Loading...
Loading...
Found 128 Skills
Agent harness performance system for Claude Code and other AI coding agents — skills, instincts, memory, hooks, commands, and security scanning
Check any AI agent codebase against the OWASP Agentic Security Initiative (ASI) Top 10 risks. Use this skill when: - Evaluating an agent system's security posture before production deployment - Running a compliance check against OWASP ASI 2026 standards - Mapping existing security controls to the 10 agentic risks - Generating a compliance report for security review or audit - Comparing agent framework security features against the standard - Any request like "is my agent OWASP compliant?", "check ASI compliance", or "agentic security audit"
Run Semgrep SAST scans on code. Supports 30+ languages with OWASP, security, and custom rulesets. Parses results and provides remediation guidance.
Run Schemathesis for property-based API security testing. Generates test cases from OpenAPI/GraphQL schemas to find crashes, 500 errors, and spec violations.
Pre-commit review: security scan, quality gates, auto-fix.
Implement static code analysis with linters, formatters, and security scanners to catch bugs early. Use when enforcing code standards, detecting security vulnerabilities, or automating code review.
n8n expression syntax validation, context-aware testing, common pitfalls detection, and performance optimization. Use when validating n8n expressions and data transformations.
Load GitHub Actions automation workflows documentation including CI/CD pipelines, security scanning, and maintenance automation
n8n expression syntax validation, context-aware testing, common pitfalls detection, and performance optimization. Use when validating n8n expressions and data transformations.
This skill should be used when the user asks to "scan Python code for security issues", "set up Bandit", "configure bandit security linting", "fix bandit warnings", or needs guidance on Python static security analysis with Bandit.
Use this skill to remediate security findings by producing minimal, surgical code patches. Triggers on 'patch security findings', 'fix vulnerabilities', 'remediate findings', 'threat patch', or when the user provides a findings.json (from threat-model), a Codex security findings CSV, a THREAT-MODEL.md, or individual vulnerability descriptions and wants them fixed. Also trigger when reviewing code flagged by a security scanner and the user wants actionable fixes rather than just reports.
Run Opengrep for pattern-based code search and security scanning. Use when grep is insufficient for finding code patterns that require structural understanding (function calls, data flow, nested structures). Also use for security vulnerability detection with custom YAML rules.