Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
clerk-observability
Implement monitoring, logging, and observability for Clerk authentication.
Use when setting up monitoring, debugging auth issues in production,
or implementing audit logging.
Trigger with phrases like "clerk monitoring", "clerk logging",
"clerk observability", "clerk metrics", "clerk audit log".
majiayu000/claude-skill-registry 163
-
certificate-lifecycle-manager
Certificate Lifecycle Manager - Auto-activating skill for Security Advanced.
Triggers on: certificate lifecycle manager, certificate lifecycle manager
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
harbor-expert
Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.
majiayu000/claude-skill-registry 163
-
violetconnect-woocommerce
WooCommerce REST API authentication and credential-based onboarding patterns for VioletConnect
majiayu000/claude-skill-registry 163
-
helmet-config-generator
Generate Helmet.js security middleware configuration for Express applications. Triggers on "create helmet config", "generate helmet configuration", "express security headers", "helmet setup".
majiayu000/claude-skill-registry 163
-
android-owasp-security-reviewer
AndroidアプリのセキュリティレビューをOWASP Mobile Top 10 2024およびMASVS (Mobile Application Security Verification Standard) の観点で実施し、Markdownレポートを生成する。
Use when: (1) Androidアプリのセキュリティ監査/レビュー依頼時 (2) 「セキュリティチェック」「脆弱性診断」「OWASP」「MASVS」キーワード時 (3) Androidプロジェクトのコードレビューでセキュリティ観点が必要な時 (4) 金融・医療アプリのセキュリティ評価時
majiayu000/claude-skill-registry 163
-
security-orchestrator
Use this skill when you need to perform comprehensive security vulnerability assessments on a codebase. This skill launches the security-orchestrator agent to conduct systematic security reviews by breaking down the codebase into architectural units and performing deep security analysis.
majiayu000/claude-skill-registry 163
-
docusaurus-auth
Expert skill for implementing authentication in Docusaurus static sites. Handles FastAPI backend setup for authentication, JWT token management, and secure API communication. Includes setup for static site generation, client-side authentication, and user data protection. Use when adding authentication to Docusaurus static sites, implementing FastAPI backend for authentication services, or securing API routes with JWT tokens in static site context.
majiayu000/claude-skill-registry 163
-
security-sentinel
Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10. Critical for payment processing, auth systems, and data handling.
majiayu000/claude-skill-registry 163
-
security-fastapi
FastAPI security audit patterns. Use when reviewing FastAPI apps (fastapi imports, main.py/app.py, requirements/pyproject with fastapi, uvicorn). Covers auth dependencies, CORS configuration, TrustedHost/HTTPS middleware, and common FastAPI/Starlette security footguns.
majiayu000/claude-skill-registry 163
-
API JWT Authenticator
A conceptual skill for securing FastAPI REST APIs with JWT authentication
majiayu000/claude-skill-registry 163
-
mfm-hosts
Talk to My First Million Hosts about their expertise. My First Million Hosts provides authentic advice using their mental models, core beliefs, and real-world examples.
majiayu000/claude-skill-registry 163
-
secure-code-guardian-jeffallan-claude-skills
majiayu000/claude-skill-registry 163
-
mcp-security
Multi-agent and MCP pipeline security with 5-layer defense architecture. Use when building MCP servers, multi-agent systems, or any pipeline that handles user input to prevent prompt injection and ensure proper authorization.
majiayu000/claude-skill-registry 163
-
web-resource-checker
Validates essential web resource files (sitemap.xml, robots.txt, llms.txt, security.txt) for compliance with their specifications. Use when user asks about "sitemap validation", "robots.txt check", "llms.txt", "security.txt", "RFC 9116", "RFC 9309", "web resource audit", "サイトマップ", "セキュリティ", or wants to verify crawler/LLM accessibility files.
majiayu000/claude-skill-registry 163
-
codex-code-review
Perform comprehensive code reviews using OpenAI Codex CLI. This skill should be used when users request code reviews, want to analyze diffs/PRs, need security audits, performance analysis, or want automated code quality feedback. Supports reviewing staged changes, specific files, entire directories, or git diffs.
majiayu000/claude-skill-registry 163
-
prefab-dev
Use this skill when developing Go applications with the Prefab server framework.
This includes creating servers, adding gRPC/HTTP handlers, configuring authentication
and authorization, setting up SSE streams, managing configuration, creating custom
plugins, and following Prefab error handling and security patterns.
majiayu000/claude-skill-registry 163
-
waf-rule-creator
Waf Rule Creator - Auto-activating skill for Security Advanced.
Triggers on: waf rule creator, waf rule creator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
.claude/skills/file-watcher-security/SKILL.md
ファイル監視システムのセキュリティ対策とプロダクション環境での安全な運用パターン。
最小権限の原則、Defense in Depth、Fail-Safe Defaultsに基づく多層防御設計を提供。
専門分野:
📖 参照書籍:
- 『Web Application Security』(Andrew Hoffman): 脅威モデリング
📚 リソース参照:
- `resources/Level1_basics.md`: レベル1の基礎ガイド
- `resources/Level2_intermediate.md`: レベル2の実務ガイド
- `resources/Level3_advanced.md`: レベル3の応用ガイド
- `resources/Level4_expert.md`: レベル4の専門ガイド
- `resources/legacy-skill.md`: 旧SKILL.mdの全文
- `resources/threat-model.md`: threat-model の詳細ガイド
- `scripts/log_usage.mjs`: 使用記録・自動評価スクリプト
- `scripts/security-audit.sh`: セキュリティを監査するスクリプト
- `scripts/validate-skill.mjs`: スキル構造検証スクリプト
- `templates/secure-watcher.ts`: secure-watcher のテンプレート
- `resources/requirements-index.md`: 要求仕様の索引(docs/00-requirements と同期)
Use proactively when handling file watcher security tasks.
majiayu000/claude-skill-registry 163
-
input-sanitization
Эксперт по санитизации ввода. Используй для XSS prevention, encoding, validation и security headers.
majiayu000/claude-skill-registry 163
-
fastapi-auth-patterns
Implement and validate FastAPI authentication strategies including JWT tokens, OAuth2 password flows, OAuth2 scopes for permissions, and Supabase integration. Use when implementing authentication, securing endpoints, handling user login/signup, managing permissions, integrating OAuth providers, or when user mentions JWT, OAuth2, Supabase auth, protected routes, access control, role-based permissions, or authentication errors.
majiayu000/claude-skill-registry 163
-
detect-hardcoded-secrets
Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages. Use when user asks about security issues or secret detection.
majiayu000/claude-skill-registry 163
-
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
-
ffp-code-review
Review code changes for FFP project standards including multi-tenant security, British English, architecture patterns, and SOLID principles. Use when reviewing PRs, checking branch changes, or auditing code quality.
majiayu000/claude-skill-registry 163