All Skills

Total 30,167 skills, Security & Compliance has 1070 skills

Showing 12 of 1070 skills

Per page

Downloads

Sort

Security & Compliancenickcrew/claude-ctx-plugi...

owasp-top-10

OWASP Top 10 security vulnerabilities with detection and remediation patterns. Use when conducting security audits, implementing secure coding practices, or reviewing code for common security vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancegetsentry/skills

security-review

Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP review", or review code for injection, XSS, authentication, authorization, cryptography issues. Provides systematic review with confidence-based reporting.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

insecure-defaults

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

🇺🇸|EnglishTranslated

Security & Compliancewshobson/agents

auth-implementation-patterns

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

🇺🇸|EnglishTranslated

Security & Compliancejeffallan/claude-skills

security-reviewer

Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

constant-time-testing

Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementations for timing vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

sharp-edges

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

fuzzing-dictionary

Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-specific code.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

testing-handbook-generator

Meta-skill that analyzes the Trail of Bits Testing Handbook (appsec.guide) and generates Claude Code skills for security testing tools and techniques. Use when creating new skills based on handbook content.

🇺🇸|EnglishTranslated

Security & Compliancewshobson/agents

attack-tree-construction

Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.

🇺🇸|EnglishTranslated

Security & Compliancewshobson/agents

threat-mitigation-mapping

Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.

🇺🇸|EnglishTranslated

Security & Compliancewshobson/agents

protocol-reverse-engineering

Master network protocol reverse engineering including packet analysis, protocol dissection, and custom protocol documentation. Use when analyzing network traffic, understanding proprietary protocols, or debugging network communication.

🇺🇸|EnglishTranslated