Open a tracking issue in for a security-relevant fix that has already been opened (or merged) as a public PR in , in the case where there is no inboun — from…
Optional sub-skill of `security-issue-import`, `security-issue-invalidate`, and `security-issue-sync` that handles the *relay/forwarder* case: a report that did not arrive…
Close an `` tracking issue as invalid: apply the `invalid` label, remove the scope label, post a short closing comment, archive the item from the project board — from…
Synchronize a security issue in with the state of its GitHub discussion, the mailing thread, and any PRs that fix it.
For each open `` issue carrying the `needs triage` label, read body + comments and classify the candidate disposition into one of five classes: VALID / DEFENSE-IN-DEPTH /…
Security Journey integration. Manage data, records, and automate workflows. Use when the user wants to interact with Security Journey data.
Comprehensive JWT authentication and authorization implementation with security best practices for .NET applications
Manage security policies, firewall zones, access control rules (ACLs), and guest network access. Perform comprehensive security audits and compliance reviews.
Real-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.
Automate security monitoring, threat detection, incident response, and compliance workflows
Security audit orchestrator - parallel dependency scanning, SAST pattern detection, auth/config review.
Route a security task to the right skill among six specialists — defensive code review, offensive/bounty vulnerability hunting, agent-config (.claude) auditing, source-asset &…
Monitor social platforms for security threats, vulnerability discussions, and breach intelligence using Xpoz.
Expert at securing web applications against OWASP Top 10 vulnerabilities. Covers authentication, authorization, input validation, XSS prevention, CSRF protection, secure headers,…
Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases — from…
Auto-activates when user mentions security, vulnerabilities, OWASP, or secure coding. Expert in web security including OWASP Top 10, authentication, authorization, and secure…
Walk the current diff (or the whole repo) against SECURITY.md's trust-boundary table and "Where I'd look" list, invariant by invariant, delegating the adversarial review to the…
Security patterns and OWASP guidelines. Triggers on: security review, OWASP, XSS, SQL injection, CSRF, authentication, authorization, secrets management, input validation, secure…
Use when the user asks to perform security audits, penetration testing, vulnerability scanning, OWASP Top 10 checks, or offensive security assessments.
Plans security penetration tests for web applications. Analyzes codebase, API routes, auth implementation, and infrastructure config to generate comprehensive pentest plans.
Bundle of 90+ granular skills for Active Directory, Kerberos, Reverse Engineering, and Vulnerability analysis.
Use when changes touch auth, permissions, secrets, env files, deploy config, external messages, data export/import, production DB writes, or customer-visible behavior; surfaces…
Automated PII detection and redaction for client data protection. Scans outputs, logs, artifacts, and communications for sensitive data before external exposure.
Security Policy Generator - Auto-activating skill for Security Advanced. Triggers on: security policy generator, security policy generator Part of the Security Advanced skill…
Secure coding with Claude Code - vulnerability prevention, secrets, security review
Security QA scenarios: abuse cases, negative tests, permissions, tenants, repros.
Scan code or configuration for common security issues. Use when a mid-level developer needs a quick security pass.
System-tier red-team agent: proposes adversarial attack patterns the sentinel should catch. Structurally separated from the sentinel — never authors eval suites targeting itself.
Generate security assessment reports in docx format with findings, risk ratings, and remediation recommendations.
Generate security assessment reports in docx format with findings, risk ratings, and remediation recommendations.
Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or buildi — from…
Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or buildi — from…
Team Mode security research skill. Orchestrates 3 vulnerability hunters and 2 PoC engineers to audit a codebase in parallel, prove exploitability, classify root causes, and…
Security vulnerability assessment identifying OWASP risks, injection vectors, authentication issues, and data exposure with severity classification.
Security anti-patterns — localStorage token storage (XSS risk), trusting client-side authorization checks, reflecting full error details to clients, blacklist vs whitelist input…
Security-review methodology for the security-reviewer-agent — surfaces fuzzy security risks the deterministic lint cannot see (prompt-injection openings, scope-bypass patterns,…
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices gu — from…
Audit a pull request diff for common security concerns (input validation, sanitization, authentication and authorization, secrets management, unsafe dependencies, and related…
Audit a product or tech spec pull request diff for high-level security concerns (threat surface, authentication and authorization model, trust boundaries, sensitive data handling,…
Security patterns for Web3 and blockchain applications — Solana wallet signature verification, transaction validation, smart contract interaction security, and checklist for…
Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance.
Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage…
Scan the codebase for security vulnerabilities based on the OWASP Top 10. Use when the user asks to audit security, find vulnerabilities, check for security issues, or says…
引导自动化安全扫描、依赖包审计和机密检测。 使用时机:依赖审计、CVE 扫描、机密检测、许可证合规。 关键字:scan, audit, CVE, dependency, secret, SBOM, vulnerability, 扫描, 漏洞。
Comprehensive database security scanner with OWASP compliance checks, vulnerability detection, and automated remediation
Schneller Security-Scan der Speicher Analyse Tauri-App (React + TypeScript Frontend). Prüft Command Injection, XSS, Path Traversal und Tauri-Sicherheitskonfiguration.
Use when scanning files for security vulnerabilities. Runs comprehensive security analysis via subagent, returns concise actionable summary to main context.
Security-Scanner Agent fuer fabrikIQ und andere Projekte. Fuehrt umfassende Sicherheitspruefungen durch. — from tools-only/X-Skills
Scan AI agent skills for security vulnerabilities, dangerous code patterns, and undeclared permissions.
AgentShield security audit with 5 scanning categories, 102 static analysis rules, and optional red-team simulation.
You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security.
Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.
Automatisation d'audits de sécurité incluant scanning, reporting, intégration CI/CD et remediation tracking.
Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10.
Frozen baseline sentinel — runs deterministic-only checks. The gateway-side SentinelRunner executes the checks without LLM calls; the llm_config here is a thin orchestrator…
Detect prompt injection, jailbreak, role-hijack, and system extraction attempts. Applies multi-layer defense with semantic analysis and penalty scoring.
Build and operate the "Security Skill Gap Diagnoser" capability for Security and Privacy. Trigger when this exact capability is needed in mission execution.
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Guide pour analyste SOC — triage d'alertes, investigation, SIEM, indicateurs de compromission et playbooks de réponse.
סיוע באבטחת אפליקציות ווב ו-APIs. השתמש כשמבקשים לאבטח פרויקט, לבדוק חולשות, להגדיר הרשאות, לנהל API keys, או להגן על נתונים.