Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
security-stride-methodology
Activate when conducting security analysis using STRIDE threat modeling, vulnerability assessment, and security architecture evaluation
majiayu000/claude-skill-registry 163
-
auth-security-reviewer
Reviews authentication and authorization implementation for session management, CSRF, cookie security, and auth flow vulnerabilities with findings, severity assessment, and fix recommendations. Use for "auth review", "session security", "CSRF protection", or "authentication audit".
majiayu000/claude-skill-registry 163
-
cors-policy-validator
Cors Policy Validator - Auto-activating skill for Security Fundamentals.
Triggers on: cors policy validator, cors policy validator
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
tacosdedatos-writer
Use this skill when helping write content for tacosdedatos newsletter/blog. Provides complete voice analysis, structural patterns, engagement mechanics, and writing principles for the distinctive bilingual tech-writer voice. Use for brainstorming post ideas, structuring drafts, writing posts, editing for voice authenticity, creating headlines, quality checking drafts, and generating quick outlines. Essential for maintaining the unique tacosdedatos voice that blends Spanish/English, technical depth with accessibility, vulnerability with expertise, and Mexican cultural identity with Bay Area tech culture.
majiayu000/claude-skill-registry 163
-
festival-operations
Expert knowledge for running winter festival operations covering customer experience, security, vendor relations, lost & found, and marketing communications
majiayu000/claude-skill-registry 163
-
Vulnerability Detection
Systematic approach to identifying security vulnerabilities in code, dependencies, and infrastructure
majiayu000/claude-skill-registry 163
-
pal-codereview
Systematic code review covering quality, security, performance, and architecture using PAL MCP. Use for pull request reviews, code audits, or pre-commit validation. Triggers on review requests, PR reviews, or code quality checks.
majiayu000/claude-skill-registry 163
-
authentication
Authentication and authorization including JWT, OAuth2, sessions, and RBAC. Activate for login, auth flows, security, access control, and identity management.
majiayu000/claude-skill-registry 163
-
understanding-ocsf
Understand the OCSF schema. Use when working with OCSF, looking up classes or objects, normalizing security events, or asking about the schema.
majiayu000/claude-skill-registry 163
-
file-organizer
Comprehensive file organization workflow for SORT/ directory. Validates filenames, renames to CLAUDE.md standards, relocates to correct directories, runs OPSEC agents, and generates detailed reports. Main orchestrator for automated file organization pipeline.
majiayu000/claude-skill-registry 163
-
cursor-compliance-audit
Execute compliance and security auditing for Cursor usage. Triggers on "cursor compliance",
"cursor audit", "cursor security review", "cursor soc2", "cursor gdpr". Use when analyzing or auditing cursor compliance audit. Trigger with phrases like "cursor compliance audit", "cursor audit", "cursor".
majiayu000/claude-skill-registry 163
-
sap-btp-master-data-integration
Configures and integrates SAP Master Data Integration (MDI) service on SAP Business Technology Platform. Use when setting up MDI tenants, connecting applications (S/4HANA, SuccessFactors, Ariba, Fieldglass, etc.), configuring distribution models, SOAP APIs for business partners, extensibility, or troubleshooting master data replication. Covers One Domain Model integration, Business Data Orchestration, client authentication (OAuth2, mTLS), and security configurations.
majiayu000/claude-skill-registry 163
-
workers-security
Cloudflare Workers security with authentication, CORS, rate limiting, input validation. Use for securing APIs, JWT/API keys, or encountering auth failures, CORS errors, XSS/injection vulnerabilities.
majiayu000/claude-skill-registry 163
-
django-reviewer
WHEN: Django project review, ORM queries, views/templates, admin customization
WHAT: ORM optimization + View patterns + Template security + Admin config + Migration safety
WHEN NOT: FastAPI → fastapi-reviewer, Flask → flask-reviewer, DRF API only → consider api-expert
majiayu000/claude-skill-registry 163
-
csp-header-generator
Generate Content Security Policy (CSP) header configurations for web security. Triggers on "create csp header", "generate content security policy", "csp config", "security headers".
majiayu000/claude-skill-registry 163
-
web-security-expert
Expert knowledge of web application security including OWASP Top 10 vulnerabilities, input validation, authentication, authorization, API security, secrets management, security headers, and secure coding practices. Use when implementing security features, reviewing code for vulnerabilities, adding authentication, validating user input, or addressing security concerns.
majiayu000/claude-skill-registry 163
-
rn-security-audit
Security audit skill for React Native applications. Use when reviewing code for vulnerabilities, detecting leaked secrets (API keys, tokens, credentials), identifying exposed personal data (PII), checking insecure storage, validating authentication flows, reviewing network security, and ensuring compliance with mobile security best practices (OWASP MASVS). Covers both JavaScript/TypeScript and native iOS/Android code.
majiayu000/claude-skill-registry 163
-
windsurf-dependency-management
Analyze and update dependencies with vulnerability scanning. Activate when users mention
"update dependencies", "security audit", "npm audit", "vulnerability scan",
or "dependency updates". Handles dependency analysis and updates. Use when working with windsurf dependency management functionality. Trigger with phrases like "windsurf dependency management", "windsurf management", "windsurf".
majiayu000/claude-skill-registry 163
-
trivy
This skill should be used when scanning container images, filesystems, or repositories for vulnerabilities using Trivy. Use for CVE detection, security analysis, vulnerability comparison across image versions, understanding scan output (severity levels, status fields), and batch scanning multiple images.
majiayu000/claude-skill-registry 163
-
terraform-audit
Audits Terraform code for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check terraform code quality. Generates a comprehensive report under reports/YYYY-MM-DD/terraform-audit.md. (project)
majiayu000/claude-skill-registry 163
-
graphql-security
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
majiayu000/claude-skill-registry 163
-
konstantinos
Talk to Konstantinos Doulgeridis Youtuber about their expertise. Konstantinos Doulgeridis Youtuber provides authentic advice using their mental models, core beliefs, and real-world examples.
majiayu000/claude-skill-registry 163
-
auth-bypass
认证绕过漏洞检测与利用。当目标存在登录功能、权限控制、JWT/Session 认证时使用。包括 IDOR、越权访问等。
majiayu000/claude-skill-registry 163
-
scanning-container-security
Execute use when you need to work with security and compliance.
This skill provides security scanning and vulnerability detection with comprehensive guidance and automation.
Trigger with phrases like "scan for vulnerabilities", "implement security controls",
or "audit security".
majiayu000/claude-skill-registry 163