Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
Generalist agent that plans, browses, executes shell commands, and writes files.
Autonomous security vulnerability scanner for codebases. Detects secrets, XSS, missing security headers, auth issues, OWASP Top 10 patterns, dependency vulnerabilities, PII…
Stage 1. Sign up at Wasender, get a Personal Access Token, create a WhatsApp session, scan the QR with the user's phone, and verify the connection works end-to-end.
Waf Rule Creator - Auto-activating skill for Security Advanced. Triggers on: waf rule creator, waf rule creator Part of the Security Advanced skill category.
Full security audit — secrets, dependencies, IAM, auth, injection, XSS, HTTPS, rate limiting, public storage.
Produce a hardening spec and implement it — auth patterns, security headers, rate limiting, input validation, secrets management, dependency hygiene.
Security reconnaissance — full inventory of secrets management, IAM, dependencies, auth, encryption, audit logging, and compliance gaps.
Produce a threat model — assets, ranked threats, mitigations, accepted risks. Use when asked to "threat model this", "what could go wrong security-wise", "map our attack surface",…
Poll the Anthropic plugin marketplace manifest until "channelhub" appears, then notify the user. Use when waiting for the security review to land — the submission portal shows…
Use when manually monitoring, watching, tracking, or reviewing AI assistant storage, session, transcript, JSONL, or SQLite format drift after official upstream repository,…
Apply modern web development best practices for security, compatibility, and code quality. Use when asked to "apply best practices", "security audit", "modernize code", "code…
Expert 10x engineer with comprehensive knowledge of web development, internet protocols, and web standards.
Documentação e integração do pacote npm @lina-openx/web-lina-pay-sdk (Lina OpenX / Open Finance). Use este skill sempre que o utilizador pedir ajuda com este SDK: exemplos de…
OWASP Top 10, security headers, CSP, XSS prevention, and vulnerability prevention.
Expert guidance on identifying and mitigating common web vulnerabilities from a bug hunter's perspective.
Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.
OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments.
Web2 recon pipeline — subdomain enumeration (subfinder, Chaos API, assetfinder), live host discovery (dnsx, httpx), URL crawling (katana, waybackurls, gau), directory fuzzing…
Complete reference for 18 web2 bug classes with root causes, detection patterns, bypass tables, exploit techniques, and real paid examples.
Smart contract security audit — 10 DeFi bug classes (accounting desync, access control, incomplete path, off-by-one, oracle, ERC4626, reentrancy, flash loan, signature replay,…
Go-to-market strategy for web3 builders - protocols, products, services, and solo founders. Use when planning growth for a crypto protocol, building developer community, crafting…
Automated web application vulnerability scanner and exploit generator starting from domains or URLs. Tests for SQLi, XSS, SSRF, IDOR, SSTI, authentication bypass, file upload…
Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions.
Automated SQL injection detection and exploitation tool for web application security testing. Use when: (1) Testing web applications for SQL injection vulnerabilities in…
Web security assessment. USE WHEN web assessment, pentest, security testing, vulnerability scan. SkillSearch('webassessment') for docs.
Execute Webflow production deployment checklist — token security, rate limit hardening, health checks, circuit breakers, gradual rollout, and rollback procedures.
Apply Webflow API security best practices — token management, scope least privilege, OAuth 2.0 secret rotation, webhook signature verification, and audit logging.
Use when conducting a formal Salesforce Well-Architected Framework (WAF) review of an org or solution design.
Detect antibot vendors on one or more URLs without opening a browser session. Use when the user asks what antibot, bot protection, WAF, captcha, or challenge provider a site uses,…
Use when the user is facing, or about to face, a negotiation where the counterparty's first move is shock-and-awe — a maximalist demand, a public ultimatum, a surprise threat, or…
Code style and conventions audit with auto-fix capabilities for comprehensive style enforcement
Comprehensive security auditing across static analysis, dynamic testing, dependency vulnerabilities, secrets detection, and OWASP compliance
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management.
Configure Claude Code sandbox security with file system and network isolation boundaries. Ensures safe code execution with proper access controls and resource limits.
Use when conducting comprehensive code review for pull requests across multiple quality dimensions. Orchestrates 12-15 specialized reviewer agents across 4 phases using star…
Configure Claude Code sandbox network isolation with trusted domains, custom access policies, and environment variables for secure network communication.
Complete WordPress white-labeling using FREE plugins only - ASE, Branda, White Label CMS, Admin Menu Editor.
WhiteHat Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with WhiteHat Security data.
Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements.
Configure AI interaction audit logging for compliance. Activate when users mention "audit logging", "compliance logging", "ai interaction logs", "security audit", or "activity…
Analyze and update dependencies with vulnerability scanning. Activate when users mention "update dependencies", "security audit", "npm audit", "vulnerability scan", or "dependency…
Apply Windsurf security best practices for workspace isolation, data privacy, and secret protection. Use when securing sensitive code from AI indexing, configuring telemetry, or…
Execute comprehensive network traffic analysis using Wireshark to capture, filter, and examine network packets for security investigations, performance optimization, and…
Analyse de trafic réseau avec Wireshark incluant capture, filtres, protocoles et diagnostic réseau. Se déclenche avec "Wireshark", "capture réseau", "analyse de trafic", "pcap",…
Structured web scraping for AI coders: explore, then exploit with shipped templates, runner, and hooks.
Wispr Flow security basics for voice-to-text API integration. Use when integrating Wispr Flow dictation, WebSocket streaming, or building voice-powered applications.
Gebruik deze skill wanneer de gebruiker de huidige (geschatte) waarde van een woning wil berekenen op basis van aankoopprijs, aankoopjaar, aankoopkwartaal en provincie.
WordPress and WooCommerce development guidelines with PHP best practices, security standards, and extensibility patterns
WordOps is an open-source CLI tool that installs and manages a complete high-performance WordPress server stack with Nginx, PHP, MariaDB, and Redis in a few keystrokes.
Complete WordPress development workflow covering theme development, plugin creation, WooCommerce integration, performance optimization, and security hardening.
WordPress development best practices - coding standards, custom post types, security, performance, hooks/filters, and template hierarchy.
WordPress plugin development workflow covering plugin architecture, hooks, admin interfaces, REST API, security best practices, and WordPress 7.0 features: Real-Time…
Develops custom WordPress themes and plugins, creates and registers Gutenberg blocks and block patterns, configures WooCommerce stores, implements WordPress REST API endpoints,…
Use when the user asks about WordPress codebases (plugins, themes, block themes, Gutenberg blocks, WP core checkouts) and you need to quickly classify the repo and route to the…
Workhuman security basics for employee recognition and rewards API. Use when integrating Workhuman Social Recognition, or building recognition workflows with HRIS systems.
Use when developing WordPress plugins: architecture and hooks, activation/deactivation/uninstall, admin UI and Settings API, data storage, cron/tasks, security…
WordPress theme and plugin review skill. Detects whether a target path is a theme or plugin, runs security and standards checks, scores the findings, and writes a markdown report.
WPScan is an open-source WordPress security scanner that detects vulnerabilities in plugins, themes, and core installations.
CLI para organizar PDFs y libros con metadata generada por IA, búsqueda full-text (SQLite FTS5) y backups a iCloud o S3.