Loading...
Loading...
Found 2,578 Skills
Use this skill when the user needs to secure their SaaS app, implement authentication, protect user data, secure APIs, or check for vulnerabilities. Covers OWASP Top 10, auth best practices, data protection, and security checklists for apps built with AI tools.
Expert knowledge for Azure Attestation development including troubleshooting, best practices, security, configuration, and deployment. Use when validating attestation tokens, authoring SGX/TPM policies, configuring policy signers, or securing endpoints, and other Azure Attestation related development tasks. Not for Azure Confidential Computing (use azure-confidential-computing), Azure Virtual Enclaves (use azure-virtual-enclaves), Azure Key Vault (use azure-key-vault), Azure Security (use azure-security).
Expert knowledge for Azure DevTest Labs development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when managing DevTest Labs VMs, images/artifacts, ARM/CLI automation, RBAC/Key Vault security, or hub-spoke lab setups, and other Azure DevTest Labs related development tasks. Not for Azure Dev Box (use azure-dev-box), Azure Lab Services (use azure-lab-services), Azure Virtual Machines (use azure-virtual-machines), Azure Virtual Desktop (use azure-virtual-desktop).
Expert knowledge for Azure Virtual Machine Scale Sets development including troubleshooting, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when configuring VMSS autoscale/upgrade modes, zones/PPGs, Spot+standby pools, ADE+Key Vault, or CLI/ARM deployments, and other Azure Virtual Machine Scale Sets related development tasks. Not for Azure Virtual Machines (use azure-virtual-machines), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure Container Instances (use azure-container-instances), Azure App Service (use azure-app-service).
Trust Wallet API for crypto data — token search, prices, trending tokens, swap quotes, market data, security checks, address validation, asset info, and coin status across 100+ blockchains. Use whenever the user asks about crypto prices, token info, swap rates, market cap, trending coins, token risk, honeypot detection, address validation, or wants to call the Trust Wallet / tws.trustwallet.com API directly. Covers HMAC-SHA256 authentication, supported chains, and all REST endpoints.
Audit Chrome extensions for security issues, best practice violations, performance problems, and CWS compliance. Scans manifest, code, CSP, message handlers, storage, and dependencies.
Builds and queries multi-language source code graphs for security analysis. Includes pre-analysis passes for blast radius, taint propagation, privilege boundaries, and entry point enumeration. Use when analyzing call paths, mapping attack surface, finding complexity hotspots, enumerating entry points, tracing taint propagation, measuring blast radius, or building a code graph for audit prioritization. Supports 16 languages including Solidity, Cairo, Circom, Rust, Go, Python, C/C++, TypeScript.
Alibaba Cloud Security Center incident management skill. Query security incidents, threat trends, and incident details. Triggers: "云安全中心", "安全事件", "事件查询", "安全态势", "威胁事件", "cloud-siem", "Agentic-soc".
Alibaba Cloud Security Center (SAS) CWPP host security alert handling skill. Used for querying, analyzing, and handling security alerts from Cloud Security Center. Triggers: "security alert", "alert handling", "CWPP alert", "Cloud Security Center alert", "SAS alert", "Aegis alert", "view alerts", "handle alerts"
Use kuri-agent to automate Chrome — navigate pages, interact with elements via a11y refs, capture screenshots, run security audits, enumerate cookies/JWTs, probe for IDOR vulnerabilities, and make authenticated fetches. Use when the user wants to automate a browser, test a web app, scrape data, or run security trajectories against a live site.
Security audit and code review checklist. Covers 30+ vulnerability types with real-world exploit cases (2021-2026) and EVMbench Code4rena patterns. Use when conducting security audits, code reviews, or pre-deployment security assessments.
Query and analyze security events and alerts detected by Alibaba Cloud Firewall IPS (Intrusion Prevention System), helping quickly locate threats and provide remediation recommendations. Triggers when user mentions IPS alerts, intrusion detection, intrusion prevention, attack events, security alerts, threat detection, attack analysis, IDS/IPS, being attacked, any attacks, security incidents, security warnings, server under attack, machine alarms. Also triggers when user asks about "any recent attacks", "which assets were attacked", "does this IP have attack behavior", "security alerts for a specific server/machine", "which IPs attacked a specific IP", even without explicitly saying "IPS".