Loading...
Loading...
Found 90 Skills
Csrf Protection Validator - Auto-activating skill for Security Fundamentals. Triggers on: csrf protection validator, csrf protection validator Part of the Security Fundamentals skill category.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Security best practices for secure coding, authentication, authorization, and data protection. Use when developing features that handle sensitive data, user authentication, or require security review.
Security hardening and secure coding practices. Use when user asks to "harden security", "secure coding", "OWASP vulnerabilities", "input validation", "sanitization", "SQL injection prevention", "XSS protection", "CORS security", "secure headers", "vulnerability scanning", or mentions security best practices and threat mitigation.
Session Security Checker - Auto-activating skill for Security Fundamentals. Triggers on: session security checker, session security checker Part of the Security Fundamentals skill category.
Security Headers Generator - Auto-activating skill for Security Fundamentals. Triggers on: security headers generator, security headers generator Part of the Security Fundamentals skill category.
Xss Vulnerability Scanner - Auto-activating skill for Security Fundamentals. Triggers on: xss vulnerability scanner, xss vulnerability scanner Part of the Security Fundamentals skill category.
Java security checklist covering OWASP Top 10, input validation, injection prevention, and secure coding. Works with Spring, Quarkus, Jakarta EE, and plain Java. Use when reviewing code security, before releases, or when user asks about vulnerabilities.
Cryptography expert for TLS, symmetric/asymmetric encryption, hashing, and key management
Java and Spring Boot security patterns. Covers Spring Security, dependency auditing, secure coding practices, and OWASP for Java ecosystem. USE WHEN: user works with "Java", "Spring Boot", "Spring Security", asks about "Java vulnerabilities", "Maven security", "Gradle security", "Java injection", "Java authentication" DO NOT USE FOR: general OWASP concepts - use `owasp` or `owasp-top-10` instead, Node.js/Python security - use language-specific skills
Rate Limiter Config - Auto-activating skill for Security Fundamentals. Triggers on: rate limiter config, rate limiter config Part of the Security Fundamentals skill category.
Write secure-by-default Node.js and TypeScript applications following security best practices. Use when: (1) Writing new Node.js/TypeScript code, (2) Creating API endpoints or middleware, (3) Handling user input or form data, (4) Implementing authentication or authorization, (5) Working with secrets or environment variables, (6) Setting up project configurations (tsconfig, eslint), (7) User mentions security concerns, (8) Reviewing code for vulnerabilities, (9) Working with file paths or child processes, (10) Setting up HTTP headers or CORS.