Loading...
Loading...
Found 349 Skills
Deep codebase analysis for building architectural context before vulnerability or bug finding. Uses line-by-line analysis with First Principles, 5 Whys, and 5 Hows. Use when deep comprehension is needed before security auditing, architecture review, or threat modeling.
Analyzes and enforces security protocols on the skill ecosystem. Operates via Audit, Guard, and Trust modes to prevent malicious commands, PII leakage, and excessive permissions.
MUST be used whenever reviewing a Dune app for security issues, or before shipping any feature that handles credentials, user input, or external data. Do NOT skip this when the user asks for a security review, security audit, or vulnerability check — run every step in order. Triggers: security, security review, security audit, vulnerability, XSS, injection, credentials, secrets, auth, authentication, authorization, token, sensitive data, input validation, CORS, CSP, dependency audit.
Code review and audit system with specialized sub-skills covering SOLID principles, security, performance, architecture, error handling, testing, code smells, design patterns, and framework best practices. Generates severity-scored findings with copy-pasteable fix prompts. Strictly read-only — never modifies user code. Use when user says "review", "audit", "code review", "check my code", "security scan", "code smells", "SOLID check".
Env & Secrets Manager
Senior ISMS Audit Expert for internal and external information security management system auditing. Provides ISO 27001 audit expertise, security audit program management, security control assessment, and compliance verification. Use for ISMS internal auditing, external audit preparation, security control testing, and ISO 27001 certification support.
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
Code review guidelines covering code quality, security, and best practices.
This skill should be used when the user asks to "review my changes", "review this code", "check my work", "what's wrong with my changes", "review before I push", "security review", "do a code review", or mentions reviewing, auditing, or analyzing local code changes before committing or opening a PR.
Use the squirrelscan CLI (squirrel) to audit websites, covering over 140 rules in SEO, technical aspects, content, performance, security, etc. This skill applies when you need to analyze website health, troubleshoot technical SEO issues, check for broken links, verify meta tags and structured data, generate site audit reports, compare before and after website revamps, or when terms like 'website audit', 'audit website', 'squirrel', 'site health check' are mentioned.
Reviews Phoenix LiveView code for lifecycle patterns, assigns/streams usage, components, and security. Use when reviewing LiveView modules, .heex templates, or LiveComponents.
Use when the user requests a security audit workflow (vulnerability scan and verification) for sensitive code.