Loading...
Loading...
Found 386 Skills
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about inject...
Perform code review on staged changes or a pull request. Checks for bugs, security issues, performance problems, and best practices. Use when user says "review code", "check my code", "review PR", or "is this code okay".
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
Use when reviewing code, pull requests, or diffs. Provides patterns, checklists, and templates for systematic code review with a focus on correctness, security, readability, performance, and maintainability.
Verify fix commits address audit findings without new bugs
Security review and guidance for iOS, macOS, and watchOS apps. Covers secure storage, biometric authentication, network security, and platform-specific patterns. Use when implementing security features or reviewing code for vulnerabilities.
Upgrades Python pip/poetry/pipenv dependencies with breaking change handling
Research-backed code review skill with OWASP Top 10 security checks, SAST tool integration (SonarQube, CodeQL, Snyk), performance pattern detection, and automated quality standards enforcement. Auto-invoked for code review, security audit, PR analysis, and bug checking. Implements 2025 best practices with 92% faster vulnerability remediation.
Use the squirrelscan CLI (squirrel) to audit websites, covering over 140 rules in SEO, technical aspects, content, performance, security, etc. This skill applies when you need to analyze website health, troubleshoot technical SEO issues, check for broken links, verify meta tags and structured data, generate site audit reports, compare before and after website revamps, or when terms like 'website audit', 'audit website', 'squirrel', 'site health check' are mentioned.
Run ScoutSuite for multi-cloud security auditing. Collects configuration data from AWS, Azure, GCP, Oracle, and Alibaba Cloud and generates an interactive security report.
Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers
Expert code review specialist for quality, security, and maintainability. Use when reviewing code changes, ensuring high development standards, or conducting security audits. Provides actionable feedback organized by priority.