Explorar skills

Typosquatting detection, install script analysis, dependency confusion prevention, and phantom dependency detection for npm/pip.

Expert EU Cyber Resilience Act (CRA) advisor for Regulation (EU) 2024/2847 — mandatory cybersecurity and vulnerability handling requirements for all products with digital elements (PDEs) sold in the EU. Use this skill for gap analysis, product classification (Default / Class I / Class II), conformity assessment route selection, CE marking, SBOM requirements, vulnerability and incident reporting to

Expert SOC 2 compliance assistant covering all five Trust Services Criteria (Security/CC, Availability/A, Confidentiality/C, Processing Integrity/PI, Privacy/P). Use this skill whenever a user mentions SOC 2, Trust Services Criteria, SOC 2 Type 1 or Type 2, audit readiness, compliance gaps, control documentation, evidence collection, vendor risk questionnaires, or anything related to AICPA service

Expert ISO 27001 compliance assistant for security and compliance teams. Use this skill whenever a user asks about ISO 27001 or ISO/IEC 27001, including any of the following: gap analysis, auditing, compliance assessments, control checklists, policy writing, document generation, Statement of Applicability (SoA), risk assessment, risk registers, risk treatment plans, Annex A controls, ISMS implemen

Checks application security boundaries: secrets, injection, XSS, input validation, and sensitive env defaults. Use when auditing exploitable code paths.

Sets up security scanning for secrets and dependency vulnerabilities. Use when adding security infrastructure to a project.

This skill should be used when the user asks to "audit claude permissions", "audit permissions", "review local claude settings", "promote permissions to global", "clean up claude settings", "find permission patterns", or wants to identify project-local Claude Code permissions that should be added to global configuration.

Usa esta habilidad para asuntos de seguridad, políticas, gobernanza, barandales, cumplimiento y protección, incluyendo comandos bloqueados, operaciones peligrosas, eliminaciones, modificaciones de archivos, comandos de shell, llamadas a API, solicitudes de red y credenciales, o cualquier acción irreversible/destructiva. Reins instala ganchos determinísticos PreToolUse/PostToolUse.

Use whenever security, policies, governance, guardrails, compliance, or safety are relevant — including blocked commands, audit trails, dangerous operations, deletions, file modifications, shell commands, MCP access, API calls, network requests, credentials, or any action that could be irreversible or destructive.

Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling

Patrones de revisión de seguridad profunda para lógica de autorización, límites de acceso a datos, aislamiento de acciones, limitación de tasa y protección de operaciones sensibles.

Utilice para añadir o configurar plugins Maven en su pom.xml, incluyendo herramientas de calidad, escaneo de seguridad, formato de código, gestión de versiones, construcción de imágenes de contenedor, seguimiento de información de compilación y benchmarking. Se ofrece un enfoque consultivo, modular y paso a paso.