Loading...
Loading...
Found 2,574 Skills
Expert AWS Cloud Advisor for architecture design, security review, and implementation guidance. Leverages AWS MCP tools for accurate, documentation-backed answers. Use when user asks about AWS architecture, security, service selection, migrations, troubleshooting, or learning AWS. Triggers on AWS, Lambda, S3, EC2, ECS, EKS, DynamoDB, RDS, CloudFormation, CDK, Terraform, Serverless, SAM, IAM, VPC, API Gateway, or any AWS service.
Comprehensive code review covering security vulnerabilities, performance bottlenecks, best practices, and refactoring opportunities. Use when user requests code review, security audit, or performance analysis.
Guidelines for building robust APIs with Express.js and TypeScript, covering middleware patterns, routing, and security best practices
Use when reviewing AWS architecture, designing cloud systems, addressing operational issues, security concerns, reliability problems, performance bottlenecks, cost overruns, or sustainability goals
Security vulnerability scanning using Trivy for ecommerce project. Scans dependencies, container images, and IaC. Blocks CRITICAL and HIGH severity. Triggers on "trivy", "vulnerability scan", "security scan", "container scan", "cve", "dependency scan", "npm audit", "docker scan", "security check". PROACTIVE: MUST invoke before committing code with new dependencies.
Docker and container image best practices including multi-stage builds, security hardening, layer optimization, and Alpine/slim variants. Use when writing or reviewing Dockerfiles, container configurations, or docker-compose files.
Diagnose and fix React codebase health issues. Use when reviewing React code, fixing performance problems, auditing security, or improving code quality.
Detect CVEs and security issues in project dependencies. Use when you need to analyze packages for known vulnerabilities across npm, pip, cargo, and other ecosystems.
OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.
Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing zero-trust networking with minimal overhead.
Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.
Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use when analyzing APK files for Firebase vulnerabilities, performing mobile app security audits, or testing Firebase endpoint security. For authorized security research only.