Security

Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables

Provides CLI commands and workflows for scanning npm dependencies using pnpm audit and Snyk. Includes detailed examples for fixing vulnerabilities, CI integration, and automated dependency updates. Focuses on practical security checks before deployments.

A structured OSINT framework for authorized investigations with clear workflows for people, company, and entity research. Includes ethical guardrails, multi-agent parallel execution, and detailed reporting templates. Focuses on public data collection with strict authorization requirements.

This skill provides a structured framework for handling security and operational incidents. It defines clear response phases, integrates with common incident management tools like PagerDuty and Jira, and includes checklists for evidence collection, communication, and post-incident review. It's designed for teams needing consistent incident handling procedures.

A specialized security auditing tool that integrates multiple scanning utilities (Nessus, Qualys, OpenVAS, Prowler) to conduct comprehensive security assessments. It follows structured audit phases from planning to reporting, covers major compliance frameworks, and provides actionable remediation guidance.

An inline workflow that orchestrates security vulnerability detection and remediation through prioritized fixing cycles. It scans for SQL injection, XSS, secrets, and dependency issues, then applies fixes by priority with verification steps. Includes quality gates and rollback mechanisms.

Aggregates annual security reports from 570+ cybersecurity sources, providing structured access to threat intelligence, vendor reports, and industry analysis. Includes workflows for updating sources, analyzing trends, and fetching specific reports across 20+ categories like ransomware, cloud security, and AI threats.

A gateway skill that auto-activates for security-related tasks, providing access to six specialized sub-skills covering authentication, authorization, input validation, security headers, vulnerability assessment, and secrets management. It uses progressive loading to manage token usage efficiently.

Provides detailed guidance for performing web searches with privacy protection, source verification, and information validation. Includes specific search operators, privacy-focused engines, credibility checklists, and fact-checking workflows for researchers and security-conscious users.

This skill provides structured frameworks for enterprise risk identification, quantification, and mitigation across financial, operational, and cybersecurity domains. It integrates multiple analytical tools including Python, R, and SQL for modeling, with checklists for compliance verification and risk reporting automation.

Provides actionable security patterns for application development, covering OWASP Top 10, API security, and secure SDLC. Includes decision trees, implementation tables, and incident response playbooks for real-world use.

This skill performs automated code reviews focusing on security vulnerabilities (OWASP Top 10) and best practices. It scans codebases, identifies issues by severity, and generates actionable reports with fix checklists. It supports multiple languages and integrates with existing MCP tools for file discovery.