Security

web-assessment @Anshin-Health-Solutions

Web security assessment with vulnerability scanning, penetration testing methodology, and professional reporting.

security-audit @Anshin-Health-Solutions

Self-security scan of SuperPAI configuration with graded report

sec-updates @Anshin-Health-Solutions

Security news aggregation from tldrsec, no.security, and other sources.

recon @Anshin-Health-Solutions

Security reconnaissance for authorized targets. Map attack surface, discover assets, enumerate services.

annual-reports @Anshin-Health-Solutions

Annual report aggregation and analysis. Security reports, threat landscape, industry reports.

security-review @alistaircroll

Run security checks before code leaves the machine — secrets scanning (gitleaks), .gitignore hygiene, dependency...

gpc-auth-setup @leszko11

Use when provisioning or verifying gpc authentication, including service-account setup, profile switching, doctor...

security-review @dannypenrose

Enforce security standards when writing or reviewing code that handles authentication, authorization, user input,...

squash @ChrisSimmons

Squash consecutive co-authored commits into one. Always asks for confirmation before proceeding.

opportunity-scanner @clawd-aftermath

>-

dotnet-meziantou-analyzer @managedcode

Use the open-source free `Meziantou.Analyzer` package for design, usage, security, performance, and style rules in...

source-tracker @linliu0210

信息溯源与信源信誉追踪。追溯信息源头（谁先报的、谁说的最准、原作者是谁），长期积累信源画像。Triggers on: 谁先报的, 谁最先说的, 消息来源, 信息溯源, 最早发布, 首发, 源头, 这个消息可信吗, 这是真的吗,...

sec-rx @acardozzo

Code-level security posture evaluation. Scans for OWASP Top 10 vulnerabilities, authentication flaws, injection...

pdf @NIyueeE

Use this skill whenever the user wants to do anything with PDF files. This includes reading or extracting...

unattended-upgrades @renne

Configure and enable unattended-upgrades (automatic security/package updates) on Debian/Ubuntu hosts, including...

add-auth @dperezcabrera

Add JWT authentication to pico-fastapi controllers. Use when protecting endpoints, adding role-based access control,...

sh:analyze @cordsjon

Code quality, security, and performance scan with FIPD-classified findings

base44-migrate @liorarieli-maker

Migrate a Base44 app to Vercel (frontend + serverless functions) and Supabase (PostgreSQL + Auth). Scans the repo,...

security-audit @Interstellar-code

File, directory, or component to audit

security-scan @permafrost0

セキュリティ脆弱性検出の判断基準。security-reviewerが使用する専用知識ベース。

Auth Flow Planner @Notysoty

Designs a secure authentication and authorization flow for any application, covering login, sessions, roles, and edge cases.

onelap-strava-sync @yintianan

Sync OneLap FIT files to Strava and run auth initialization flows. Use when users ask to sync activities, download...

spot @Donald-Ada

Binance Spot request using the Binance API. Authentication requires API key and secret key. Supports testnet,...

margin-trading @Donald-Ada

Binance Margin-trading request using the Binance API. Authentication requires API key and secret key.