Loading...
Loading...
Found 209 Skills
Run security audit with GitLeaks pre-commit hook setup and code analysis
Identify security vulnerabilities and anti-patterns providing feedback on security issues a senior developer would catch. Use when user mentions security/vulnerability/safety concerns, code involves user input/authentication/data access, working with sensitive data (passwords/PII/financial), code includes SQL queries/file operations/external API calls, user asks about security best practices, or security-sensitive files are being modified (auth, payment, data access).
Xss Vulnerability Scanner - Auto-activating skill for Security Fundamentals. Triggers on: xss vulnerability scanner, xss vulnerability scanner Part of the Security Fundamentals skill category.
Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.
Guardião da qualidade de código e entregas no SynkOS. Use esta skill quando o usuário pedir para revisar código implementado, executar gates de qualidade, fazer code review, validar se uma story atende os critérios de aceite, checar segurança (OWASP), ou fazer perguntas como "revise o código da story X", "o que passou no gate de qualidade?", "há problemas de segurança?", "a implementação cobre os critérios de aceite?", "rode o code review automatizado". Ative também para documentar findings com severidade, decidir PASS/CONCERNS/FAIL/WAIVED para stories, e devolver ao dev com checklist de correções quando a story falha.
Run a comprehensive security review on code
Env Secret Detector - Auto-activating skill for Security Fundamentals. Triggers on: env secret detector, env secret detector Part of the Security Fundamentals skill category.
API testing and contract validation across REST (OpenAPI 3.1), GraphQL (SDL), and gRPC (proto). Use when you need schema linting/validation, breaking-change detection (openapi diff, GraphQL schema diff, buf breaking), consumer/provider contract tests (Pact or schema-driven), negative/security testing, and CI quality gates.
Security audit workflow - vulnerability scan → verification
Comprehensive security code review workflow for a target repository, producing a markdown report with findings and recommendations.
Threat modeling methodologies (STRIDE, PASTA, LINDDUN), attack tree analysis, common attack patterns (OWASP Top 10, CWE), risk assessment frameworks, and security architecture patterns
Plans security penetration tests for web applications. Analyzes codebase, API routes, auth implementation, and infrastructure config to generate comprehensive pentest plans. For authorized testing only.