Loading...
Loading...
Found 1,613 Skills
Structured code review approach covering security, quality, performance, and consistency.
Smart contract and secure API contract security analysis — invariant checking, access control, reentrancy, and integer overflow patterns. Implements Checks-Effects-Interactions pattern, formal invariant verification, and OpenSCV vulnerability taxonomy for Solidity/EVM and Rust/Solana contracts.
Code review specialist focused on patterns, bugs, security, and performance
Review RFCs for problem clarity, compliance, security, and performance using SCQA framework
This skill should be used when the user requests to "initialize team", "create development team", "team init", "form a team", or "start project team". It collects project information through interactive Q&A and creates an Agent engineering team with professional roles. 8 team types are supported: software development, software testing, reverse engineering, debugging/bug fixing, security research, CTF competition, software and server operation & maintenance, discussion/seminar.
Java and Spring Boot security patterns. Covers Spring Security, dependency auditing, secure coding practices, and OWASP for Java ecosystem. USE WHEN: user works with "Java", "Spring Boot", "Spring Security", asks about "Java vulnerabilities", "Maven security", "Gradle security", "Java injection", "Java authentication" DO NOT USE FOR: general OWASP concepts - use `owasp` or `owasp-top-10` instead, Node.js/Python security - use language-specific skills
Universal security checklist and fixes for ANY project type or language
Gate Wallet interaction with external DApps. Connect wallet, sign messages (EIP-712/personal_sign), sign and send DApp-generated transactions, ERC20 Approve authorization. Use when users need to interact with DeFi protocols, NFT platforms, or any DApp. Includes transaction confirmation gating and security review.
Apply CIS benchmarks and secure Linux servers. Configure SSH, manage users, implement firewall rules, and enable security features. Use when hardening Linux systems for production or meeting security compliance requirements.
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Security detection use cases for identifying threats across network, endpoint, identity, cloud, application, and email vectors. Use for building detection rules, analyzing security events, and threat hunting operations.
Full API lifecycle management through Postman. Sync OpenAPI specs to collections, generate typed client code, run API tests, create mock servers, publish documentation, audit security against OWASP Top 10, and discover APIs across workspaces. Requires the Postman MCP Server. Use this skill when the user mentions Postman, API collections, syncing specs, generating SDKs, running API tests, creating mocks, API documentation, or API security audits. Triggers on tasks involving API development workflows, collection management, or any Postman-related operations.