Search Results: code-vulnerability

Found 16 Skills

Security & Compliancemicrock/ordinary-claude-s...

security-audit-example

Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

secure-coding-audit

Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.

🇺🇸|EnglishTranslated

Security & Complianceborghei/claude-skills

skill-security-auditor

Security audit and vulnerability scanning for AI agent skills before installation. Detects prompt injection in SKILL.md files, dangerous code patterns (eval, exec, subprocess), network exfiltration, credential harvesting, dependency supply chain risks, file system boundary violations, and obfuscation. Produces PASS/WARN/FAIL verdicts with remediation guidance. Use when evaluating untrusted skills, pre-install security gates, or auditing skill repositories.

🇺🇸|EnglishTranslated

3 scripts/Attention

Security & Compliancesickn33/antigravity-aweso...

security-scanning-security-sast

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

🇺🇸|EnglishTranslated

Security & Compliancejddoesdev/goodvibesonly

goodvibesonly

Security scanner for vibe-coded projects. AUTO-INVOKE this skill before any git commit, git push, or when user says "commit", "push", "ship it", "deploy", "is this safe?", "check for security issues", or "goodvibesonly". Also invoke after generating code that handles user input, authentication, database queries, or file operations.

🇺🇸|EnglishTranslated

Security & Compliancesgcarstrends/sgcarstrends

security

Security auditing for code vulnerabilities (OWASP Top 10, XSS, SQL injection) and dependency scanning (pnpm audit, Snyk). Use when handling user input, adding authentication, before deployments, or resolving CVEs.

🇺🇸|EnglishTranslated

Security & Compliancefactory-ai/factory-plugin...

commit-security-scan

Analyze code changes for security vulnerabilities using LLM reasoning and threat model patterns. Use for PR reviews, pre-commit checks, or branch comparisons.

🇺🇸|EnglishTranslated

Security & Complianceexistential-birds/beagle

elixir-security-review

Reviews Elixir code for security vulnerabilities including code injection, atom exhaustion, and secret handling. Use when reviewing code handling user input, external data, or sensitive configuration.

🇺🇸|EnglishTranslated

Security & Complianceaaaaqwq/claude-code-skill...

performing-security-code-review

Execute this skill enables AI assistant to conduct a security-focused code review using the security-agent plugin. it analyzes code for potential vulnerabilities like sql injection, xss, authentication flaws, and insecure dependencies. AI assistant uses this skill wh... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.

🇺🇸|EnglishTranslated

3 scripts/Attention

Security & Compliancejwynia/agent-skills

security-scan

Scan code for security vulnerabilities including OWASP Top 10, secrets, and misconfigurations. Use when you need comprehensive security analysis of a codebase.

🇺🇸|EnglishTranslated

Security & Compliancenavanithans/agent-skill-k...

ask-owasp-security-review

Static security analysis for code, auditing for OWASP Top 10 risks. Triggers: "security audit", "is this secure", "check for vulnerabilities". Capabilities: - Static analysis of code snippets. - Mapping findings to OWASP Top 10 (2021). - Providing remediation code patterns.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Complianceflorianbuetow/claude-code

ssrf

This skill should be used when the user asks to "check for SSRF", "analyze server-side request forgery", "find URL fetching vulnerabilities", "check for internal network access", or mentions "SSRF", "URL fetching", "cloud metadata", "169.254.169.254", or "request forgery" in a security context. Maps to OWASP Top 10 2021 A10: Server-Side Request Forgery.

🇺🇸|EnglishTranslated