Loading...
Loading...
Found 228 Skills
This skill should be used when the user asks to "set up authentication", "add login", "add logout", "configure Entra ID", "set up Azure AD auth", "add Microsoft login", "enable authentication", "set up sign in", "add role-based access", "add authorization", "protect routes", "add auth to my site", "configure identity provider", or wants to set up authentication (login/logout via Microsoft Entra ID) and role-based authorization for their Power Pages code site.
Implement, review, or improve maps and location features in iOS/macOS apps using MapKit and CoreLocation. Use when working with Map views, annotations, markers, polylines, user location tracking, geocoding, reverse geocoding, search/autocomplete, directions and routes, geofencing, region monitoring, CLLocationUpdate async streams, or location authorization flows. Also use when working with maps, coordinates, addresses, places, directions, distance calculations, or location-based features in Swift apps.
Embed and troubleshoot Enable Banking UI Widgets for terms consent, ASPSP selection, and auth flow in web applications. Use when Codex needs to load the Enable Banking widgets library, render `enablebanking-consent`, `enablebanking-aspsp-list`, or `enablebanking-auth-flow`, wire widget events into React/TanStack/Hono flows, handle sandbox/custom origins, whitelist widget origins, or choose between redirect and no-redirect authorization UX.
Tests APIs for mass assignment (auto-binding) vulnerabilities where clients can modify object properties they should not have access to by including additional parameters in API requests. The tester identifies writable endpoints, adds undocumented fields to request bodies (role, isAdmin, price, balance), and checks if the server binds these to the data model without filtering. Part of OWASP API3:2023 Broken Object Property Level Authorization. Activates for requests involving mass assignment testing, parameter binding abuse, auto-binding vulnerability, or API over-posting.
Use when securing Spring Boot API endpoints with JWT Bearer token validation, scope-based authorization, or DPoP proof-of-possession - integrates com.auth0:auth0-springboot-api SDK for REST APIs receiving access tokens from frontends or mobile apps. Triggers on Auth0AuthenticationFilter, Spring Boot API auth, JWT validation, SecurityFilterChain, hasAuthority SCOPE.
Authentication and authorization patterns. Use when implementing login flows, JWT tokens, session management, password security, OAuth 2.1, Passkeys/WebAuthn, or role-based access control.
Review code for security: injection, sensitive data, authentication and authorization, dependencies and CVEs, configuration and secrets, and crypto. Cognitive-only atomic skill; output is a findings list.
AccessorySetupKit for privacy-preserving discovery and setup of Bluetooth, Wi-Fi, or Wi-Fi Aware accessories. Use for discovery sessions, picker-based authorization, migration, accessory renaming or removal, custom filtering, and required Info.plist declarations.
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
Implement authentication and authorization using JWT, Basic Auth, or custom schemes. Use for securing API endpoints and user management.
Reference skill for Apple's CoreLocation framework in Swift/SwiftUI. Use this skill whenever the user works with location services, GPS, geofencing, beacon ranging, geocoding, compass headings, or any CLLocationManager-related code on iOS, macOS, watchOS, or visionOS. Trigger on mentions of: CoreLocation, CLLocationManager, CLLocation, location permissions, geofencing, CLMonitor, iBeacon, CLGeocoder, reverse geocoding, background location updates, "When In Use" / "Always" authorization, CLLocationUpdate, live updates, significant location changes, or any location-related Info.plist keys like NSLocationWhenInUseUsageDescription.
Review board/stockholder resolutions for corporate authority, quorum, securities authorization, and execution. Triggers: (1) 'check resolutions' → checklist review, (2) 'advise' / 'review' → full consultation with playbook, (3) 'generate' / 'template' → Skala templates URL. Jurisdiction: Delaware, USA.