Security

Provides security hardening guidance for AWS and Kubernetes with specific CIS benchmark recommendations, YAML examples for pod security and network policies, and scanning commands for containers and infrastructure. Focuses on practical implementation steps rather than theoretical concepts.

This skill provides a structured 5-phase workflow for auditing command safety patterns. It includes baseline capture, gap analysis, regression testing, priority assessment, and reporting. The skill generates detailed audit reports with actionable recommendations and tracks security coverage over time.

Supply chain investigation, evidence recovery, and forensic analysis for GitHub repositories. Covers deleted commit recovery, force-push detection, IOC extraction, multi-source evidence collection, hypothesis formation/validation, and structured forensic reporting. Inspired by RAPTOR's 1800+ line OSS Forensics system.

Output sanitization for agent responses - prevents accidental secret leaks

Provides concrete implementation patterns for authentication and authorization systems, including JWT, session management, and OAuth2. Includes TypeScript code examples for token generation, refresh flows, and middleware. Focuses on practical security concerns like token storage and session configuration.

A security review tool that systematically checks code against OWASP Top 10 vulnerabilities and AI/MCP security risks. It provides specific search patterns for each vulnerability category and includes automated scripts for secret detection and dependency scanning. The skill guides developers through a structured audit process with actionable remediation steps.

A specialized tool for writing security documentation about vulnerabilities in AI-generated code. It enforces a strict content formula for SEO and LLM citation, provides copy-paste AI fix prompts, and targets non-technical founders using AI coding assistants.

A safety net for AI agents. Catches unsafe tool calls before they execute.

Analyzes Claude session logs to generate permissions configuration for autonomous mode. Reads actual Bash commands and MCP tool usage to create allow/deny rules, helping avoid dangerously-skip-permissions flag. Outputs JSON config that can merge with existing settings.

AI Agent 技能安全扫描器 - 检测恶意技能、后门代码、权限滥用 (Beta 版本)

Full GDPR compliance audit for any website or codebase using the ETALON CLI. Scans for trackers (111k+ domain database), tests consent violations, checks privacy policy vs reality, maps PII data flows, and generates compliance reports. Returns structured JSON. Requires etalon-cli installed locally (cargo install etalon-cli). Free and open source.

Auth0 security specialist covering attack protection, multi-factor authentication, token security, sender constraining, and compliance. Use when implementing Auth0 security features, configuring attack defenses, setting up MFA, or meeting regulatory requirements.