Agent skills

Skills you can use with AI coding agents, indexed from public GitHub repositories.

Latest Most Popular

nextauth Implements authentication with Auth.js/NextAuth.js v5 including OAuth providers, credentials, sessions, and route protection. Use when adding authentication to Next.js, configuring OAuth providers, or protecting routes.
majiayu000/claude-skill-registry 163
session-management-ssg-ssr Expert skill for implementing session management in SSG (Static Site Generation) and SSR (Server-Side Rendering) contexts. Covers stateless authentication with JWT, database session management, client-side session handling, and security best practices for different rendering strategies. Use when implementing session management in static sites (SSG), handling authentication in server-side rendered applications (SSR), or implementing stateless authentication with JWT tokens.
majiayu000/claude-skill-registry 163
audit-skill Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis. Use this skill when performing security audits, code reviews, vulnerability assessments, module structure validation, or generating audit reports.
majiayu000/claude-skill-registry 163
cybersecurity-analyst Analyzes events through cybersecurity lens using threat modeling, attack surface analysis, defense-in-depth, zero-trust architecture, and risk-based frameworks (CIA triad, STRIDE, MITRE ATT&CK). Provides insights on vulnerabilities, attack vectors, defense strategies, incident response, and security posture. Use when: Security incidents, vulnerability assessments, threat analysis, security architecture, compliance. Evaluates: Confidentiality, integrity, availability, threat actors, attack patterns, controls, residual risk.
majiayu000/claude-skill-registry 163
aws-security-best-practices Implement comprehensive AWS security controls and compliance
majiayu000/claude-skill-registry 163
sr-cardoso-backend Backend Cloud Run/Express/Firestore do Sr Cardoso. Use quando criar ou alterar endpoints, auth JWT, regras de agenda, financeiro, branding, WhatsApp, cron jobs, ou modelagem Firestore.
majiayu000/claude-skill-registry 163
windsurf-dependency-management Analyze and update dependencies with vulnerability scanning. Activate when users mention "update dependencies", "security audit", "npm audit", "vulnerability scan", or "dependency updates". Handles dependency analysis and updates. Use when working with windsurf dependency management functionality. Trigger with phrases like "windsurf dependency management", "windsurf management", "windsurf".
majiayu000/claude-skill-registry 163
attacking-wireless-networks Attack WiFi networks using WPA/WPA2 cracking, WPS exploitation, Evil Twin attacks, deauthentication, and wireless reconnaissance. Use when pentesting wireless networks or performing WiFi security assessments.
majiayu000/claude-skill-registry 163
Security Auditing Audit security with vulnerability scanning, input validation checks, and auth/authz review against OWASP Top 10. Use when implementing authentication, reviewing security-sensitive code, or conducting security audits.
majiayu000/claude-skill-registry 163
detect-hardcoded-secrets Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages. Use when user asks about security issues or secret detection.
majiayu000/claude-skill-registry 163
fastapi-security-expert Expert in securing FastAPI applications with JWT tokens and Better Auth. Use this when implementing authentication middleware, route protection, and user isolation.
majiayu000/claude-skill-registry 163
auth-module-builder Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
vulnerability-scanning Automated vulnerability detection using OWASP tools, CVE databases, and security scanners. Use when performing security audits, compliance checks, or continuous security monitoring.
majiayu000/claude-skill-registry 163
openwebf-security-remote-content Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.
majiayu000/claude-skill-registry 163
audit-style Audit and refactor CSS to comply with Game Loopers design system and BEM methodology
majiayu000/claude-skill-registry 163
WordPress Penetration Testing This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.
majiayu000/claude-skill-registry 163
SSH Penetration Testing This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
majiayu000/claude-skill-registry 163
google-docs-sheets Export Google Docs and Google Sheets (spreadsheets) to Markdown files or stdout. Use when asked to fetch, download, or ingest Google Docs/Sheets content for summarization, analysis, or context loading. Tries gcloud ADC first with browser OAuth fallback.
majiayu000/claude-skill-registry 163
authentication-docs API認証ドキュメント（OAuth 2.0/PKCE、API Key、JWT、トークン管理）の作成と図解を支援するスキル。認証フローの説明、トークン取得手順、セキュリティ注意点をわかりやすく整理します。 Anchors: • OAuth 2.0 Simplified / 適用: フロー図解 / 目的: 正確な説明と用語整理 • Web Application Security / 適用: セキュリティ注意点 / 目的: 安全な認証ドキュメント • API Documentation Best Practices / 適用: ドキュメント構成 / 目的: 読みやすさの担保 Trigger: Use when writing authentication docs, creating OAuth flow diagrams, documenting token management, or preparing quickstart guides for API auth.
majiayu000/claude-skill-registry 163
encrypting-and-decrypting-data Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.
majiayu000/claude-skill-registry 163
security-rbac-auth Implement authentication, authorization, and security controls. Use for JWT handling, API key management, RBAC, OAuth integration, and security policies. Triggers on "authentication", "authorization", "JWT", "API key", "RBAC", "OAuth", "security", "permissions", or when implementing spec/006-security-governance.md.
majiayu000/claude-skill-registry 163
security-reporter Use when generating comprehensive security audit reports, analyzing security scan results, calculating security posture, or creating OWASP Top 10 compliance assessments. Invoked for security reporting, vulnerability aggregation, and remediation planning.
majiayu000/claude-skill-registry 163
security-agent Deep security analysis with high reasoning effort for threat detection
majiayu000/claude-skill-registry 163
auth-security-validator Autonomous validation of authentication security. Checks password hashing, cookie configuration, CSRF protection, and session management for OWASP compliance.
majiayu000/claude-skill-registry 163