Total 50,537 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Security audit guidelines for web applications and REST APIs based on OWASP Top 10 and web security best practices. Use when checking code for vulnerabilities, reviewing auth/authz, auditing APIs, or before production deployment.
Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks
Guidance for filtering JavaScript and XSS attack vectors from HTML while preserving original formatting. This skill should be used when tasks involve removing script content, sanitizing HTML, filtering XSS payloads, or creating security filters that must preserve the original document structure unchanged.
Deep architectural context building for security audits. Use when conducting security reviews, building codebase understanding, mapping trust boundaries, or preparing for vulnerability analysis. Inspired by Trail of Bits methodology.
Guidelines for implementing Auth0 authentication with best practices for security, rules, actions, and SDK integration
Professional Skills and Methodologies for SSRF (Server-Side Request Forgery) Testing
Run a comprehensive security review on code
A test skill with prompt injection patterns
This skill should be used when the user asks to "encrypt message with BSV key", "decrypt with private key", "ECDH encryption", "AES-256-GCM BSV", "EncryptedMessage", "BRC-2 encryption", or needs to encrypt/decrypt data using BSV keys and @bsv/sdk.
Env Secret Detector - Auto-activating skill for Security Fundamentals. Triggers on: env secret detector, env secret detector Part of the Security Fundamentals skill category.
Before ANY destructive, irreversible, or high-impact action, pause and surface a clear checklist of what's about to happen. This includes: file deletions, database changes, production deployments, mass updates, permission changes, or anything that can't easily be undone. Require explicit confirmation before proceeding. Never auto-execute dangerous operations.
Use this skill when designing data schemas, implementing sharing workflows, or auditing access control in Jazz applications. It covers the hierarchy of Groups, Accounts, and CoValues, ensuring data is private by default and shared securely through cascading permissions and invitations.