Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
auth-analyzer
Review and analyze authentication and authorization patterns for security vulnerabilities.
majiayu000/claude-skill-registry 163
-
web-security
Exploits web application vulnerabilities. Use when working with SQL injection, XSS, SSRF, SSTI, command injection, path traversal, authentication bypass, deserialization, or any web-based CTF challenge.
majiayu000/claude-skill-registry 163
-
IoT UART Console (picocom)
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
-
scanning-container-security
Execute use when you need to work with security and compliance.
This skill provides security scanning and vulnerability detection with comprehensive guidance and automation.
Trigger with phrases like "scan for vulnerabilities", "implement security controls",
or "audit security".
majiayu000/claude-skill-registry 163
-
authorization-security
Authorization security standards covering RBAC, ABAC, policy enforcement, OAuth2 scopes, resource-based access control, and NIST 800-53 compliance (AC-3, AC-4, AC-6) for production systems
majiayu000/claude-skill-registry 163
-
agent-dependency-manager
Expert dependency manager specializing in package management, security auditing, and version conflict resolution across multiple ecosystems. Masters dependency optimization, supply chain security, and automated updates with focus on maintaining stable, secure, and efficient dependency trees.
majiayu000/claude-skill-registry 163
-
dependency-security
Dependency security scanning. Use when auditing npm packages for vulnerabilities.
majiayu000/claude-skill-registry 163
-
Create Auth Skill
A skill to create auth service for new applications.
majiayu000/claude-skill-registry 163
-
security-protocols
π‘οΈ Comprehensive security management for festivals including crowd control, threat assessment, emergency response, and staff coordination.
majiayu000/claude-skill-registry 163
-
jwt-auth-expert
Comprehensive JWT authentication expert for senior developers (10+ years experience). Intelligently detects project language/framework and implements production-ready JWT auth systems with refresh tokens, secure HTTP-only cookies, token rotation, blacklisting, RBAC, MFA, and complete security. Covers Express, FastAPI, Next.js, React, Django, Flask, NestJS, and more. Automatically audits JWT implementations, generates complete auth systems (registration, login, logout, refresh, password reset), implements middleware, prevents XSS/CSRF attacks, uses bcrypt/argon2 hashing, and follows OWASP best practices. Use for implementing JWT authentication, token refresh flows, secure cookie storage, protected routes, role-based access control, security audits, and complete auth system generation.
majiayu000/claude-skill-registry 163
-
atlas-full
Full 9-phase workflow for complex features, epics, and security-critical changes (2-4 hours)
majiayu000/claude-skill-registry 163
-
encrypting-and-decrypting-data
Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.
majiayu000/claude-skill-registry 163
-
smart-contract-security
Master smart contract security with auditing, vulnerability detection, and incident response
majiayu000/claude-skill-registry 163
-
docs-audit-sane-apps-saneprocess-f60f7a11
majiayu000/claude-skill-registry 163
-
authorization-patterns
Authorization patterns including RBAC and ABAC. Use when implementing access control.
majiayu000/claude-skill-registry 163
-
procurement-playbook
Use to manage legal, security, and procurement workflows for complex deals.
majiayu000/claude-skill-registry 163
-
Security Scanning Patterns
Security vulnerability scanning, secret detection, dependency auditing, and OWASP best practices. Use when performing security audits, scanning for vulnerabilities, detecting exposed secrets, checking dependencies, validating security headers, implementing OWASP patterns, or when user mentions security, vulnerabilities, secrets, CVE, OWASP, npm audit, security headers, or penetration testing.
majiayu000/claude-skill-registry 163
-
server-setup
Set up drizzle-cube API server with Express, Fastify, Hono, or Next.js framework adapters. Use when configuring the semantic layer server, setting up API endpoints, extracting security context, or initializing drizzle-cube with different web frameworks.
majiayu000/claude-skill-registry 163
-
analyzing-protocols
Analyzes network protocol implementations to identify parsing vulnerabilities, state machine issues, and protocol-level security problems. Use when analyzing network servers, protocol handlers, or investigating protocol implementation bugs.
majiayu000/claude-skill-registry 163
-
api-key-manager
Api Key Manager - Auto-activating skill for Security Fundamentals.
Triggers on: api key manager, api key manager
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
auth-token-manager
ΠΠΎΠ»ΡΡΠ΅Π½ΠΈΠ΅ Π²Π°Π»ΠΈΠ΄Π½ΡΡ
JWT Bearer ΡΠΎΠΊΠ΅Π½ΠΎΠ² Π΄Π»Ρ Π°ΡΡΠ΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ MikoPBX REST API v3. ΠΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡ ΠΊΠΎΠ³Π΄Π° Π½ΡΠΆΠ½ΠΎ ΡΠ΅ΡΡΠΈΡΠΎΠ²Π°ΡΡ API ΡΠ½Π΄ΠΏΠΎΠΈΠ½ΡΡ, ΠΎΡΠ»Π°ΠΆΠΈΠ²Π°ΡΡ ΠΏΡΠΎΠ±Π»Π΅ΠΌΡ Π°ΡΡΠ΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ ΠΈΠ»ΠΈ ΠΏΡΠΈ Π²ΠΎΠ·Π½ΠΈΠΊΠ½ΠΎΠ²Π΅Π½ΠΈΠΈ ΠΎΡΠΈΠ±ΠΎΠΊ 401 Unauthorized. ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΈ ΠΎΠ±ΡΠ°Π±Π°ΡΡΠ²Π°Π΅Ρ Π²Ρ
ΠΎΠ΄ Ρ username/password ΠΈ Π²ΠΎΠ·Π²ΡΠ°ΡΠ°Π΅Ρ Π³ΠΎΡΠΎΠ²ΡΠΉ ΠΊ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ access token.
majiayu000/claude-skill-registry 163
-
auth-security-reviewer
Reviews authentication and authorization implementation for session management, CSRF, cookie security, and auth flow vulnerabilities with findings, severity assessment, and fix recommendations. Use for "auth review", "session security", "CSRF protection", or "authentication audit".
majiayu000/claude-skill-registry 163
-
security-header-generator
Generates security HTTP headers (CSP, HSTS, CORS, etc.) for web applications to prevent common attacks. Use when user asks to "add security headers", "setup CSP", "configure CORS", "secure headers", or "HSTS setup".
majiayu000/claude-skill-registry 163
-
security-hardening-checklist
This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, cookie configuration, RLS policies, input sanitization, rate limiting, and other security measures. It generates a comprehensive security audit report with actionable recommendations. Trigger terms include security audit, security check, harden security, security review, vulnerability check, security headers, secure cookies, input validation, rate limiting, security best practices.
majiayu000/claude-skill-registry 163