Loading...
Loading...
Found 2,247 Skills
WordPress development best practices - coding standards, custom post types, security, performance, hooks/filters, and template hierarchy. Use for any WordPress theme or plugin development guidance.
Audits codebases for quantum-vulnerable cryptography and plans migration to Post-Quantum Cryptography (PQC) standards to ensure long-term data security.
Authentication and authorization expert specializing in JWT, OAuth 2.0, session management, RBAC, password security. Use for auth implementation, token management, or security issues.
Run security audit with GitLeaks pre-commit hook setup and code analysis
This skill provides comprehensive knowledge for implementing Cloudflare Turnstile, the CAPTCHA-alternative bot protection system. It should be used when integrating bot protection into forms, login pages, signup flows, or any user-facing feature requiring spam/bot prevention. Turnstile runs invisible challenges in the background, maintaining excellent user experience while blocking automated traffic. Use when: Adding bot protection to forms, implementing login security, protecting API endpoints from abuse, migrating from reCAPTCHA/hCaptcha, encountering CSP errors with Turnstile, handling token validation failures, implementing E2E tests with Turnstile, integrating with React/Next.js/Hono applications, or debugging error codes 100*, 300*, 600*. Keywords: turnstile, captcha, bot protection, cloudflare challenge, siteverify, recaptcha alternative, spam prevention, form protection, cf-turnstile, turnstile widget, token validation, managed challenge, invisible challenge, @marsidev/react-turnstile, hono turnstile, workers turnstile
Framework for assessing IT service providers, technology vendors, and third-party partners. Creates structured risk assessments across financial, operational, compliance, security, and reputational dimensions with regulatory checklists (GDPR, DORA, NIS2, SOX). Use when: (1) Evaluating new vendors or technology providers, (2) Conducting third-party risk assessments for procurement, (3) Performing critical vendor due diligence for regulatory compliance, (4) Creating vendor onboarding documentation, (5) Establishing ongoing vendor monitoring processes, (6) Assessing vendor concentration risk, or (7) Generating executive-level vendor risk reports.
Rummage through code with curious precision, inspecting every corner for security risks and cleaning up what doesn't belong. Use when auditing security, finding secrets, removing dead code, or sanitizing before deployment.
Apply Mistral AI security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Mistral AI security configuration. Trigger with phrases like "mistral security", "mistral secrets", "secure mistral", "mistral API key security".
Write CSP-compatible Alpine.js components for Hyvä themes in Magento 2. This skill should be used when the user wants to create Alpine components, add interactivity to Hyvä templates, write JavaScript for Hyvä themes, or needs help with Alpine.js patterns that work with Content Security Policy. Trigger phrases include "create alpine component", "add interactivity", "alpine for hyva", "x-data component", "csp compatibility", "csp compliant javascript".
Comprehensive security audit skill for NEAR Protocol smart contracts written in Rust. Use when auditing NEAR contracts, reviewing security vulnerabilities, or analyzing contract code for issues like reentrancy, unhandled promises, unsafe math, access control flaws, and callback security.
Use when reviewing code for security vulnerabilities, implementing authentication/authorization, handling user input, or discussing web application security. Covers OWASP Top 10:2025, ASVS 5.0, and Agentic AI security (2026).
Container development with Docker, Dockerfiles, 12-factor principles, multi-stage builds, and Skaffold workflows. Enforces MANDATORY non-root users, minimal Alpine/slim base images, and security hardening. Covers containerization, orchestration, and secure image construction. Use when user mentions Docker, Dockerfile, containers, docker-compose, multi-stage builds, container images, container security, or 12-factor app principles.