data Skills

This skill should be used when the user asks to 'secure my API', 'implement authentication', 'configure Keycloak', 'add authorizat...

Express.js security audit patterns. Load when reviewing Express apps. Covers Helmet.js, CORS, body-parser limits, auth middleware,...

FastAPI security audit patterns. Use when reviewing FastAPI apps (fastapi imports, main.py/app.py, requirements/pyproject with fas...

Universal security checklist and fixes for ANY project type or language

Security-first bash scripting patterns for 2025 (mandatory validation, zero-trust)

Security framework alignment including ISO 27001, SOC 2, NIST CSF 2.0, and CIS Controls mapping

Classifies inbound Telegram messages for telclaude as ALLOW/WARN/BLOCK with brief rationale.

Generate security group generator operations. Auto-activating skill for AWS Skills. Triggers on: security group generator, securit...

Comprehensive security implementation standards. Use when security guardrails guidance is required.

This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, c...

Generates security HTTP headers (CSP, HSTS, CORS, etc.) for web applications to prevent common attacks. Use when user asks to "add...

Generate security headers generator operations. Auto-activating skill for Security Fundamentals. Triggers on: security headers gen...

Creates response procedures for security incidents with containment steps, communication templates, and evidence collection. Use f...

Apply security awareness during code review and implementation. Catches common vulnerabilities without requiring full security aud...

Security controls and structured logging implementation. Use when security logging guidance is required.

Next.js security audit patterns. Load when reviewing Next.js apps (next.config.js present). Covers NEXT_PUBLIC_* exposure, Server...

セキュリティ観測。認可漏れ、インジェクション、機密漏えい、暗号誤用、依存脆弱性を検出。Use when: 認証/認可実装、外部入力処理、依存更新、コミット前チェック、セキュリティレビューして、脅威分析が必要な時。

Security Operations Center (SOC) practices, incident response, SIEM management, and threat hunting following NIST 800-61

Use this skill when you need to perform comprehensive security vulnerability assessments on a codebase. This skill launches the se...

Security Policy Generator - Auto-activating skill for Security Advanced.Triggers on: security policy generator, security policy ge...

Creates repeatable security review checklist for PRs with required checks, common pitfalls, and automated gating. Use for "securit...

Security and privacy engineering

🛡️ Comprehensive security management for festivals including crowd control, threat assessment, emergency response, and staff coor...

Implement authentication, authorization, and security controls. Use for JWT handling, API key management, RBAC, OAuth integration,...

Generate security assessment reports in docx format with findings, risk ratings, and remediation recommendations.Use when: User as...

Comprehensive security analysis with vulnerability detection and remediation tracking

Run security scans locally (Semgrep, Trivy, Gitleaks) to detect vulnerabilities, secrets, and code issues before pushing. Use when...

SAST rules, vulnerability patterns, secret detection, and security scanning configuration

Secret detection patterns and scanning workflow. Auto-loaded by security-reviewer agent for all security audits. Contains regex pa...

Use this agent when performing security audits, vulnerability assessments, or security reviews of code. Triggers on requests like...

Application security patterns - authentication, secrets management, input validation, OWASP Top 10. Use when: auth, JWT, secrets,...

Activate when conducting security analysis using STRIDE threat modeling, vulnerability assessment, and security architecture evalu...

Plan security testing strategies including OWASP testing, penetration test scoping, SAST/DAST integration, and threat-based test c...

Runtime security validation including secret scanning, PII detection, prompt injection defense, audit logging, and output validati...

Security protocols and vendor management expertise from Marcus covering emergency response codes, vendor relations, and operationa...

Vite security audit patterns. Load when reviewing Vite apps (vite.config.ts present). Covers VITE_* exposure, build-time secrets,...

Use when creating backlog tasks from security findings, integrating security scans into workflow states, or managing security reme...

Document security research, CTF solutions, and malware analysis. Includes REPORT.md and STATUS.md templates.

Diagnose seeker development patterns including return problem, knowledge validation, sacred company effects, self-effort vs fate b...

Analyze, validate, and fix issues identified by sentry bot in GitHub Pull Request reviews. Use this when asked to review or addres...

Segal types for synthetic ∞-categories. Binary composites exist uniquely

Manages CDP child segments using `tdx sg` commands with YAML rule configs. Covers filtering with operators (Equal, In, Greater, Ti...

Expert patterns for Segment Customer Data Platform including Analytics.js, server-side tracking, tracking plans with Protocols, id...

Use to design and document customer segments with clear criteria, metrics, and governance.

Explicit-only: pick the next `bd ready` bead via risk-first heuristics; verify dependency/readiness, add missing deps, then mark i...

SUPERSEDED by persistent-cache-gap-filling (v2.8.0). Cache data during symbol selection for instant repeat runs.

FAIL LOUDLY pattern for selection constraints. Trigger when: (1) correlated stocks selected together, (2) min_crypto_positions ign...

작업 완료 후 자가 점검 및 보완 조언