Security
284 skills in this category
ai-engineering-toolkit
6 production-ready AI engineering workflows: prompt evaluation (8-dimension scoring), context budget planning, RAG pipeline design, agent security audit (65-point checklist), eval harness building, and product sense coaching.
securityprompt-engineeringragsecurity
by sickn33 (Antigravity) · antigravity-awesome-skills
audit-skills
Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
securitysecurityauditskills
by sickn33 (Antigravity) · antigravity-awesome-skills
security-review
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
security-reviewsecurityreviewapi
by affaan-m · everything-claude-code
clinical-decision-support
Generate professional clinical decision support (CDS) documents for pharmaceutical and clinical research settings, including patient cohort analyses (biomarker-stratified with outcomes) and treatment recommendation reports (evidence-based guidelines with decision algorithms). Supports GRADE evidence grading, statistical analysis (hazard ratios, survival curves, waterfall plots), biomarker integration, and regulatory compliance. Outputs publication-ready LaTeX/PDF format optimized for drug development, clinical research, and evidence synthesis.
clinical-decision-supportclinicaldecisionsupport
by K-Dense-AI · claude-scientific-skills
clinical-reports
Write comprehensive clinical reports including case reports (CARE guidelines), diagnostic reports (radiology/pathology/lab), clinical trial reports (ICH-E3, SAE, CSR), and patient documentation (SOAP, H&P, discharge summaries). Full support with templates, regulatory compliance (HIPAA, FDA, ICH-GCP), and validation tools.
clinical-reportsclinicalreportsgcp
by K-Dense-AI · claude-scientific-skills
api-fuzzing-bug-bounty
Provide comprehensive techniques for testing REST, SOAP, and GraphQL APIs during bug bounty hunting and penetration testing engagements. Covers vulnerability discovery, authentication bypass, IDOR exploitation, and API-specific attack vectors.
securityapifuzzingbug
by sickn33 (Antigravity) · antigravity-awesome-skills
codebase-cleanup-deps-audit
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
securitycodebasecleanupdeps
by sickn33 (Antigravity) · antigravity-awesome-skills
skill-creator
To create new CLI skills following Anthropic's official best practices with zero manual configuration. This skill automates brainstorming, template application, validation, and installation processes while maintaining progressive disclosure patterns and writing style standards.
security[automationscaffoldingskill-creation
by sickn33 (Antigravity) · antigravity-awesome-skills
spec-to-code-compliance
Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitepapers, finding gaps between specs and implementation, or performing compliance checks for protocol implementations.
securityspectocode
by sickn33 (Antigravity) · antigravity-awesome-skills
fullstack-guardian
Builds security-focused full-stack web applications by implementing integrated frontend and backend components with layered security at every level. Covers the complete stack from database to UI, enforcing auth, input validation, output encoding, and parameterized queries across all layers. Use when implementing features across frontend and backend, building REST APIs with corresponding UI, connecting frontend components to backend endpoints, creating end-to-end data flows from database to UI, or implementing CRUD operations with UI forms. Distinct from frontend-only, backend-only, or API-only skills in that it simultaneously addresses all three perspectives—Frontend, Backend, and Security—within a single implementation workflow. Invoke for full-stack feature work, web app development, authenticated API routes with views, microservices, real-time features, monorepo architecture, or technology selection decisions.
fullstack-guardianfullstackguardiansecurity
by Jeffallan · jeffallan-claude-skills
secure-code-guardian
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.
secure-code-guardiansecurecodeguardian
by Jeffallan · jeffallan-claude-skills
spring-boot-engineer
Generates Spring Boot 3.x configurations, creates REST controllers, implements Spring Security 6 authentication flows, sets up Spring Data JPA repositories, and configures reactive WebFlux endpoints. Use when building Spring Boot 3.x applications, microservices, or reactive Java applications; invoke for Spring Data JPA, Spring Security 6, WebFlux, Spring Cloud integration, Java REST API design, or Microservices Java architecture.
spring-boot-engineerspringbootengineer
by Jeffallan · jeffallan-claude-skills
wordpress-pro
Develops custom WordPress themes and plugins, creates and registers Gutenberg blocks and block patterns, configures WooCommerce stores, implements WordPress REST API endpoints, applies security hardening (nonces, sanitization, escaping, capability checks), and optimizes performance through caching and query tuning. Use when building WordPress themes, writing plugins, customizing Gutenberg blocks, extending WooCommerce, working with ACF, using the WordPress REST API, applying hooks and filters, or improving WordPress performance and security.
wordpress-prowordpressprorest
by Jeffallan · jeffallan-claude-skills
research-grants
Write competitive research proposals for NSF, NIH, DOE, DARPA, and Taiwan NSTC. Agency-specific formatting, review criteria, budget preparation, broader impacts, significance statements, innovation narratives, and compliance with submission requirements.
research-grantsresearchgrants
by K-Dense-AI · claude-scientific-skills
treatment-plans
Generate concise (3-4 page), focused medical treatment plans in LaTeX/PDF format for all clinical specialties. Supports general medical treatment, rehabilitation therapy, mental health care, chronic disease management, perioperative care, and pain management. Includes SMART goal frameworks, evidence-based interventions with minimal text citations, regulatory compliance (HIPAA), and professional formatting. Prioritizes brevity and clinical actionability.
treatment-planstreatmentplans
by K-Dense-AI · claude-scientific-skills
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
securityagenticactionsauditor
by sickn33 (Antigravity) · antigravity-awesome-skills
browser-extension-builder
You extend the browser to give users superpowers. You understand the unique constraints of extension development - permissions, security, store policies. You build extensions that people install and actually use daily. You know the difference between a toy and a tool.
securitybrowserextensionbuilder
by sickn33 (Antigravity) · antigravity-awesome-skills
comprehensive-review-pr-enhance
Generate structured PR descriptions from diffs, add review checklists, risk assessments, and test coverage summaries. Use when the user says "write a PR description", "improve this PR", "summarize my changes", "PR review", "pull request", or asks to document a diff for reviewers.
securitycomprehensiveprenhance
by sickn33 (Antigravity) · antigravity-awesome-skills
dependency-management-deps-audit
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
securitydependencydepsaudit
by sickn33 (Antigravity) · antigravity-awesome-skills
ethical-hacking-methodology
Master the complete penetration testing lifecycle from reconnaissance through reporting. This skill covers the five stages of ethical hacking methodology, essential tools, attack techniques, and professional reporting for authorized security assessments.
securityethicalhackingmethodology
by sickn33 (Antigravity) · antigravity-awesome-skills
linux-privilege-escalation
Execute systematic privilege escalation assessments on Linux systems to identify and exploit misconfigurations, vulnerable services, and security weaknesses that allow elevation from low-privilege user access to root-level control.
securitylinuxprivilegeescalation
by sickn33 (Antigravity) · antigravity-awesome-skills
linux-shell-scripting
Provide production-ready shell script templates for common Linux system administration tasks including backups, monitoring, user management, log analysis, and automation. These scripts serve as building blocks for security operations and penetration testing environments.
securitylinuxshellscripting
by sickn33 (Antigravity) · antigravity-awesome-skills
security-compliance-compliance-check
You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance.
securitysecuritycompliancecheck
by sickn33 (Antigravity) · antigravity-awesome-skills
security-scanning-security-dependencies
You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.
securitysecurityscanningdependencies
by sickn33 (Antigravity) · antigravity-awesome-skills
top-web-vulnerabilities
Provide a comprehensive, structured reference for the 100 most critical web application vulnerabilities organized by category. This skill enables systematic vulnerability identification, impact assessment, and remediation guidance across the full spectrum of web security threats.
securitytopwebvulnerabilities
by sickn33 (Antigravity) · antigravity-awesome-skills
xss-html-injection
Execute comprehensive client-side injection vulnerability assessments on web applications to identify XSS and HTML injection flaws, demonstrate exploitation techniques for session hijacking and credential theft, and validate input sanitization and output encoding mechanisms.
securityxsshtmlinjection
by sickn33 (Antigravity) · antigravity-awesome-skills
cookbook-audit
Audit an Anthropic Cookbook notebook based on a rubric. Use whenever a notebook review or audit is requested.
cookbook-auditcookbookaudit
by Anthropic · claude-cookbooks
broken-authentication
Identify and exploit authentication and session management vulnerabilities in web applications. Broken authentication consistently ranks in the OWASP Top 10 and can lead to account takeover, identity theft, and unauthorized access to sensitive systems.
securitybrokenauthentication
by sickn33 (Antigravity) · antigravity-awesome-skills
burp-suite-testing
Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability scanning, and manual testing workflows.
securityburpsuite
by sickn33 (Antigravity) · antigravity-awesome-skills
burpsuite-project-parser
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.
securityburpsuiteparser
by sickn33 (Antigravity) · antigravity-awesome-skills
cicd-automation-workflow-automate
You are a workflow automation expert specializing in creating efficient CI/CD pipelines, GitHub Actions workflows, and automated development processes. Design and implement automation that reduces manual work, improves consistency, and accelerates delivery while maintaining quality and security.
securitycicdautomate
by sickn33 (Antigravity) · antigravity-awesome-skills
fixing-accessibility
Audit and fix HTML accessibility issues including ARIA labels, keyboard navigation, focus management, color contrast, and form errors. Use when adding interactive controls, forms, dialogs, or reviewing WCAG compliance.
securityfixingaccessibility
by sickn33 (Antigravity) · antigravity-awesome-skills
html-injection-testing
Identify and exploit HTML injection vulnerabilities that allow attackers to inject malicious HTML content into web applications. This vulnerability enables attackers to modify page appearance, create phishing pages, and steal user credentials through injected forms.
securityhtmlinjection
by sickn33 (Antigravity) · antigravity-awesome-skills
lightning-architecture-review
Review Bitcoin Lightning Network protocol designs, compare channel factory approaches, and analyze Layer 2 scaling tradeoffs. Covers trust models, on-chain footprint, consensus requirements, HTLC/PTLC compatibility, liveness, and watchtower support.
securitylightningarchitecture
by sickn33 (Antigravity) · antigravity-awesome-skills
metasploit-framework
⚠️ AUTHORIZED USE ONLY > This skill is for educational purposes or authorized security assessments only. > You must have explicit, written permission from the system owner before using this tool. > Misuse of this tool is illegal and strictly prohibited.
securitymetasploitframework
by sickn33 (Antigravity) · antigravity-awesome-skills
network-101
Configure and test common network services (HTTP, HTTPS, SNMP, SMB) for penetration testing lab environments. Enable hands-on practice with service enumeration, log analysis, and security testing against properly configured target systems.
securitynetwork101
by sickn33 (Antigravity) · antigravity-awesome-skills
pentest-commands
Provide a comprehensive command reference for penetration testing tools including network scanning, exploitation, password cracking, and web application testing. Enable quick command lookup during security assessments.
securitypentestcommands
by sickn33 (Antigravity) · antigravity-awesome-skills
red-team-tools
Implement proven methodologies and tool workflows from top security researchers for effective reconnaissance, vulnerability discovery, and bug bounty hunting. Automate common tasks while maintaining thorough coverage of attack surfaces.
securityredteam
by sickn33 (Antigravity) · antigravity-awesome-skills
smtp-penetration-testing
Conduct comprehensive security assessments of SMTP (Simple Mail Transfer Protocol) servers to identify vulnerabilities including open relays, user enumeration, weak authentication, and misconfiguration.
securitysmtppenetration
by sickn33 (Antigravity) · antigravity-awesome-skills
ssh-penetration-testing
Conduct comprehensive SSH security assessments including enumeration, credential attacks, vulnerability exploitation, tunneling techniques, and post-exploitation activities. This skill covers the complete methodology for testing SSH service security.
securitysshpenetration
by sickn33 (Antigravity) · antigravity-awesome-skills
threat-modeling-expert
Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use PROACTIVELY for security architecture reviews, threat identification, or building secure-by-design systems.
securitythreatmodeling
by sickn33 (Antigravity) · antigravity-awesome-skills
using-neon
Neon is a serverless Postgres platform that separates compute and storage to offer autoscaling, branching, instant restore, and scale-to-zero. It's fully compatible with Postgres and works with any language, framework, or ORM that supports Postgres.
securityusingneon
by sickn33 (Antigravity) · antigravity-awesome-skills
wordpress-penetration-testing
Conduct comprehensive security assessments of WordPress installations including enumeration of users, themes, and plugins, vulnerability scanning, credential attacks, and exploitation techniques. WordPress powers approximately 35% of websites, making it a critical target for security testing.
securitywordpresspenetration
by sickn33 (Antigravity) · antigravity-awesome-skills
zeroize-audit
Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.
securityzeroizeaudit
by sickn33 (Antigravity) · antigravity-awesome-skills
java-architect
Use when building, configuring, or debugging enterprise Java applications with Spring Boot 3.x, microservices, or reactive programming. Invoke to implement WebFlux endpoints, optimize JPA queries and database performance, configure Spring Security with OAuth2/JWT, or resolve authentication issues and async processing challenges in cloud-native Spring applications.
java-architectjavaarchitectsecurity
by Jeffallan · jeffallan-claude-skills
security-reviewer
Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.
security-reviewersecurityreviewertesting
by Jeffallan · jeffallan-claude-skills
azure-security-keyvault-keys-dotnet
Azure Key Vault Keys SDK for .NET. Client library for managing cryptographic keys in Azure Key Vault and Managed HSM. Use for key creation, rotation, encryption, decryption, signing, and verification.
securityazuresecuritykeyvault
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-security-keyvault-keys-java
Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working with HSM-backed keys.
securityazuresecuritykeyvault
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-security-keyvault-secrets-java
Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.
securityazuresecuritykeyvault
by sickn33 (Antigravity) · antigravity-awesome-skills
frontend-mobile-security-xss-scan
You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention. Analyze React, Vue, Angular, and vanilla JavaScript code to identify injection poi
securityfrontendmobilesecurity
by sickn33 (Antigravity) · antigravity-awesome-skills
product-manager
Senior PM agent with 6 knowledge domains, 30+ frameworks, 12 templates, and 32 SaaS metrics with formulas. Pure Markdown, zero scripts.
securityproduct-managementsaasframeworks
by sickn33 (Antigravity) · antigravity-awesome-skills
django-security
Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deployment configurations.
django-securitydjangosecuritysql
by affaan-m · everything-claude-code
customs-trade-compliance
海关文件、关税分类、关税优化、受限方筛查以及多司法管辖区法规合规的编码化专业知识。由拥有15年以上经验的贸易合规专家提供。包括HS分类逻辑、Incoterms应用、自贸协定利用以及罚款减免。适用于处理海关清关、关税分类、贸易合规、进出口文件或关税优化时使用。license: Apache-2.0
customs-trade-compliancecustomstradecompliance
by affaan-m · everything-claude-code
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
securitydocker
by sickn33 (Antigravity) · antigravity-awesome-skills
scanning-tools
Master essential security scanning tools for network discovery, vulnerability assessment, web application testing, wireless security, and compliance validation. This skill covers tool selection, configuration, and practical usage across different scanning categories.
securityscanning
by sickn33 (Antigravity) · antigravity-awesome-skills
variant-analysis
Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.
securityvariant
by sickn33 (Antigravity) · antigravity-awesome-skills
007
Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review, incident response, and infrastructure security for any project.
securitysecurityauditowasp
by sickn33 (Antigravity) · antigravity-awesome-skills
api-security-best-practices
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities
securityapisecuritybest
by sickn33 (Antigravity) · antigravity-awesome-skills
astro
Build content-focused websites with Astro — zero JS by default, islands architecture, multi-framework components, and Markdown/MDX support.
securityastrossgssr
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-cosmos-db-py
Build production-grade Azure Cosmos DB NoSQL services following clean code, security best practices, and TDD principles.
securityazurecosmosdb
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-keyvault-secrets-rust
Azure Key Vault Secrets SDK for Rust. Use for storing and retrieving secrets, passwords, and API keys. Triggers: "keyvault secrets rust", "SecretClient rust", "get secret rust", "set secret rust".
securityazurekeyvaultsecrets
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-keyvault-secrets-ts
Manage secrets using Azure Key Vault Secrets SDK for JavaScript (@azure/keyvault-secrets). Use when storing and retrieving application secrets or configuration values.
securityazurekeyvaultsecrets
by sickn33 (Antigravity) · antigravity-awesome-skills
codebase-audit-pre-push
Deep audit before GitHub push: removes junk files, dead code, security holes, and optimization issues. Checks every file line-by-line for production readiness.
securitycodebaseauditpre
by sickn33 (Antigravity) · antigravity-awesome-skills
comfyui-gateway
REST API gateway for ComfyUI servers. Workflow management, job queuing, webhooks, caching, auth, rate limiting, and image delivery (URL + base64).
securitycomfyuiapi-gatewayimage-generation
by sickn33 (Antigravity) · antigravity-awesome-skills
context-guardian
Guardiao de contexto que preserva dados criticos antes da compactacao automatica. Snapshots, verificacao de integridade e zero perda de informacao.
securitycontextdata-integritysnapshots
by sickn33 (Antigravity) · antigravity-awesome-skills
fda-food-safety-auditor
Expert AI auditor for FDA Food Safety (FSMA), HACCP, and PCQI compliance. Reviews food facility records and preventive controls.
securityfdafoodsafety
by sickn33 (Antigravity) · antigravity-awesome-skills
fda-medtech-compliance-auditor
Expert AI auditor for Medical Device (SaMD) compliance, IEC 62304, and 21 CFR Part 820. Reviews DHFs, technical files, and software validation.
securityfdamedtechcompliance
by sickn33 (Antigravity) · antigravity-awesome-skills
framework-migration-deps-upgrade
You are a dependency management expert specializing in safe, incremental upgrades of project dependencies. Plan and execute dependency updates with minimal risk, proper testing, and clear migration pa
securityframeworkmigrationdeps
by sickn33 (Antigravity) · antigravity-awesome-skills
leiloeiro-edital
Analise e auditoria de editais de leilao judicial e extrajudicial. Riscos ocultos, clausulas perigosas, debitos, ocupante e classificacao da oportunidade.
securityauctionlegal-analysisrisk
by sickn33 (Antigravity) · antigravity-awesome-skills
lex
Centralized 'Truth Engine' for cross-jurisdictional legal context (US, EU, CA) and contract scaffolding.
securitylegalcontextcross-jurisdictional
by sickn33 (Antigravity) · antigravity-awesome-skills
seo-forensic-incident-response
Investigate sudden drops in organic traffic or rankings and run a structured forensic SEO incident response with triage, root-cause analysis and recovery plan.
securityseoforensicincident
by sickn33 (Antigravity) · antigravity-awesome-skills
supply-chain-risk-auditor
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.
securitysupplychainrisk
by sickn33 (Antigravity) · antigravity-awesome-skills
security-scan
AgentShield を使用して、Claude Code の設定(.claude/ ディレクトリ)のセキュリティ脆弱性、設定ミス、インジェクションリスクをスキャンします。CLAUDE.md、settings.json、MCP サーバー、フック、エージェント定義をチェックします。
security-scansecurityscan
by affaan-m · everything-claude-code
springboot-security
Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.
springboot-securityspringbootsecurity
by affaan-m · everything-claude-code
laravel-security
Laravel security best practices for authn/authz, validation, CSRF, mass assignment, file uploads, secrets, rate limiting, and secure deployment.
laravel-securitylaravelsecurity
by affaan-m · everything-claude-code
firebase
You're a developer who has shipped dozens of Firebase projects. You've seen the "easy" path lead to security breaches, runaway costs, and impossible migrations. You know Firebase is powerful, but you also know its sharp edges.
securityfirebase
by sickn33 (Antigravity) · antigravity-awesome-skills
performing-security-code-review
Execute this skill enables AI assistant to conduct a security-focused code review using the security-agent plugin. it analyzes code for potential vulnerabilities like sql injection, xss, authentication flaws, and insecure dependencies. AI assistant uses this skill wh... Use when assessing security o
performing-security-code-reviewperformingsecuritycode
by jeremylongshore · plugins-plus-skills
auditing-access-control
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
auditing-access-controlauditingaccesscontrol
by jeremylongshore · plugins-plus-skills
validating-csrf-protection
Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.
validating-csrf-protectionvalidatingcsrfprotection
by jeremylongshore · plugins-plus-skills
checking-hipaa-compliance
Check HIPAA compliance for healthcare data security requirements. Use when auditing healthcare applications. Trigger with 'check HIPAA compliance', 'validate health data security', or 'audit PHI protection'.
checking-hipaa-compliancecheckinghipaacompliance
by jeremylongshore · plugins-plus-skills
scanning-input-validation-practices
Scan for input validation vulnerabilities and injection risks. Use when reviewing user input handling. Trigger with 'scan input validation', 'check injection vulnerabilities', or 'validate sanitization'.
scanning-input-validation-practicesscanninginputvalidation
by jeremylongshore · plugins-plus-skills
checking-owasp-compliance
Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.
checking-owasp-compliancecheckingowaspcompliance
by jeremylongshore · plugins-plus-skills
scanning-for-xss-vulnerabilities
Execute this skill enables AI assistant to automatically scan for xss (cross-site scripting) vulnerabilities in code. it is triggered when the user requests to "scan for xss vulnerabilities", "check for xss", or uses the command "/xss". the skill identifies ref... Use when appropriate context detect
scanning-for-xss-vulnerabilitiesscanningforxss
by jeremylongshore · plugins-plus-skills
accessibility-compliance-accessibility-audit
You are an accessibility expert specializing in WCAG compliance, inclusive design, and assistive technology compatibility. Conduct audits, identify barriers, and provide remediation guidance.
securityaccessibilitycomplianceaudit
by sickn33 (Antigravity) · antigravity-awesome-skills
anti-reversing-techniques
AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.
securityantireversingtechniques
by sickn33 (Antigravity) · antigravity-awesome-skills
api-endpoint-builder
Builds production-ready REST API endpoints with validation, error handling, authentication, and documentation. Follows best practices for security and scalability.
securityapiendpointbuilder
by sickn33 (Antigravity) · antigravity-awesome-skills
attack-tree-construction
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
securityattacktreeconstruction
by sickn33 (Antigravity) · antigravity-awesome-skills
azure-keyvault-py
Azure Key Vault SDK for Python. Use for secrets, keys, and certificates management with secure storage.
securityazurekeyvaultpy
by sickn33 (Antigravity) · antigravity-awesome-skills
backend-security-coder
Expert in secure backend coding practices specializing in input validation, authentication, and API security. Use PROACTIVELY for backend security implementations or security code reviews.
securitybackendsecuritycoder
by sickn33 (Antigravity) · antigravity-awesome-skills
cc-skill-security-review
This skill ensures all code follows security best practices and identifies potential vulnerabilities.
securityccskillsecurity
by sickn33 (Antigravity) · antigravity-awesome-skills
customs-trade-compliance
Codified expertise for customs documentation, tariff classification, duty optimisation, restricted party screening, and regulatory compliance across multiple jurisdictions.
securitycustomstradecompliance
by sickn33 (Antigravity) · antigravity-awesome-skills
database-migrations-sql-migrations
SQL database migrations with zero-downtime strategies for PostgreSQL, MySQL, and SQL Server. Focus on data integrity and rollback plans.
securitydatabasemigrationssql
by sickn33 (Antigravity) · antigravity-awesome-skills
frontend-security-coder
Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns.
securityfrontendsecuritycoder
by sickn33 (Antigravity) · antigravity-awesome-skills
gdpr-data-handling
Practical implementation guide for GDPR-compliant data processing, consent management, and privacy controls.
securitygdprdatahandling
by sickn33 (Antigravity) · antigravity-awesome-skills
incident-response-smart-fix
[Extended thinking: This workflow implements a sophisticated debugging and resolution pipeline that leverages AI-assisted debugging tools and observability platforms to systematically diagnose and res
securityincidentresponsefix
by sickn33 (Antigravity) · antigravity-awesome-skills
k8s-manifest-generator
Step-by-step guidance for creating production-ready Kubernetes manifests including Deployments, Services, ConfigMaps, Secrets, and PersistentVolumeClaims.
securityk8smanifestgenerator
by sickn33 (Antigravity) · antigravity-awesome-skills
k8s-security-policies
Comprehensive guide for implementing NetworkPolicy, PodSecurityPolicy, RBAC, and Pod Security Standards in Kubernetes.
securityk8ssecuritypolicies
by sickn33 (Antigravity) · antigravity-awesome-skills
laravel-security-audit
Security auditor for Laravel applications. Analyzes code for vulnerabilities, misconfigurations, and insecure practices using OWASP standards and Laravel security best practices.
securitylaravelsecurityaudit
by sickn33 (Antigravity) · antigravity-awesome-skills
m365-agents-dotnet
Microsoft 365 Agents SDK for .NET. Build multichannel agents for Teams/M365/Copilot Studio with ASP.NET Core hosting, AgentApplication routing, and MSAL-based auth.
securitym365agentsdotnet
by sickn33 (Antigravity) · antigravity-awesome-skills
m365-agents-py
Microsoft 365 Agents SDK for Python. Build multichannel agents for Teams/M365/Copilot Studio with aiohttp hosting, AgentApplication routing, streaming responses, and MSAL-based auth.
securitym365agentspy
by sickn33 (Antigravity) · antigravity-awesome-skills