Loading...
Loading...
Found 344 Skills
Scan for unprotected MCP servers using @contextware/mcp-scan package. Enables security auditing of local AI tools and network endpoints.
Code review with focus on quality, security, and best practices
The drum sounds. Spider, Raccoon, and Turtle gather for complete security work. Use when implementing auth, auditing security, or hardening code end-to-end.
Use before committing code - validates Drupal coding standards, SOLID/DRY principles, security practices, and CSS standards
Defines evaluation criteria and scoring methodologies for deliverable assessment
Software engineering best practices for code review. Use when reviewing code, analyzing code quality, checking for bugs, security vulnerabilities, or providing feedback on code changes.
Security audit for vulnerabilities, compliance issues, and sensitive data exposure. Use before production deployments or when reviewing security-sensitive code.
Review Python code for quality, security, and best practices
Performs comprehensive PR code review from 5 perspectives (quality/performance/tests/docs/security) in parallel, providing Blockers/Suggestions/Nice-to-have and merge decision. Args: /review [owner/repo] [pr-number] [--focus all|security|perf|qa|docs|types] Activates when user mentions "review", "PR確認", "コードレビュー", "マージ判定".
Enforce secure secrets management across all platforms. Never hardcode OAuth2 secrets, API keys, tokens, passwords, or credentials in source code. Store all secrets in .env files, load from environment variables, and ensure .env is gitignored. Use this skill when: (1) writing any code that uses API keys, OAuth2 client secrets, tokens, or credentials, (2) setting up authentication or third-party integrations, (3) creating new projects that need environment configuration, (4) reviewing code for security issues related to secrets, (5) configuring CI/CD pipelines or Docker deployments with secrets. Triggers: API key, OAuth, client secret, token, credentials, .env, environment variables, secret, password, authentication setup, third-party integration.
Systematic code analysis with evidence collection
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.