Security

This skill provides detailed guidance for implementing Auth0 security features like attack protection, MFA setup, token management, and compliance with standards like FAPI and GDPR. It includes specific dashboard navigation paths, configuration thresholds, and step-by-step implementation instructions for security professionals.

Automatically runs OWASP security checks on generated code, providing validation for common vulnerabilities like SQL injection and exposed secrets. It includes auto-fix suggestions for issues and can be run via command line scripts. The tool operates silently unless unfixable security issues are found.

This skill automatically provides access to cryptography-related knowledge when users work with TLS, certificates, encryption, or PKI. It organizes 7 specific sub-skills covering fundamentals, configuration, legacy systems, and best practices, with clear workflows for common tasks like HTTPS setup and certificate troubleshooting.

Sets up pre-commit hooks with gitleaks and detect-secrets to prevent accidental secret commits. Provides setup commands, scanning workflows, and remediation steps for leaked credentials. Includes CI/CD integration and multilingual triggers.

Provides detailed guidance for using ffuf web fuzzer in penetration testing, covering installation, core concepts, common use cases, filtering strategies, and troubleshooting. Includes helper scripts for result analysis and request template creation. Emphasizes auto-calibration to reduce false positives and authenticated fuzzing techniques.

A Bash-based SQLite wrapper that enforces parameterized queries to prevent SQL injection. It validates table/column names, sanitizes input values, and provides CRUD operations with secure parameter binding using sqlite3's .param feature. Includes transaction support and legacy compatibility functions.

Provides a six-phase workflow for adding safety validation to new LLM inference backends. Includes concrete Rust code examples, specific test commands to verify blocking of dangerous patterns, and clear integration points. Focuses on preventing execution of harmful system commands like rm -rf, dd, and chmod 777.

A specialized tool for managing OWASP Dependency-Check vulnerabilities in the morphir-dotnet project. It provides structured workflows for scanning, analyzing CVEs, creating suppression files, and guiding fix decisions with clear decision trees and command examples.

Provides ready-to-use YAML templates for implementing Kubernetes security controls including NetworkPolicy, Pod Security Standards, RBAC, and admission control with OPA Gatekeeper. It addresses common compliance requirements like CIS benchmarks and NIST frameworks with practical examples for production clusters.

Provides concrete implementation patterns for authentication using better-auth library with TanStack Start. Focuses on multi-tenant support, session management with Redis, and integration with Doppler for secrets. Includes specific code examples for email/password, magic links, OAuth, and passkeys.

Chief Security Officer mode with infrastructure audits, supply chain scanning, and STRIDE threat modeling.

Guides developers through a structured TDD process for adding security patterns to block dangerous shell commands. Provides a 6-phase workflow from threat identification to commit, with concrete examples for regex patterns and test cases. Focuses on preventing catastrophic commands like disk wipes and recursive deletions.