Loading...
Loading...
Found 11 Skills
A general skill for performing security reviews and auditing codebases for vulnerabilities. ALWAYS run this at the end of each task.
PHP 8.5+ modern patterns, PSR standards, and SOLID principles. Use when reviewing PHP code, checking type safety, auditing code quality, or ensuring PHP best practices. Triggers on "review PHP", "check PHP code", "audit PHP", or "PHP best practices".
Guide for building, auditing, and refactoring Swift code using modern concurrency patterns (Swift 6+). This skill should be used when working with async/await, Tasks, actors, MainActor, Sendable types, isolation domains, or when migrating legacy callback/Combine code to structured concurrency. Covers Approachable Concurrency settings, isolated parameters, and common pitfalls.
Rust unsafe code skill for systems programming. Use when writing or reviewing unsafe Rust, understanding what operations require unsafe, implementing safe abstractions over unsafe code, auditing unsafe blocks, or understanding raw pointers, transmute, and extern. Activates on queries about unsafe Rust, raw pointers, transmute, unsafe blocks, writing safe wrappers, UnsafeCell, unsafe trait impl, or auditing unsafe code.
Checks WHY-not-WHAT, density (15-20%), forbidden content, docstrings quality, actuality, legacy cleanup. Returns findings with severity, location, and recommendations.
Use Codex CLI for sandboxed auditing, debugging, and autonomous prototyping
Guide for security-related Agent Skills including penetration testing, code auditing, threat hunting, and forensics skills.
Implementation + audit loop using parallel agent teams with structured simplify, harden, and document passes. Spawns implementation agents to do the work, then audit agents to find complexity, security gaps, and spec deviations, then loops until code compiles cleanly, all tests pass, and auditors find zero issues or the loop cap is reached. Use when: implementing features from a spec or plan, hardening existing code, fixing a batch of issues, or any multi-file task that benefits from a build-verify-fix cycle.
Detect and fix SQL injection vulnerabilities in any framework. Covers Laravel (DB::raw, whereRaw), Node.js (template literals in queries), Python (f-strings in SQL), and Cloudflare D1. Enforces parameterized bindings everywhere. Use when writing database queries, reviewing code for injection, or fixing SQL injection findings.
Generate and audit Microsoft Clarity browser instrumentation from the terminal. Trigger phrases: `generate a Clarity snippet`, `audit Clarity instrumentation`, `add Microsoft Clarity identify call`.
Use when inspecting, cleaning, understanding, reproducing, or auditing academic research code repositories, especially when README commands, datasets, checkpoints, experiments, or paper claims need verification.