Search Results: security-audit

Found 387 Skills

Security & Compliancegithub/awesome-copilot

mcp-security-audit

Audit MCP (Model Context Protocol) server configurations for security issues. Use this skill when: - Reviewing .mcp.json files for security risks - Checking MCP server args for hardcoded secrets or shell injection patterns - Validating that MCP servers use pinned versions (not @latest) - Detecting unpinned dependencies in MCP server configurations - Auditing which MCP servers a project registers and whether they're on an approved list - Checking for environment variable usage vs. hardcoded credentials in MCP configs - Any request like "is my MCP config secure?", "audit my MCP servers", or "check .mcp.json" keywords: [mcp, security, audit, secrets, shell-injection, supply-chain, governance]

🇺🇸|EnglishTranslated

AI & Machine Learningalirezarezvani/claude-ski...

skill-security-auditor

Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a skill directory or git repo URL for malicious code, (3) pre-install security gate for Claude Code plugins, OpenClaw skills, or Codex skills, (4) scanning Python scripts for dangerous patterns like os.system, eval, subprocess, network exfiltration, (5) detecting prompt injection in SKILL.md files, (6) checking dependency supply chain risks, (7) verifying file system access stays within skill boundaries. Triggers: "audit this skill", "is this skill safe", "scan skill for security", "check skill before install", "skill security check", "skill vulnerability scan".

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Complianceterraphim/terraphim-skill...

security-audit

Security auditing for Rust/WebAssembly applications. Identifies vulnerabilities, reviews unsafe code, validates input handling, and ensures secure defaults. Follows OWASP guidelines and Rust security best practices.

🇺🇸|EnglishTranslated

Security & Compliancetaylorhuston/local-life-m...

security-audit

Comprehensive security audit of codebase using multiple security-auditor agents. Use before production deployments or after major features.

🇺🇸|EnglishTranslated

Security & Compliancesomnio-software/somnio-ai...

security-audit

Execute a comprehensive, framework-agnostic Security Audit. Detects project type at runtime and adapts security checks accordingly. Analyzes sensitive files, source code secrets, dependency vulnerabilities, and optionally uses Gemini AI for advanced analysis. Produces a severity-classified report. Use when the user asks to audit security, scan for vulnerabilities, check for secrets, or assess dependency risks. Triggers on: 'security audit', 'vulnerability scan', 'secret scan', 'dependency audit', 'security check', 'pentest', 'owasp'.

🇺🇸|EnglishTranslated

Security & Complianceruvnet/ruflo

security-audit

Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement. Use when: authentication implementation, authorization logic, payment processing, user data handling, API endpoint creation, file upload handling, database queries, external API integration. Skip when: read-only operations on public data, internal development tooling, static documentation, styling changes.

🇺🇸|EnglishTranslated

2 scripts/Checked

Security & Compliancewinsorllc/upgraded-carniv...

security-audit

Scan code for security vulnerabilities and secrets. Detect exposed secrets, insecure patterns, and common vulnerabilities.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancesrstomp/pokayokay

security-audit

Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.

🇺🇸|EnglishTranslated

Security & Compliancemicrock/ordinary-claude-s...

security-audit-example

Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.

🇺🇸|EnglishTranslated

Security & Compliancemgd34msu/goodvibes-plugin

security-audit

Load PROACTIVELY when task involves security review, vulnerability assessment, or hardening. Use when user says "check for security issues", "audit for vulnerabilities", "scan for secrets", "review auth security", or "check OWASP compliance". Covers authentication and session security, authorization and access control, input validation and injection prevention, data protection and encryption, dependency vulnerability scanning, API security (CORS, rate limiting, headers), and infrastructure hardening. Produces structured reports with severity ratings.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Complianceiskysun96/aptos-agent-ski...

security-audit

Audits Move contracts for security vulnerabilities before deployment using 7-category checklist. Triggers on: 'audit contract', 'security check', 'review security', 'check for vulnerabilities', 'security audit', 'is this secure', 'find security issues'.

🇺🇸|EnglishTranslated

Security & Compliancearadotso/security-skills

wxmini-security-audit

Automated WeChat mini-program security auditing framework using Claude Code Agent Teams with 7 specialized agents for comprehensive static analysis

🇺🇸|EnglishTranslated