Loading...
Loading...
Found 2,006 Skills
Identify storage buckets that are publicly accessible and may contain sensitive data.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
Docker Compose production patterns 2025 including multi-environment strategies, health checks, and modern compose features
Role-based access control (RBAC) with permissions and policies. Use for admin dashboards, enterprise access, multi-tenant apps, fine-grained authorization, or encountering permission hierarchies, role inheritance, policy conflicts.
Configures CORS policy for development and production
Scans codebase for hardcoded secrets. Returns normalized findings with severity and remediation guidance. Pre-commit hook integration.
Security audit worker (L3). Scans codebase for hardcoded secrets, SQL injection, XSS, insecure dependencies, missing input validation. Returns findings with severity (Critical/High/Medium/Low), location, effort, and recommendations.
Dependencies audit worker (L3). Checks outdated packages, unused deps, reinvented wheels, vulnerability scan (CVE/CVSS). Supports mode: full | vulnerabilities_only.
Upgrades Python pip/poetry/pipenv dependencies with breaking change handling
Secure PubNub applications with Access Manager, encryption, and TLS
Manage AWS accounts, organizations, IAM, and billing. Use when setting up AWS Organizations, managing IAM policies, controlling costs, or implementing multi-account strategies. Triggers on AWS Organizations, AWS IAM, AWS billing, Cost Explorer, SCPs, multi-account, AWS SSO, Identity Center.