Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
tool-usage
Security tool command reference
majiayu000/claude-skill-registry 163
-
convex-patterns
Convex backend patterns with security, validation, and performance best practices
majiayu000/claude-skill-registry 163
-
security-testing-patterns
Security testing patterns including SAST, DAST, penetration testing, and vulnerability assessment techniques. Use when implementing security testing pipelines, conducting security audits, or validating application security controls.
majiayu000/claude-skill-registry 163
-
secure-nextjs-api-routes
A comprehensive security middleware system for Next.js 13+ App Router API routes that provides authentication, rate limiting, CSRF protection, audit logging, and security headers in a composable, production-ready pattern. Use when building secure Next.js APIs that need protection against common web vulnerabilities.
majiayu000/claude-skill-registry 163
-
code-reviewing
高品質なコードレビューを実施するスキル。セキュリティ、パフォーマンス、保守性、
アーキテクチャの観点から包括的にレビューし、Must/Should/Nice to haveで
優先順位付けした建設的なフィードバックを提供します。
majiayu000/claude-skill-registry 163
-
google-connect
Connect to Google Workspace services (Gmail, Docs, Sheets, Calendar, Drive, Tasks, Slides). Load when user mentions 'connect google', 'setup google', 'configure google', 'google integration', or needs to set up Google OAuth credentials.
majiayu000/claude-skill-registry 163
-
rodauth
Plutonium Rodauth integration - authentication setup, account types, and configuration
majiayu000/claude-skill-registry 163
-
authentication-flows
API Key、JWT、OAuth 2.0、mTLS などの認証方式を比較し、適切なフロー設計と実装方針を整理するスキル。
方式選定、トークン管理、署名戦略、セキュリティ対策を一貫して設計します。
Anchors:
• Web Application Security / 適用: 脅威整理 / 目的: 認証フローのリスク把握
• OWASP Authentication Cheat Sheet / 適用: 実装ベストプラクティス / 目的: 安全な実装指針
• RFC 6749 & RFC 7519 / 適用: OAuth/JWT仕様 / 目的: 標準準拠の設計
Trigger:
Use when selecting authentication flows (API Key/JWT/OAuth/mTLS), designing token strategy, or validating auth configuration.
majiayu000/claude-skill-registry 163
-
auth-provider
认证提供商统一接口,支持 Supabase Auth、Clerk、Firebase Auth 等主流认证服务。
提供用户注册、登录、OAuth、会话管理、权限验证等功能。
majiayu000/claude-skill-registry 163
-
auth
Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures. Framework-agnostic patterns that work with any tech stack.
majiayu000/claude-skill-registry 163
-
app-sharing
Manage Glide app access, privacy, authentication, and publishing.
Use when configuring who can access an app, setting up sign-in methods,
publishing apps, inviting users, or configuring Row Owners for data security.
majiayu000/claude-skill-registry 163
-
security-reviewer
Use when reviewing code for security vulnerabilities, conducting threat modeling, ensuring SLSA compliance, or performing security assessments. Invoked for security analysis, vulnerability detection, and compliance verification.
majiayu000/claude-skill-registry 163
-
Wheels Controller Generator
Generate Wheels MVC controllers with CRUD actions, filters, parameter verification, and proper rendering. Use when creating or modifying controllers, adding actions, implementing filters for authentication/authorization, handling form submissions, or rendering views/JSON. Ensures proper Wheels conventions and prevents common controller errors.
majiayu000/claude-skill-registry 163
-
service-mesh-integrator
Configure service mesh solutions including Istio, Linkerd, and Consul for traffic management, security, and observability in microservices. Activates for service mesh setup, mTLS, traffic routing, and mesh configuration.
majiayu000/claude-skill-registry 163
-
security-express
Express.js security audit patterns. Load when reviewing Express apps. Covers Helmet.js, CORS, body-parser limits, auth middleware, and common Express security mistakes.
majiayu000/claude-skill-registry 163
-
writing-agent-skills
Author and structure effective Agent Skills. Use when creating new skills, refining existing ones, or auditing skill structure and best practices.
majiayu000/claude-skill-registry 163
-
checking-session-security
Analyze session management implementations to identify security vulnerabilities in web applications.
Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security.
Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".
majiayu000/claude-skill-registry 163
-
ark-vulnerability-fixer
CVE research and security patch workflow for Ark. Provides CVE API integration, mitigation strategies, and security-focused PR templates. Works with research, analysis, and setup skills for comprehensive vulnerability fixing.
majiayu000/claude-skill-registry 163
-
security-expert
OWASPの基本を前提に、デフォルト安全(入力検証/認可/秘密情報/監査ログ/SSR/CSRF等)を落とさずに設計・実装・レビューする。脅威と攻撃面を洗い出し、最小権限と安全な失敗で守るために使う。
majiayu000/claude-skill-registry 163
-
remediation-library
Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.
majiayu000/claude-skill-registry 163
-
vulnerability-discovery
Systematic vulnerability finding, threat modeling, and attack surface analysis for AI/LLM security assessments
majiayu000/claude-skill-registry 163
-
performing-security-audits
Analyze code, infrastructure, and configurations by conducting comprehensive security audits. It leverages tools within the security-pro-pack plugin, including vulnerability scanning, compliance checking, and cryptography review. Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
majiayu000/claude-skill-registry 163
-
artifact-orchestration
Orchestrate multi-agent artifact generation with the Primary Author → Parallel Reviewers → Synthesizer → Archive pattern. Use when relevant to the task.
majiayu000/claude-skill-registry 163
-
jwt-authentication
Implement secure JWT (JSON Web Token) authentication in Node.js applications with access/refresh tokens and role-based access control
majiayu000/claude-skill-registry 163