Explore skills
4,610 skills found
Category alert
Get new Segurança skills every Monday
util-review
Review Claude Code skills, hooks, CLAUDE.md files, scripts, or workflow configurations for design flaws, unclosed loops, stale references, side effects, security risks, and portability issues. Use when: 'review this skill', 'audit this hook', '/util-review', 'check this config', or when evaluating any supplementary Claude Code artifact for quality and correctness.
nuget-package-management
Manage NuGet packages using Central Package Management (CPM) and dotnet CLI. Never edit .csproj or Directory.Packages.props XML directly - use dotnet add/remove/list commands. Use shared version variables for related packages. Covers workspaces, security audits, and version management.
ledger-app
Security Skill: Focuses on preventing hardcoded secrets, implementing JWT authentication, and ensuring robust input validation.
code-reviewer
Performs thorough code reviews with actionable, prioritized feedback. Covers correctness, security, performance, readability, and best practices across languages.
security-audit
Comprehensive security and accessibility audit with auto-fix. Spawns 6 agents — two auditors scan in parallel, findings presented by severity for approval, fixes planned with blast radius, applied one-at-a-time with checkpoints, and independently verified.
cyber-neo
Smart read-only cybersecurity audit for local projects. This v0.4.1 cleanup release features verified packaging, install validation, update scripts, and audit profiles.
genai-security-review
Review a genai.recipe.yml or compiled skill bundle for security issues — unsafe tools, network access, hardcoded secrets, overly broad permissions. Use when the user asks for a security review or audit of a Genai skill.
subscription-tracker
Scan a user's Gmail to find upcoming subscription renewals, recurring payments, and billing deadlines. Use this skill whenever the user asks about their subscriptions, recurring charges, upcoming renewals, payment schedules, billing timelines, or wants to audit what services they're paying for. Also trigger when users say things like 'what am I subscribed to', 'when is my next bill', 'show me my r
skill-mcp-security-audit
Security audit for MCP (Model Context Protocol) servers. Detects data exfiltration risks, command injection, permission escalation, and supply chain vulnerabilities before adding MCP servers to your agent.
vibecoding-security
This comprehensive security skill for AI-assisted projects operates in two modes: AUDIT, running a 50-point checklist with quantitative scoring, and PREVENTIVE, guiding secure code generation by consulting vulnerability knowledge bases. It covers OWASP Top 10, cloud-native security (Supabase RLS, Firebase Rules), and payment security.
wcag
Audit a page for WCAG 2.1 AA accessibility issues. Traces the render chain, checks structural/semantic HTML, contrast indicators, ARIA, and outputs a prioritized report.
project-audit
Service-profile-driven project audit. Auto-fires when the user requests audit, review, code review, pre-launch check, security audit, OWASP/SOLID/12-Factor compliance, project skeleton/bootstrap/setup, or any equivalent in any language (e.g., 점검, 감사, 리뷰, 출시 전 검토, 보안 점검, 골조, 셋업). Reads the full 0–10 section checklist from SPEC.md, filters items by grade (🔴🟠🟡🔵⚪) against the user's service profil