Loading...
Loading...
Found 2,245 Skills
Ghost Security - Software Composition Analysis (SCA) scanner. Scans dependency lockfiles for known vulnerabilities, identifies CVEs, and generates findings with severity levels and remediation guidance. Use when the user asks about dependency vulnerabilities, vulnerable packages, CVE checks, security audits of dependencies, or wants to scan lockfiles like package-lock.json, yarn.lock, go.sum, or Gemfile.lock.
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
Provides comprehensive security review capability for TypeScript and Node.js applications, validates code against XSS, injection, CSRF, JWT/OAuth2 flaws, dependency CVEs, and secrets exposure. Use when performing security audits, before deployment, reviewing authentication/authorization implementations, or ensuring OWASP compliance for Express, NestJS, and Next.js. Triggers on "security review", "check for security issues", "TypeScript security audit".
Research CVEs and security advisories for project dependencies. Uses Exa, NVD API, OSV.dev, and GitHub Advisory Database to find known vulnerabilities.
Expert code review of current git changes with a senior engineer lens. Detects SOLID violations, security risks, and proposes actionable improvements.
Security Benchmark Runner - Auto-activating skill for Security Advanced. Triggers on: security benchmark runner, security benchmark runner Part of the Security Advanced skill category.
Tauri 2.0 project setup, Rust backend + web frontend, plugin system, IPC commands, security model, auto-update, and mobile support. Use when building lightweight cross-platform desktop or mobile apps with Tauri.
XProtect, MRT, TCC privacy permissions, quarantine, code signing validation, security audit
Analyzes system and application logs to detect anomalies and security threats in blue-team operations.
WordPress plugin development workflow covering plugin architecture, hooks, admin interfaces, REST API, and security best practices.
Comprehensively evaluate the overall security of an application from two perspectives: attackers (Red Team) and defenders (Blue Team). Run two agents in parallel → output an integrated report via review-aggregator. Use this when you want to "understand the overall security status of the application", "identify vulnerabilities from an attacker's perspective", or "verify that there are no gaps in the defense system". Use security-hardening for addressing specific vulnerabilities, and security-audit-quick for fast detection of known patterns.
Test skill for security scanning