Loading...
Loading...
Found 2,247 Skills
Review pull requests for code quality, security issues, and best practices. Use when reviewing PRs, checking code changes, or analyzing diffs before merge.
Build with Firestore NoSQL database - real-time sync, offline support, and scalable document storage. Use when: creating collections, querying documents, setting up security rules, handling real-time listeners, or troubleshooting permission-denied, quota exceeded, invalid query, or offline persistence errors. Prevents 10 documented errors.
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guidance, cryptography patterns, and security scanning tools.
Professional Skills and Methodologies for Security Awareness Training
Conduct Pull Request code reviews, including comprehensive evaluations of code quality, security, performance, architectural rationality, etc. Activated when users request PR reviews or mention keywords like "review pr", "check PR", etc.
Эксперт по санитизации ввода. Используй для XSS prevention, encoding, validation и security headers.
Static security analysis for code, auditing for OWASP Top 10 risks. Triggers: "security audit", "is this secure", "check for vulnerabilities". Capabilities: - Static analysis of code snippets. - Mapping findings to OWASP Top 10 (2021). - Providing remediation code patterns.
Review code through hostile perspectives to find bugs, security issues, and unintended consequences the author missed. Use when reviewing PRs, auditing codebases, or before critical deployments.
.NET Core and ASP.NET Core architecture guidance for building secure, scalable backend services. Covers solution structure, dependency injection, middleware, data access, security, performance, and deployment.
Cloud Security Posture - Auto-activating skill for Security Advanced. Triggers on: cloud security posture, cloud security posture Part of the Security Advanced skill category.
Ghost Security - Secrets and credentials scanner. Scans codebase for leaked API keys, tokens, passwords, and sensitive data. Detects hardcoded secrets and generates findings with severity and remediation guidance. Use when the user asks to check for leaked secrets, scan for credentials, find hardcoded API keys or passwords, detect exposed .env values, or audit code for sensitive data exposure.
Review backend code for quality, security, maintainability, and best practices based on established checklist rules. Use when the user requests a review, analysis, or improvement of backend files (e.g., `.py`) under the `api/` directory. Do NOT use for frontend files (e.g., `.tsx`, `.ts`, `.js`). Supports pending-change review, code snippets review, and file-focused review.