Loading...
Loading...
Found 230 Skills
This skill should be used when the user asks to "check for misconfigurations", "analyze security headers", "find misconfigured settings", "check CORS policy", "find debug mode", "audit server configuration", or mentions "misconfiguration" in a security context. Maps to OWASP Top 10 2021 A05: Security Misconfiguration.
Runs real-time safety analysis for instructions involving destructive operations, permission changes, irreversible actions, prompt injection, or compliance-sensitive operations. Evaluates risk level, destructiveness, and reversibility via backend API. Use when asked for safety check, risk assessment, security audit, destructive check, instruction audit, or Modeio safety scan. Also use proactively before executing any instruction that deletes data, modifies permissions, drops or truncates tables, deploys to production, or alters system state irreversibly. Also supports pre-install Skill Safety Assessment for third-party skill repositories via a static prompt contract.
Reviews changes for correctness, edge cases, style, security, and maintainability with severity levels (Blocker/Major/Minor/Nit). Use before finalizing changes.
Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.
Review the current branch diff for real bugs and security issues, verify findings against surrounding code, and report only issues that survive context checks. Runs as a forked review workflow so the audit has separate reasoning budget and stays isolated from the main task flow. Use when the user asks to find bugs, review changes, or audit branch risk.
Perform read-only reviews of code changes (`git diff`) for quality, architecture compliance, and security (OWASP Top 10) by delegating to Agent tools. Use for self-reviews before committing/creating PRs, or when requesting "review changes" or "code review". Use implement-review-pr for GitHub PR reviews.
Adversarial code review that breaks the self-review monoculture. Use when you want a genuinely critical review of recent changes, before merging a PR, or when you suspect Claude is being too agreeable about code quality. Forces perspective shifts through hostile reviewer personas that catch blind spots the author's mental model shares with the reviewer.
Validate code quality, test coverage, performance, and security. Use when verifying implemented features meet all standards and requirements before marking complete.
Expert-level code review focusing on quality, security, performance, and maintainability. Use this skill for conducting thorough code reviews, identifying issues, and providing constructive feedback.
Upgrades Python pip/poetry/pipenv dependencies with breaking change handling
Execute deterministic, event-sourced security audits using ESAA-Security's LLM-based agent architecture with 95 checks across 16 security domains
Local Code Review - analyzes code changes and provides structured feedback before commit