Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
security-audit
Agent Skill: Security audit patterns for PHP/OWASP. Use when conducting security assessments, identifying vulnerabilities (XXE, SQL injection, XSS), or CVSS scoring. By Netresearch.
majiayu000/claude-skill-registry 163
-
code-review-checklist
Review code changes for correctness, security, performance, and maintainability. Use for PR reviews,
code audits, pre-merge checks, or quality validation of Laravel + React code. EXCLUSIVE to reviewer agent.
majiayu000/claude-skill-registry 163
-
google-connect
Connect to Google Workspace services (Gmail, Docs, Sheets, Calendar, Drive, Tasks, Slides). Load when user mentions 'connect google', 'setup google', 'configure google', 'google integration', or needs to set up Google OAuth credentials.
majiayu000/claude-skill-registry 163
-
using-security-architect
Routes to security architecture skills - threat modeling, controls, compliance, authorization
majiayu000/claude-skill-registry 163
-
scanning-for-vulnerabilities
Execute this skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. it identifies security vulnerabilities in code, dependencies, and configurations, including cve detection. use this skill when the user asks to scan fo... Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.
majiayu000/claude-skill-registry 163
-
Security Audit and Vulnerability Scanning
Comprehensive security audit workflow including dependency scanning, unsafe code detection, and secret management. Use when scanning for vulnerabilities or before production deployment.
majiayu000/claude-skill-registry 163
-
websocket
Real-time bidirectional communication with security focus on CSWSH prevention, authentication, and message validation
majiayu000/claude-skill-registry 163
-
powershell-skill
Execute PowerShell commands on Windows systems with security constraints
majiayu000/claude-skill-registry 163
-
clerk-observability
Implement monitoring, logging, and observability for Clerk authentication.
Use when setting up monitoring, debugging auth issues in production,
or implementing audit logging.
Trigger with phrases like "clerk monitoring", "clerk logging",
"clerk observability", "clerk metrics", "clerk audit log".
majiayu000/claude-skill-registry 163
-
security-reporting
セキュリティ診断レポートの作成と脆弱性報告の文書化を支援するスキル。
脅威分析、脆弱性評価、リスク採点、レポート生成の一連のプロセスを体系化し、
専門的で実用性の高いセキュリティドキュメントを作成する。
Anchors:
• OWASP Top 10 (2021) / 適用: 脆弱性分類・評価基準 / 目的: 業界標準への準拠
• CVSS v3.1 (FIRST) / 適用: リスクスコア計算 / 目的: 定量的脆弱性評価
• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング / 目的: 体系的分析手法
• CWE Top 25 / 適用: 脆弱性分類 / 目的: 共通語彙での報告
Trigger:
Use when creating security audit reports, vulnerability assessments, penetration test documentation, or risk analysis documents.
security report, vulnerability report, security audit, penetration test report, risk assessment, 脆弱性レポート, セキュリティ監査
majiayu000/claude-skill-registry 163
-
gdpr-compliance-scanner
Gdpr Compliance Scanner - Auto-activating skill for Security Advanced.
Triggers on: gdpr compliance scanner, gdpr compliance scanner
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
security-audit-expert
专业安全审计专家,精通漏洞扫描、渗透测试、合规检查和安全代码审查。帮助企业识别和修复安全风险,确保系统和数据的安全性。
majiayu000/claude-skill-registry 163
-
attack-methods-lookup
Looks up OWASP Top 10 attack methods, CWE references, and form-specific vulnerability patterns with a bounty hunter mindset. Returns attack vectors, payloads, and payout estimates. Use when user asks about "XSS", "SQL injection", "CSRF", "OWASP", "CWE", "IDOR", "injection", "bypass", "vulnerability", "exploit", "SQLインジェクション", "クロスサイトスクリプティング", "脆弱性".
majiayu000/claude-skill-registry 163
-
Dependency Health
Security-first dependency management methodology with batch remediation, policy-driven compliance, and automated enforcement. Use when security vulnerabilities exist in dependencies, dependency freshness low (outdated packages), license compliance needed, or systematic dependency management lacking. Provides security-first prioritization (critical vulnerabilities immediately, high within week, medium within month), batch remediation strategy (group compatible updates, test together, single PR), policy-driven compliance framework (security policies, freshness policies, license policies), and automation tools for vulnerability scanning, update detection, and compliance checking. Validated in meta-cc with 6x speedup (9 hours manual to 1.5 hours systematic), 3 iterations, 88% transferability across package managers (concepts universal, tools vary by ecosystem).
majiayu000/claude-skill-registry 163
-
cookbook-audit
Audit an Anthropic Cookbook notebook based on a rubric. Use whenever a notebook review or audit is requested.
majiayu000/claude-skill-registry 163
-
standards-gap-analysis
Identify which standards are covered vs. missing, analyze depth of coverage for each standard, prioritize uncovered standards, and recommend content to fill gaps. Use when auditing curriculum coverage. Activates on "gap analysis", "standards gaps", or "coverage audit".
majiayu000/claude-skill-registry 163
-
scanning-api-security
Detect API security vulnerabilities including injection, broken auth, and data exposure.
Use when scanning APIs for security vulnerabilities.
Trigger with phrases like "scan API security", "check for vulnerabilities", or "audit API security".
majiayu000/claude-skill-registry 163
-
neo-llm-security
AI security co-pilot for identifying, testing, and fixing vulnerabilities in LLM-powered applications.
Use when: (1) Securing LLM applications or agents, (2) Generating security test suites with promptfoo,
(3) Testing for prompt injection, jailbreaking, data exfiltration, (4) Hardening system prompts,
(5) Compliance mapping for OWASP LLM Top 10, NIST AI RMF, CJIS, SOC2, (6) Threat modeling AI systems,
(7) Analyzing security eval results, (8) Research on LLM attack/defense techniques.
Triggers: "secure my LLM", "prompt injection", "jailbreak test", "AI security", "red team",
"system prompt hardening", "LLM vulnerability", "promptfoo", "OWASP LLM", "AI compliance".
majiayu000/claude-skill-registry 163
-
spring-boot-security-jwt
JWT authentication and authorization patterns for Spring Boot 3.5.x covering token generation with JJWT, Bearer/cookie authentication, database/OAuth2 integration, and RBAC/permission-based access control using Spring Security 6.x.
majiayu000/claude-skill-registry 163
-
typescript-security-checker
Next.js/TypeScriptプロジェクト向けセキュリティ診断スキル。OWASP準拠。
以下の場合に使用:
(1) PRレビュー時のセキュリティチェック
(2) API Routes のセキュリティ検証
(3) 認証・認可ロジックの確認
(4) 依存パッケージの脆弱性確認
(5) 環境変数・シークレット管理の確認
majiayu000/claude-skill-registry 163
-
software-security-appsec
Modern application security patterns including OWASP Top 10:2025, zero trust architecture, supply chain security, authentication, authorization, input validation, and cryptography for 2024-2025
majiayu000/claude-skill-registry 163
-
qa-security-scan
Security scanning templates and checklists for OWASP Top 10, authentication, authorization, data protection. Use when conducting security testing or vulnerability assessment.
This skill provides comprehensive security testing:
- OWASP Top 10 checklist with remediation
- Authentication and authorization testing
- Data protection verification
- Security report generation
- Integration with Codex CLI MCP for automated scanning
Triggers: "security scan", "vulnerability check", "OWASP", "security test", "セキュリティスキャン", "脆弱性チェック", "セキュリティテスト"
majiayu000/claude-skill-registry 163
-
log-analysis-security
Log Analysis Security - Auto-activating skill for Security Advanced.
Triggers on: log analysis security, log analysis security
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
spring-security
Secure Spring Boot applications - authentication, authorization, OAuth2, JWT, CORS/CSRF protection
majiayu000/claude-skill-registry 163