Modélisation des menaces pour applications et systèmes — identification des surfaces d'attaque, classification STRIDE, arbres d'attaque et stratégies de mitigation.
Score 70/100
Architecture Zero Trust — never trust always verify, micro-segmentation réseau, approche identity-centric et accès conditionnel.
Score 70/100
Audit HTTP security headers for any URL and receive a grade (A+ to F) with specific recommendations for missing headers
Score 70/100
Automate Securitytrails tasks via Rube MCP (Composio). Always search tools first for current schemas.
Score 70/100
Out-of-the-box Seedance 2.0 API skill — just one API key to generate AI videos. Builds storyboards, generates reference images with Seedream 4.5, submits video tasks, and polls…
Score 70/100
Use when the user is dealing with a leader — a CEO, political figure, boss, business partner, negotiating counterparty — whose self-presentation is larger-than-life in a way that…
Score 70/100
Generates production-grade Selenium WebDriver automation scripts and tests in Java, Python, JavaScript, C#, Ruby, or PHP.
Score 70/100
Autonomously detect and fix broken dependencies, missing packages, Docker issues, Playwright, WhatsApp auth, TypeScript build failures, and SQLite corruption.
Score 70/100
Runs Semgrep against a codebase using official or custom rule registries and outputs a grouped report of security anti-patterns, deprecated API usage, and policy violations.
Score 70/100
Builds custom Semgrep rules using the semgrep YAML rule syntax with metavariable-pattern, pattern-either, and taint-mode analysis.
Score 70/100
Creates custom Semgrep SAST rules using the semgrep CLI and rule schema YAML format. Supports pattern-either, metavariable-regex, and taint-mode tracking for detecting…
Score 70/100
Writes and deploys custom Semgrep rules using pattern, pattern-either, and metavariable-regex operators for multi-language SAST scanning.
Score 70/100
Leverages the Semgrep OSS engine and semgrep-rules registry to perform deep static analysis across 30+ languages.
Score 70/100
Executes Semgrep CLI with custom YAML rules and the Semgrep Registry API to detect anti-patterns, vulnerabilities, and taint tracking violations.
Score 70/100
Generates custom Semgrep rules from natural language descriptions of vulnerability patterns. Uses semgrep --validate to verify rule syntax and semgrep --test to run against sample…
Score 70/100
Executes Semgrep static analysis using the semgrep CLI with custom YAML rule definitions. Supports taint tracking, metavariable comparisons, and pattern-not-inside exclusions for…
Score 70/100
Use this agent when you need deterministic static analysis security scanning using semgrep. This agent complements security-sentinel by running rule-based pattern matching to…
Score 70/100
Runs Semgrep static analysis with custom rule packs targeting OWASP Top 10 patterns. Uses semgrep CLI with --config=auto and --sarif output for GitHub Advanced Security…
Score 70/100
Performs SAST scanning using Semgrep CLI and Semgrep Registry rules. Detects OWASP Top 10 vulnerabilities, injection flaws, and insecure patterns with custom rule YAML authoring.
Score 70/100
Scan codebases for security vulnerabilities and anti-patterns using Semgrep OSS rules and the Semgrep CLI. Supports custom YAML rule authoring and SARIF output for CI integration.
Score 70/100
Runs Semgrep code and supply-chain checks with `semgrep scan`, registry rule packs, and dependency-aware findings to surface risky patterns early.
Score 70/100
Comprehensive backend development skill for building scalable backend systems using NodeJS, Express, Go, Python, Postgres, GraphQL, REST APIs.
Score 70/100
Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices.
Score 70/100
Comprehensive security engineering skill for application security, penetration testing, security architecture, and compliance auditing.
Score 70/100
Static security analysis agent. Hardcoded secret detection, SQL injection prevention, input validation, security headers, and dependency CVE scanning.
Score 70/100
Configure Sentry security settings and data protection. Use when setting up PII scrubbing, managing sensitive data, configuring data scrubbing rules, or hardening Sentry for…
Score 70/100
Guidelines for developing with Sequelize, a promise-based Node.js ORM supporting PostgreSQL, MySQL, MariaDB, SQLite, and SQL Server
Score 70/100
Secure SerpApi API keys and prevent credit abuse. Use when storing API keys, implementing backend proxies, or auditing SerpApi access patterns.
Score 70/100
Use when designing credential rotation for integration users, connected apps, named credentials, and OAuth client secrets in Salesforce.
Score 70/100
Session Security Checker - Auto-activating skill for Security Fundamentals. Triggers on: session security checker, session security checker Part of the Security Fundamentals skill…
Score 70/100
Apply task-specific templates to AI session plans using ai-update-plan. Use when starting a new task to load appropriate plan structure (feature, bugfix, refactor, documentation,…
Score 70/100
Execute use when setting up log aggregation solutions using ELK, Loki, or Splunk. Trigger with phrases like "setup log aggregation", "deploy ELK stack", "configure Loki", or…
Score 70/100
Generates and reviews Salesforce Apex code (Brite edition) with 150-point scoring. TRIGGER when user writes, reviews, or fixes Apex classes, triggers, test classes,…
Score 70/100
Salesforce Connected Apps and OAuth configuration with 120-point scoring. TRIGGER when: user configures OAuth flows, JWT bearer auth, Connected Apps, or touches…
Score 70/100
Salesforce integration architecture (Brite edition) with 120-point scoring. TRIGGER when user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events,…
Score 70/100
Lightning Web Components (Brite edition) with PICKLES methodology and 165-point scoring. TRIGGER when user creates/edits LWC components, touches lwc/**/*.js, .html, .css,…
Score 70/100
SFRA (Storefront Reference Architecture) code review skill using Swarm pattern. Analyzes controllers, models, ISML, services, jobs for best practices, security, and performance.
Score 70/100
Create or refine a concise, normative security policy ("Blue Book") for sensitive applications. Use when users need a threat model, data classification rules, auth/session policy,…
Score 70/100
SharePoint Automation: manage sites, lists, documents, folders, pages, and search content across SharePoint and OneDrive
Score 70/100
Configure Shield Platform Encryption with customer-supplied (BYOK) or customer-held (Cache-Only Key Service) tenant secrets, rotate them, and recover.
Score 70/100
Full cycle: audit site, check Dependabot alerts, fix issues, push, verify CI, deploy, close. Prioritizes Security > Availability > New features. Parallel dispatch for speed.
Score 70/100
Search Shodan for internet-connected devices, open ports, and services — host lookups and database queries
Score 70/100
Performs network reconnaissance using the Shodan REST API and Shodan InternetDB. Discovers exposed services, CVE mappings, and generates asset inventories with risk scores for…
Score 70/100
Provide systematic methodologies for leveraging Shodan as a reconnaissance tool during penetration testing engagements.
Score 70/100
Install and configure Shopify app authentication with OAuth, session tokens, and the @shopify/shopify-api SDK.
Score 70/100
Configure Shopify apps across development, staging, and production environments with separate stores, API credentials, and app instances.
Score 70/100
Apply Shopify security best practices for API credentials, webhook HMAC validation, and access scope management.
Score 70/100
Siem Rule Generator - Auto-activating skill for Security Advanced. Triggers on: siem rule generator, siem rule generator Part of the Security Advanced skill category.
Score 70/100
Continuous macro-market signal detection and classification engine that surfaces emerging trends, threats, and whitespace opportunities.
Score 70/100
Step-by-step cookbook for setting up cryptographically signed audit trails on Claude Code tool calls.
Score 70/100
Verifies container image signatures and SBOMs using Sigstore Cosign and Rekor transparency log. Enforces supply chain security policies by validating keyless signatures against…
Score 70/100
Skeptic Engine v2.1 — falsification-first анализ в 4 режимах. Триггеры: 'skeptic:', 'сломай идею', 'стоит ли делать', 'проверь идею', 'аудит архитектуры', 'проверь решение',…
Score 70/100
Es un motor de gestión de versiones que transforma cambios de código complejos en un historial atómico y semántico mediante la disección de fragmentos (hunks) y el cumplimiento…
Score 70/100
Scan agent skills for security issues before adoption. Detects prompt injection, malicious code, excessive permissions, secret exposure, and supply chain risks.
Score 70/100
Security audit and vulnerability scanning for AI agent skills before installation. Detects prompt injection in SKILL.md files, dangerous code patterns (eval, exec, subprocess),…
Score 70/100
Security-first vetting for OpenClaw skills. Use before installing any skill from ClawHub, GitHub, or other sources.
Score 70/100
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources.
Score 70/100
Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill.
Score 70/100
AI-powered browser automation — navigate sites, fill forms, extract structured data, log in with stored credentials, and build reusable multi-step workflows using natural…
Score 70/100
AI-powered browser automation — navigate sites, fill forms, extract structured data, log in with stored credentials, and build reusable workflows.
Score 70/100