Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
owasp-security-review
Security review and implementation support based on OWASP Cheat Sheet Series. Use for code review requests, security-related implementation/research, and vulnerability checks. Covers security topics such as XSS, SQL Injection, CSRF, and authentication/authorization.
majiayu000/claude-skill-registry 163
-
version-checker
Check version compatibility, breaking changes, and security vulnerabilities for dependencies
majiayu000/claude-skill-registry 163
-
better-auth-setup
Guide implementation of OAuth 2.1 / OIDC authentication using Better Auth with the OIDC Provider plugin. Use this skill when setting up centralized authentication for multiple apps, implementing SSO across a platform, creating an OAuth authorization server, or integrating Better Auth as an identity provider. Covers PKCE for public clients, JWKS configuration, token management, email verification, and common pitfalls like preserving PKCE parameters during sign-in redirects.
majiayu000/claude-skill-registry 163
-
fastapi-zero-to-hero
Complete FastAPI API development framework for Python. Provides comprehensive assistance for building APIs with routing, authentication (JWT, OAuth2, Better Auth), Pydantic models, database integration, and deployment using uv package manager. Use when users ask to build FastAPI applications, implement authentication, create API endpoints, or develop backend services in Python.
majiayu000/claude-skill-registry 163
-
session-end
Mandatory session close-out with IG audit, AAR, and optional HISTORIAN. Enforces clean session handoff.
majiayu000/claude-skill-registry 163
-
cursor-agent
A comprehensive skill for using the Cursor CLI agent for various software engineering tasks (updated for 2026 features, includes tmux automation guide).
majiayu000/claude-skill-registry 163
-
dependency-supply-chain-security
Manage dependencies and supply chain security to prevent vulnerable or malicious packages. Use this skill when you need to audit dependencies, update packages, check for vulnerabilities, understand supply chain attacks, or maintain dependency security. Triggers include "dependencies", "npm audit", "supply chain", "package security", "vulnerability", "npm update", "security audit", "outdated packages".
majiayu000/claude-skill-registry 163
-
cursor-sso-integration
Configure SSO and enterprise authentication in Cursor. Triggers on "cursor sso",
"cursor saml", "cursor oauth", "enterprise cursor auth", "cursor okta". Use when working with cursor sso integration functionality. Trigger with phrases like "cursor sso integration", "cursor integration", "cursor".
majiayu000/claude-skill-registry 163
-
checking-owasp-compliance
Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.
majiayu000/claude-skill-registry 163
-
aws-security-best-practices
Implement comprehensive AWS security controls and compliance
majiayu000/claude-skill-registry 163
-
owasp-mobile-security-checker
Analyze Flutter and mobile applications for OWASP Mobile Top 10 (2024) security compliance. Use this skill when performing security audits, vulnerability assessments, or compliance checks on mobile applications. Performs automated scans for hardcoded secrets, insecure storage, weak cryptography, network security issues, and provides detailed remediation guidance.
majiayu000/claude-skill-registry 163
-
nodejs-best-practices
Node.js best practices including error handling, async patterns, security, and project structure.
majiayu000/claude-skill-registry 163
-
enforce-security-vigilance
Enforce continuous security vigilance and threat monitoring.
majiayu000/claude-skill-registry 163
-
security-sentinel
Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10. Critical for payment processing, auth systems, and data handling.
majiayu000/claude-skill-registry 163
-
security-pattern-detection
Detect OWASP Top 10 vulnerabilities via static analysis. Calculate security score (0.00-1.00) for code quality. Auto-generate remediation suggestions with implementation examples. Integrate with Serena for vulnerability tracking and SLA compliance. Use when: securing code, detecting vulnerabilities, improving security posture, validating fixes, enforcing security standards.
majiayu000/claude-skill-registry 163
-
validating-csrf-protection
Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.
majiayu000/claude-skill-registry 163
-
audit-logging
Implement comprehensive audit logging for all admin actions, capturing user ID, action type, entity changes, IP address, and user agent. Use when tracking system activities or adding audit trails.
majiayu000/claude-skill-registry 163
-
pal-secaudit
Comprehensive security audit with OWASP Top 10 analysis, compliance evaluation, and threat modeling using PAL MCP. Use for security reviews, vulnerability assessment, or compliance checks. Triggers on security audit requests, vulnerability scanning, or compliance reviews.
majiayu000/claude-skill-registry 163
-
authentication-authorization
ログイン、セッション、JWT、OAuth、アクセス制御を実装する際に使用。
majiayu000/claude-skill-registry 163
-
security-analyst
Security analyst persona with deep OWASP expertise, vulnerability classification, risk assessment, and compliance mapping
majiayu000/claude-skill-registry 163
-
api-contract-design
REST and GraphQL API design patterns, OpenAPI/Swagger specifications, versioning strategies, and authentication patterns. Use when designing APIs, reviewing API contracts, evaluating API technologies, or implementing API endpoints. Covers contract-first design, resource modeling, error handling, pagination, and security.
majiayu000/claude-skill-registry 163
-
openwebf-security
DEPRECATED umbrella Skill (backward compatibility). Use only for cross-cutting security reviews spanning remote content + XSS/sanitization + store compliance. Prefer focused openwebf-security-* Skills.
majiayu000/claude-skill-registry 163
-
auth-security-validator
Autonomous validation of authentication security. Checks password hashing, cookie configuration, CSRF protection, and session management for OWASP compliance.
majiayu000/claude-skill-registry 163
-
fix-security-audit
Fix security vulnerabilities from pip-audit, npm audit, Snyk, and other security scanners. Use when security audit checks fail with CVE warnings.
majiayu000/claude-skill-registry 163