Sinh TOML semantic index cho ảnh/video raw để các skill phía sau map vào kịch bản. Ưu tiên đọc từ asset-index SQLite vector DB (mỗi file gọi Gemini đúng 1 lần trong toàn bộ…
Score 70/100
Execute automate SOC 2 audit preparation including evidence gathering, control assessment, and compliance gap identification.
Score 70/100
Assume AWS IAM role for CloudFormation operations and set temporary credentials as environment variables.
Score 70/100
Use when analyzing complex codebases for security vulnerabilities, performance issues, and structural patterns - provides systematic AST-based approach using ast-grep for…
Score 70/100
Security patterns for Astro lead generation websites on Cloudflare. Forms, headers, bot protection, GDPR. Use for any production lead gen site.
Score 70/100
OWASP ASVS 5.0 requirements database for security audits. Provides chapter structure, control objectives, and verification requirements for all 17 ASVS domains.
Score 70/100
Enforce lint, formatting, typing, testing, and security hygiene across the ATFT-GAT-FAN codebase.
Score 70/100
Security audits, vulnerability analysis, and security best practices enforcement
Score 70/100
Full 9-phase workflow for complex features, epics, and security-critical changes (2-4 hours)
Score 70/100
Manages MongoDB Atlas Stream Processing (ASP) workflows. Handles workspace provisioning, data source/sink connections, processor lifecycle operations, debugging diagnostics, and…
Score 70/100
Atlassian Administrator for managing and organizing Atlassian products (Jira, Confluence, Bitbucket, Trello), users, permissions, security, integrations, system configuration, and…
Score 70/100
Looks up OWASP Top 10 attack methods, CWE references, and form-specific vulnerability patterns with a bounty hunter mindset.
Score 70/100
Generates strategic attack trees and kill chains from reconnaissance data or domain input. Maps MITRE ATT&CK TTPs, identifies chaining opportunities, trust relationships, and…
Score 70/100
Attack Surface Analyzer - Auto-activating skill for Security Advanced. Triggers on: attack surface analyzer, attack surface analyzer Part of the Security Advanced skill category.
Score 70/100
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
Score 70/100
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
Score 70/100
Secure Attio API integrations -- token scoping, secret management, scope auditing, webhook signature verification, and rotation procedures.
Score 70/100
Comprehensive security and code quality audit. Use for thorough security, vulnerability, and code quality analysis. Related: project-health-checker for quick diagnostic checks.
Score 70/100
Run targeted AWS, Azure, or GCP security and compliance audits when an agent needs actionable cloud findings instead of a generic cloud-security platform overview.
Score 70/100
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
Score 70/100
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
Score 70/100
Run npm audit and check for outdated/vulnerable dependencies. Returns structured output with vulnerability counts by severity, outdated packages, and recommended updates.
Score 70/100
Inspect and flush staged audit-trail entries to the remote trail repository. Use when the user asks to "flush audit trail", "show what's pending in audit trail", "dry-run audit…
Score 70/100
Run a focused security pass on GitHub Actions workflows before merge so token misuse, dangerous permissions, and unpinned actions are caught early.
Score 70/100
This ASE skill uses zizmor to audit GitHub Actions workflows and composite actions for security mistakes before they ship.
Score 70/100
Shared audit integrity framework for all AppSec agents — enforces output quality, intellectual honesty, and continuous improvement through anti-rationalization guards,…
Score 70/100
Comprehensive audit logging for compliance and security. Track user actions, data changes, and system events with tamper-proof storage.
Score 70/100
Run comprehensive parallel audit — dispatches specialized agents by scope (frontend, backend, infra, security)
Score 70/100
Prepare Solidity projects for a security audit — test coverage, test quality, NatSpec docs, code hygiene, dependency health, best-practice enforcement, deployment readiness, and…
Score 70/100
Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures…
Score 70/100
Prepare your codebase for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures…
Score 70/100
Scan Python requirements and environments for known vulnerable or malicious packages before they move further through delivery or promotion workflows.
Score 70/100
Check Python environments and requirements files for published vulnerabilities before shipping, upgrading, or approving dependency changes.
Score 70/100
Reviews pull requests for compliance regressions. Scans code diffs for security and compliance violations, flags issues, and suggests fixes aligned with frameworks like SOC 2, ISO…
Score 70/100
Template and formatting guidelines for security audit reports. Provides consistent structure for findings, severity classification, ASVS mapping, and remediation recommendations.
Score 70/100
Quick security audit checking for hardcoded secrets, SSRF vectors, injection points, dependency issues, and missing security headers
Score 70/100
Use when adding packages, bumping versions, or responding to security alerts. Enforces supply chain security and vulnerability remediation.
Score 70/100
Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated…
Score 70/100
Audit Trail Helper - Auto-activating skill for Enterprise Workflows. Triggers on: audit trail helper, audit trail helper Part of the Enterprise Workflows skill category.
Score 70/100
Comprehensive guide to implementing audit trails and logging for AI agents including tracing, observability, compliance, and debugging
Score 70/100
Audit websites for SEO, technical, content, and security issues using squirrelscan CLI. Returns LLM-optimized reports with health scores, broken links, meta tag analysis, and…
Score 70/100
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization.
Score 70/100
Systematically audit AWS S3 bucket permissions to identify publicly accessible buckets, overly permissive ACLs,
Score 70/100
Auditing Microsoft Entra ID (Azure Active Directory) configuration to identify risky authentication policies,
Score 70/100
Auditing and updating npm dependencies to prevent security vulnerabilities in TypeScript projects
Score 70/100
Auditing Google Cloud Platform IAM permissions to identify overly permissive bindings, primitive role usage,
Score 70/100
Audits the fit between a model's reasoning capability and the complexity of the context it receives. Use when an AI system is underperforming despite good retrieval, when teams…
Score 70/100
Auditing Kubernetes cluster RBAC configurations to identify overly permissive roles, wildcard permissions, dangerous
Score 70/100
Audits notification permission request flows. Use when reviewing or improving permission prompts, settings paths, or denial handling.
Score 70/100
Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
Score 70/100
Use when reviewing website copy, SEO titles/descriptions, marketing content, or public messaging - applies Anil Dash's shareability framework to ensure others can authentically…
Score 70/100
Use when running a technical SEO audit, debugging Core Web Vitals regressions, checking indexability, validating schema and sitemaps, diagnosing why a site isn't ranking, or…
Score 70/100
Auditing Terraform infrastructure-as-code for security misconfigurations using Checkov, tfsec, Terrascan, and
Score 70/100
Monitors Certificate Transparency (CT) logs to detect unauthorized certificate issuance, discover subdomains
Score 70/100
Audit wallet security by analyzing token approvals, permissions, and transaction patterns. Use when checking wallet security, reviewing approvals, or assessing risk exposure.
Score 70/100
Sonnet Amplified fullstack engine. 34 modes, SEC-01~15 OWASP security, 13 runtime hooks, 75% token reduction. Install: npx @smorky85/aurakit
Score 70/100
Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures.
Score 70/100
Review and analyze authentication and authorization patterns for security vulnerabilities.
Score 70/100
Better Auth integration specialist for user authentication, sessions, and security management
Score 70/100
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems.
Score 70/100