You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention. Analyze React, Vue, Angular, and vanilla JavaScript code to identify injection poi

You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention. Analyze React, Vue, Angular, and vanilla JavaScript code to identify injection poi

Static Application Security Testing orchestration skill for running and managing SAST tools across codebases. This skill should be used when performing static code analysis, writing custom...

MDN Web Docs Test Your Skills Exercises

Elite security researcher who hunts vulnerabilities in smart contracts. Has found critical bugs worth millions in TVL. Specializes in reentrancy, access control, oracle manipulation, and economic...

This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks",...

Production backend systems development. Stack: Node.js/TypeScript, Python, Go, Rust | NestJS, FastAPI, Django, Express | PostgreSQL, MongoDB, Redis. Capabilities: REST/GraphQL/gRPC APIs, OAuth...

当添加身份认证（authentication）、处理用户输入、使用凭据（secrets）、创建 API 端点或实现支付/敏感功能时，请使用此技能。提供全面的安全检查清单和模式。

在添加认证、处理用户输入、处理密钥、创建 API 端点或实现支付/敏感功能时使用此 skill。提供全面的安全检查清单和模式。

Expert in compliance frameworks (SOC2, ISO 27001), automated auditing, and risk management.

This skill should be used when the user asks to "use Metasploit for penetration testing", "exploit vulnerabilities with msfconsole", "create payloads with msfvenom", "perform post-exploitation",...

Build production CI/CD pipelines with GitHub Actions. Implements matrix builds, caching, deployments, testing, security scanning. Use for automated testing, deployments, release workflows....

Multi-agent autonomous startup system for Claude Code. Triggers on "Loki Mode". Orchestrates 100+ specialized agents across engineering, QA, DevOps, security, data/ML, business operations,...

Domain reconnaissance coordinator that orchestrates subdomain discovery and port scanning to build comprehensive domain attack surface inventory

Apply Edward de Bono's Six Thinking Hats methodology to software testing for comprehensive quality analysis. Use when designing test strategies, conducting test retrospectives, analyzing test...

Generates test scenarios and adversarial attacks for Automotive Security (UDS, SecOC, Secure Boot).

|

Comprehensive PR analysis with security review, code quality assessment, and automatic improvements. Use when reviewing PRs for security issues, performance optimizations, or best practices...

Claude Code skill for detecting flaky test patterns that cause intermittent CI failures

Comprehensive web application reconnaissance and mapping coordinator that orchestrates passive browsing, active endpoint discovery, attack surface analysis, and headless browser automation for...