Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkillsSecurity › Page 73

Claude Security Skills (Page 73 of 105)

Security auditing, penetration testing, vulnerability scanning, OWASP, cloud security, and compliance skills for Claude Code.

6,245 skills · updated 2026-06-17 · showing 4321–4380 of 6,245 by quality score

Sub-topics:Web Security (756)Threat Hunting (478)Red Team (457)Identity Access (330)Network Security (284)Appsec Tools (282)Compliance (159)Forensics (140)

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

red-team-verifier-patrick-munro
Adversarial verification for AI-generated legal content with systematic fact-checking, source validation, and quality control.
redaccion-cientifica-es
Usar siempre que el usuario escriba, redacte, revise o traduzca texto científico/académico en ESPAÑOL — artículos, papers, tesis, abstracts, introducciones, metodologías,…
redirect
AI pressure redirection — handling conflicting demands, tool failures, and competing constraints by blending with incoming force then reframing.
redis-security
Redis security guidance covering authentication (requirepass and ACL users), TLS, ACL-based least-privilege access control, restricting network exposure via bind and…
redteam
Spawn a one-shot red-team subagent to challenge a milestone result. Calibrated to return "nothing substantive" when the work is sound — does not invent issues to seem thorough.
redteam-ad-detail-pack
Detailed Active Directory attack-path pack for kerberos, ACL, ADCS, and NTLM relay routes.
redteam-code-audit-detail-pack
Detailed code-audit pack for entrypoint tracing, trust boundaries, exploit proofs, and sink selection.
redteam-commercial-court-qualitygate
Red-Team-Gate für alle Commercial-Court-Outputs: Zuständigkeit, Sprache, Fristen, Beweise, Übersetzungen, Geheimnisschutz, Kosten, Rechtsmittel.
redteam-crypto-detail-pack
Detailed cryptography pack for RSA, hash, symmetric-cipher, lattice, stego, and classical-cipher attack paths.
RedTeam
Adversarial analysis with 32 agents. USE WHEN red team, attack idea, counterarguments, critique, stress test. SkillSearch('redteam') for docs.
redteam-evasion-detail-pack
Detailed evasion pack for AV/EDR, WAF, 403/CSP bypass, and sandbox-oriented analysis.
redteam-injection-detail-pack
Detailed injection pack for SSRF, SQLi, XSS, SSTI, deserialization, XML, command, and expression injection paths.
redteam-mindset
Red-team operator discipline — the mindset corrections that separate offensive testing from defensive WAPT.
redteam-plugin-development
Standards for creating redteam plugins and graders. Use when creating new plugins, writing graders, or modifying attack templates.
redteam-postex-detail-pack
Detailed post-exploitation pack for foothold triage, privesc, credentials, lateral movement, and tunneling.
redteam-recon-detail-pack
Detailed reconnaissance pack for attack-surface discovery, docs review, and pre-exploitation signal gathering.
redteam-report-template
Client-facing red-team deliverable format — codifies the Subject / Observations / Description / Impact / Recommendation / PoC structure used for external red-team engagements (not…
redteam-reverse-detail-pack
Detailed reverse-engineering pack for binaries, loaders, anti-analysis, deobfuscation, and exploitability clues.
redteam-review
Adversarial security review fleet for the Port Daddy whitepapers (Bonded Commons, Anchor Protocol). Use when a paper version is being prepared, when a coordination/cryptographic…
redteam-web-detail-pack
Detailed web/API/auth/injection/file/logic testing pack for hook-routed red-team mode.
reentrancy-pattern-analysis
Systematically detects all reentrancy vulnerability variants in smart contracts — classic, cross-function, cross-contract, and read-only reentrancy.
regle-advanced
Advanced Regle form validation patterns — collection validation with `$each`, async rules and `$pending`, server/`externalErrors`, `$reset` options, global config with…
regulatory-compliance
Audit codebases for cross-industry regulatory compliance across SOX, GDPR, HIPAA, PCI-DSS, CCPA/CPRA, FedRAMP, FISMA, COPPA, and FERPA.
regulatory-monitor
Track legislation, regulatory actions, and legal developments affecting prediction markets, crypto, and AI agents — triaged by stage × impact for decision-ready output
regulatory-veto
Use when validating code, a SPEC or an Intent against the 4 Tier 1 governance agents (AI-ACT, RGPD, RGAA, RGESN). Emits PASS / WARN / VETO with structured remediation.
role-database:relational-databases
Deep operational guide for 20 relational/SQL databases. PostgreSQL tuning (VACUUM, WAL, partitioning, extensions, PgBouncer), MySQL/MariaDB (InnoDB, Vitess, Galera, ProxySQL),…
relay-audit
Audit an existing CI/CD pipeline for slowness, security issues, and reliability gaps. Use when asked to "audit pipeline", "why is CI slow", "pipeline review", or "deployment…
release-check
Pre-release verification checklist. Validates features, tests, docs, security, and quality gates before shipping. Delegates to the Centinela (QA) agent.
release-checklist
Sequential release gate validating build success, test suite, security checks, type checking, manifest counts consistency, and changelog presence.
release-review
Senior developer-level release review for macOS/iOS apps. Identifies security, privacy, UX, and distribution issues with actionable fixes.
releasing-versions
Manages release preparation including validation, version bumping, documentation verification, and security checks.
reliability-dr-planner
Define deployment reliability, availability zones, failover, degradation, backup, restore, RPO, RTO, disaster recovery, resilience testing, and recovery ownership.
remediation-tracking
Track vulnerability remediation performance, SLA compliance, and trending direction. Identifies areas falling behind, blindspots with runtime risk but no CVE tracking, and…
remofirst-security-basics
RemoFirst security basics — global HR, EOR, and payroll platform integration. Use when working with RemoFirst for global employment, payroll, or compliance.
remora
Use when working with the REMORA system — calling MCP tools for document analysis, legal verification, or security research, OR developing/deploying REMORA workers and benchmarks,…
remote-site-settings
Use when configuring Remote Site Settings to allow Apex callouts to external URLs, or when distinguishing Remote Site Settings from CSP Trusted Sites for Lightning component…
reopt-cli
Baseline guidance for the reopt CLI — authentication, login, global flags, security rules, and exit codes.
replication-patterns
Use when designing how a database keeps multiple copies of its data in agreement across nodes for availability, read scaling, and disaster recovery: the three foundational…
replit-data-handling
Implement secure data handling on Replit: PostgreSQL, KV Database, Object Storage, and data security patterns.
replit-enterprise-rbac
Configure Replit Teams roles, SSO/SAML, custom groups, and organization-level access control. Use when setting up team permissions, configuring SSO, managing deployment access, or…
replit-policy-guardrails
Enforce security and resource policies for Replit-hosted apps: secrets exposure prevention, resource limits, deployment visibility, and database access controls.
replit-security-basics
Apply Replit security best practices: Secrets management, REPL_IDENTITY tokens, Auth headers, and public Repl safety.
repo-analysis
Dual-lens repo analysis: Creator View (knowledge, insights, home-repo comparison) + Engineer View (health, security, process).
repo-audit
Deep analysis of Git history: identify frequently changed hotspot files, analyze code ownership by contributor, and scan for leaked secrets.
repo-eval
Multi-dimensional codebase evaluation with verified scoring. Launches parallel explore agents, cross-checks findings with direct verification, produces calibrated 1-10 scorecard…
repo-first-defense
Auditoría defensiva para repositorios AI-native. Usar SIEMPRE que el usuario quiera revisar un repo antes de lanzar, mergear, actualizar dependencias, migrar package manager,…
repo-guardian
Pre-clone security scanner — detect malicious hooks, poisoned MCP configs, credential-harvesting patterns before Claude Code processes repos
repo-modernize-upgrade-audit
Repo/monorepo—dep modernize, vuln fix, framework-aware upgrade, hard-cut, dep-native refactors.
repo-modernizer
Repo/monorepo modernization: dependency upgrades, security fixes, deprecation cleanup, framework migrations, dependency-native refactors, and verified hard-cut simplification.
repo-radar
Analisa e classifica um repositório GitHub via repo-radar CLI (SQLite + LLM), registrando o veredito em PROJECT_EVALUATIONS.md
repo-security-review
Security audit for GitHub repositories before installation. Use when user wants to check if a repo/app is safe to install, review install scripts for malicious code, verify an…
repo-sentinel
Full security audit for public repositories across 12 attack surfaces: git history, secrets, CI/CD, containers, dependencies, licenses.
repomix
Package entire code repositories into single AI-friendly files using Repomix. Capabilities include pack codebases with customizable include/exclude patterns, generate multiple…
repomix-codebase-context-packer-llm
Repomix packs an entire code repository into a single AI-friendly file optimized for LLM consumption.
repomix
Pack repositories into AI-friendly files with Repomix (XML, Markdown, plain text). Use for codebase snapshots, LLM context preparation, security audits, third-party library…
repomix-safe-mixer
Safely package codebases with repomix by automatically detecting and removing hardcoded credentials before packing.
report-malicious-repository
Identify and report potentially malicious software repositories masquerading as legitimate security tools
reproduce-sql-injection-paths-and-map-database-takeover-options-
Take a suspected injectable request, replay it on an authorized target, confirm the finding, and enumerate reachable database actions before manual follow-up.
required-status-checks
CI/CD pipelines as merge gates. Tests, security scans, and linting must pass before code reaches production. Automated validation that satisfies auditors.
residential-lease
Drafts jurisdictionally compliant U.S. residential lease agreements with required disclosures, security deposit compliance, and Fair Housing Act conformance.

Keep exploring Security

Sub-topics:Web Security (756)Threat Hunting (478)Red Team (457)Identity Access (330)Network Security (284)Appsec Tools (282)
Top tags:#type:audit (1,083)#type:review (917)#type:integration (509)#type:scanner (385)#ai:agent (220)#lang:python (112)#ai:claude (109)#cloud:aws (96)
Top authors:mahipal (437)Jeremy Longshore (309)Klotzkette (257)ndesv21 (120)majiayu000 (116)
Learn:Security audit use-caseSKILL.md referenceTop 100 skills
Search all 6,245 Security skills →

Categories

Use cases

Popular tags

Learn

Site