指針を提供します。
Anchors:
• 『RESTful Web APIs』(Leonard Richardson)/ 適用: RESTful API設計、HTTPセマンティクス / 目的: リソース中心の設計パターン理解
• 『Building Microservices』(Sam Newman)/ 適用: APIコントラクト設計、マイクロサービス間通信 / 目的: サービス境界の明確化
Trigger:
Use when designing authentication flows (OAuth 2.0, API Key, JWT), implementing rate limiting and retry strategies, or reviewing API integration architecture.
majiayu000/claude-skill-registry 163
-
agent-security-auditor
Expert security auditor specializing in comprehensive security assessments, compliance validation, and risk management. Masters security frameworks, audit methodologies, and compliance standards with focus on identifying vulnerabilities and ensuring regulatory adherence.
majiayu000/claude-skill-registry 163
-
security-design
Design security controls and threat mitigations. Use for features involving auth, data, or external exposure.
majiayu000/claude-skill-registry 163
-
senior-security
Comprehensive security engineering skill for application security, penetration testing, security architecture, and compliance auditing. Includes security assessment tools, threat modeling, crypto implementation, and security automation. Use when designing security architecture, conducting penetration tests, implementing cryptography, or performing security audits.
majiayu000/claude-skill-registry 163
-
crack-hashcat
Advanced password recovery and hash cracking tool supporting multiple algorithms and attack modes. Use when: (1) Performing authorized password auditing and security assessments, (2) Recovering passwords from captured hashes in forensic investigations, (3) Testing password policy strength and complexity, (4) Validating encryption implementations, (5) Conducting security research on cryptographic hash functions, (6) Demonstrating password weakness in penetration testing reports.
majiayu000/claude-skill-registry 163
-
dependency-vulnerability-scanner
Scans dependencies for known vulnerabilities (npm audit, pip-audit, etc.), generates reports, and suggests fixes. Use when user asks to "check vulnerabilities", "security scan", "audit dependencies", "check CVEs", or "vulnerable packages".
majiayu000/claude-skill-registry 163
-
procurement-playbook
Use to manage legal, security, and procurement workflows for complex deals.
majiayu000/claude-skill-registry 163
-
code-audit
Perform comprehensive code audits on repositories or directories. Use when asked to audit code, review a codebase, analyze code quality, find bugs, check for security issues, review architecture, check SOLID/DRY compliance, or generate a code audit report. Produces well-formatted markdown reports with prioritized recommendations.
majiayu000/claude-skill-registry 163
-
security-audit-agent
Performs comprehensive security audits of codebases, identifying vulnerabilities and security best practices
majiayu000/claude-skill-registry 163
-
atomcad
Interact with atomCAD node networks programmatically. Query, edit, and replace CAD geometry nodes for atomic/molecular structure design. Use when working with atomCAD projects or when the user wants to manipulate node networks, create CSG shapes, or design atomic structures.
majiayu000/claude-skill-registry 163
-
security-reporter
Use when generating comprehensive security audit reports, analyzing security scan results, calculating security posture, or creating OWASP Top 10 compliance assessments. Invoked for security reporting, vulnerability aggregation, and remediation planning.
majiayu000/claude-skill-registry 163
-
risk-assessor
Perform comprehensive risk assessments on OSCAL systems including threat modeling, vulnerability analysis, risk scoring, and POA&M generation. Use this skill to evaluate security posture and prioritize remediation efforts.
majiayu000/claude-skill-registry 163
-
security-convex
Convex security audit patterns. Load when reviewing Convex apps (convex/ directory present). Covers query/mutation auth, row-level security, public vs authenticated functions, validators, and Convex-specific issues.
majiayu000/claude-skill-registry 163
-
mcp-installer
Find, install, and configure Model Context Protocol (MCP) servers for OpenCode. Use when user asks about finding MCP servers, installing them, configuring OAuth, or troubleshooting MCP issues.
majiayu000/claude-skill-registry 163
-
authorization-patterns
Authorization patterns including RBAC and ABAC. Use when implementing access control.
majiayu000/claude-skill-registry 163
-
generate-report-header
Create standardized report headers with metadata for all agent-generated reports. Use when generating bug reports, security audits, dependency reports, or any worker output requiring consistent formatting.
majiayu000/claude-skill-registry 163
-
jwt-auth-expert
Comprehensive JWT authentication expert for senior developers (10+ years experience). Intelligently detects project language/framework and implements production-ready JWT auth systems with refresh tokens, secure HTTP-only cookies, token rotation, blacklisting, RBAC, MFA, and complete security. Covers Express, FastAPI, Next.js, React, Django, Flask, NestJS, and more. Automatically audits JWT implementations, generates complete auth systems (registration, login, logout, refresh, password reset), implements middleware, prevents XSS/CSRF attacks, uses bcrypt/argon2 hashing, and follows OWASP best practices. Use for implementing JWT authentication, token refresh flows, secure cookie storage, protected routes, role-based access control, security audits, and complete auth system generation.
majiayu000/claude-skill-registry 163
-
Security Engineer
Implement security best practices across the application stack. Use when securing APIs, implementing authentication, preventing vulnerabilities, or conducting security reviews. Covers OWASP Top 10, auth patterns, input validation, encryption, and security monitoring.
majiayu000/claude-skill-registry 163
-
symfony:api-platform-security
Secure API Platform resources with security expressions, voters, and operation-level access control
majiayu000/claude-skill-registry 163