Loading...
Loading...
Found 209 Skills
Plans security penetration tests for web applications. Analyzes codebase, API routes, auth implementation, and infrastructure config to generate comprehensive pentest plans. For authorized testing only.
Add policy enforcement, zero-trust identity, and execution sandboxing to AI agents with Microsoft's Agent Governance Toolkit
Professional Skills and Methodologies for Secure Code Review
Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.
Authentication and security patterns for EFT-Tracker using NextAuth. Covers password reset, session management, CSRF protection, and security reviews. Activates when user mentions: auth, authentication, password, NextAuth, session, security, login, logout, CSRF, rate limit, token, JWT.
Software engineering best practices for code review. Use when reviewing code, analyzing code quality, checking for bugs, security vulnerabilities, or providing feedback on code changes.
Code Injection Detector - Auto-activating skill for Security Fundamentals. Triggers on: code injection detector, code injection detector Part of the Security Fundamentals skill category.
Password Hash Generator - Auto-activating skill for Security Fundamentals. Triggers on: password hash generator, password hash generator Part of the Security Fundamentals skill category.
Use when handling authentication, authorization, encryption, HIPAA compliance, SOC 2, privacy policies, penetration testing, or any security and compliance concerns
LLM guardrails with NeMo, Guardrails AI, and OpenAI. Input/output rails, hallucination prevention, fact-checking, toxicity detection, red-teaming patterns. Use when building LLM guardrails, safety checks, or red-team workflows.
Content Security Policy Generator - Auto-activating skill for Security Fundamentals. Triggers on: content security policy generator, content security policy generator Part of the Security Fundamentals skill category.
Write secure-by-default Node.js and TypeScript applications following security best practices. Use when: (1) Writing new Node.js/TypeScript code, (2) Creating API endpoints or middleware, (3) Handling user input or form data, (4) Implementing authentication or authorization, (5) Working with secrets or environment variables, (6) Setting up project configurations (tsconfig, eslint), (7) User mentions security concerns, (8) Reviewing code for vulnerabilities, (9) Working with file paths or child processes, (10) Setting up HTTP headers or CORS.