Search Results: vulnerability-scanning

Found 103 Skills

Security & Compliancecodewithmukesh/dotnet-cla...

security-scan

Deep security scanning for .NET applications across 6 layers: vulnerable packages, secrets detection, OWASP code patterns, auth configuration, CORS policy, and data protection. Produces severity-rated findings with specific remediation steps. Load this skill when: "security scan", "security audit", "check for vulnerabilities", "find secrets", "OWASP", "auth review", "CORS check", "security review", "penetration test prep", "CVE check", "vulnerability scan", "hardcoded password", "data protection", "security posture".

🇺🇸|EnglishTranslated

Security & Compliancevigolium/skills

vigolium-scanner

Use when operating the vigolium CLI for web vulnerability scanning, security testing, traffic ingestion, server management, AI agent-driven scanning and code review, cloud-storage management, or writing custom JavaScript extensions. Invoke for scan commands, scan-url, scan-request, run, ingest, server, agent (query/autopilot/swarm/olium/piolium/audit/session), traffic browsing, database queries, storage uploads/downloads, module management, extension scripting, export, project management, and configuration tuning.

🇺🇸|EnglishTranslated

Security & Compliancesickn33/antigravity-aweso...

security-scanning-security-sast

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

🇺🇸|EnglishTranslated

Security & Compliancehieutrtr/ai1-skills

code-review-security

Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancesickn33/antigravity-aweso...

dependency-management-deps-audit

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

🇺🇸|EnglishTranslated

Code Quality89jobrien/steve

dependency-management

Dependency management specialist. Use when updating dependencies, scanning for vulnerabilities, analyzing dependency trees, or ensuring license compliance. Handles npm, pip, maven, and other package managers.

🇺🇸|EnglishTranslated

1 scripts/Checked

Code Qualityhelderberto/skills

audit-deps

Check dependencies for vulnerabilities. Use when user asks to "audit dependencies", "/audit-deps", "check for vulnerabilities", or wants to check dependency health.

🇺🇸|EnglishTranslated

Security & Complianceghostsecurity/skills

ghost-report

Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.

🇺🇸|EnglishTranslated

Code Qualityclaude-code-community-ire...

dependency-audit

Dependency management and auditing — evaluating new dependencies, security vulnerability scanning, update strategies, and license compliance. Use when adding or auditing dependencies.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

agentic-actions-auditor

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security for prompt injection risks, or evaluating agentic action configurations.

🇺🇸|EnglishTranslated

Security & Compliancesrstomp/pokayokay

security-audit

Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.

🇺🇸|EnglishTranslated

Security & Compliancenaodeng/awesome-qa-skills

security-testing

Design security testing solutions, including OWASP Top 10, penetration testing, and vulnerability scanning. Default output is Markdown, and Excel/CSV/JSON output is available upon request. Use for security testing or security-testing.

🇨🇳|ChineseTranslated

1 scripts/Attention