Search Results: vulnerability-scan

Found 59 Skills

Security & Compliancejeremylongshore/claude-co...

scanning-for-vulnerabilities

Execute this skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. it identifies security vulnerabilities in code, dependencies, and configurations, including cve detection. use this skill when the user asks to scan fo... Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.

🇺🇸|EnglishTranslated

3 scripts/Checked

Security & Compliancezackkorman/skills

security-review-2

A general skill for performing security reviews and auditing codebases for vulnerabilities. ALWAYS run this at the end of each task.

🇺🇸|EnglishTranslated

583

Security & Complianceaffaan-m/everything-claud...

security-scan

Scan your Claude Code configuration (.claude/ directory) for security vulnerabilities, misconfigurations, and injection risks using AgentShield. Checks CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions.

🇺🇸|EnglishTranslated

Security & Compliancejeffallan/claude-skills

security-reviewer

Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.

🇺🇸|EnglishTranslated

Security & Compliancesergiodxa/agent-skills

owasp-security-check

Security audit guidelines for web applications and REST APIs based on OWASP Top 10 and web security best practices. Use when checking code for vulnerabilities, reviewing auth/authz, auditing APIs, or before production deployment.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

solana-vulnerability-scanner

Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing. Use when auditing Solana/Anchor programs.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

algorand-vulnerability-scanner

Scans Algorand smart contracts for 11 common vulnerabilities including rekeying attacks, unchecked transaction fees, missing field validations, and access control issues. Use when auditing Algorand projects (TEAL/PyTeal).

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

substrate-vulnerability-scanner

Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

ton-vulnerability-scanner

Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks. Use when auditing FunC contracts.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

cairo-vulnerability-scanner

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.

🇺🇸|EnglishTranslated

Security & Compliancehieutrtr/ai1-skills

code-review-security

Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancejorgealves/agent_skills

prompt-injection-scanner

Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection. Use when designing new agent skills or before deploying agents to public environments where users provide untrusted input.

🇺🇸|EnglishTranslated