Category

Security

Security audits, vulnerabilities, compliance, auth, secrets, and safe automation

3,621
skills in category
151
pages available
Security grades appear on each card once the skill has been scanned. Newly imported skills may briefly show without a grade until the backfill job runs.
Open in full browser

Browse security skills

Showing 124 of 3,621 skills

crusader-modeA

Full Crusader security-proxy integration for Claude Code. Hunt web/API vulnerabilities (IDOR/BOLA, auth, injection, SSRF/OOB, races) over Crusader's native MCP, confirm with oracles, and turn confirmed bugs into shareable self-proving crusader://poc/ links. Use when testing an app, reproducing a reported bug, or whenever the user mentions Crusader, a proxy hunt, or packaging a proof-of-concept.

securityrustgo
0
sast-analysisA

Perform codebase analysis and architecture mapping as the first phase of a security assessment. Explores the tech stack, frameworks, entry points, data flows, and trust boundaries. Outputs sast/architecture.md. Run this before any vulnerability detection skill. Use when asked to analyze a codebase for security or when sast/architecture.md does not yet exist.

securityrustgo
0
Detecting Broken Object Property Level AuthorizationA

Detect and test for OWASP API3:2023 Broken Object Property Level Authorization

securitypythontesting
0
12
Detecting Bluetooth Low Energy AttacksA

'Detects and analyzes Bluetooth Low Energy (BLE) security attacks including

securitypythongo
0
12
Detecting Azure Service Principal AbuseA

Detect and investigate Azure service principal abuse including privilege

securityshellazure
0
12
Detecting Aws Credential Exposure With TrufflehogD

'Detecting exposed AWS credentials in source code repositories, CI/CD

securitypythongo
0
12
Detecting Attacks On Scada SystemsA

'This skill covers detecting cyber attacks targeting Supervisory Control

securitypythongo
0
12
Detecting Attacks On Historian ServersA

'Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition,

securitypythongo
0
12
Detecting Api Enumeration AttacksA

Detect and prevent API enumeration attacks including BOLA and IDOR exploitation

securitypythonaws
0
12
Deploying Tailscale For Zero Trust VpnD

Deploy and configure Tailscale as a WireGuard-based zero trust mesh VPN

securityrustgo
0
12
Deploying Software Defined PerimeterA

Deploy a Software-Defined Perimeter using the CSA v2.0 specification

securitypythonrust
0
12
Deploying Osquery For Endpoint MonitoringA

'Deploys and configures osquery for real-time endpoint monitoring using

securityrustgo
0
12
Deploying Cloudflare Access For Zero TrustB

'Deploying Cloudflare Access with Cloudflare Tunnel to provide zero trust

securityrustgo
0
12
Deploying Active Directory HoneytokensA

'Deploys deception-based honeytokens in Active Directory including fake

securitypythongo
0
12
Containing Active BreachA

'Executes containment strategies to stop active adversary operations

securitygoshell
0
12
Configuring Zscaler Private Access For ZtnaB

'Configuring Zscaler Private Access (ZPA) to replace traditional VPN

securityrustbash
0
12
Security Story WritingA

Writes security user stories and security-aware acceptance criteria that fit a Scrum backlog, converting threats, scan findings, and compliance requirements into INVEST-compliant stories with Given/When/Then criteria and regression tests. Use this (not general story writing) whenever the story or criteria concern a security control, vulnerability, or compliance requirement. Triggers on: "write a security story", "security acceptance criteria", "acceptance criteria for rate limiting/auth/valid...

securitygoapi
0
4
FortA

Use when the user wants to check, understand, or harden the security of their Mac, or asks whether their laptop is secure and what to fix. Runs a full macOS security audit, explains each finding in plain language (what it is, why it matters, what changing it would affect), and applies only the fixes the user approves. Also produces SOC 2 / ISO 27001 / NIST / CIS evidence on request. Triggers on phrases like "is my Mac secure", "audit my laptop", "harden my Mac", "what security gaps do I have"...

securityrustgo
0
22
Wordpress Penetration TestingA

This skill should be used when the user asks to \"pentest WordPress sites\", \"scan WordPress for vulnerabilities\", \"enumerate WordPress users, themes, or plugins\", \"exploit WordPress vu...

securityjavascriptjava
0
52
Windows Privilege EscalationB

This skill should be used when the user asks to \"escalate privileges on Windows,\" \"find Windows privesc vectors,\" \"enumerate Windows for privilege escalation,\" \"exploit Windows miscon...

securitypythongo
0
52
Vulnerability ScannerA

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

securitypythonrust
0
52
Threat Modeling ExpertA

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use for security architecture r...

securityrustsecurity
0
52
Ssh Penetration TestingF

This skill should be used when the user asks to \"pentest SSH services\", \"enumerate SSH configurations\", \"brute force SSH credentials\", \"exploit SSH vulnerabilities\", \"perform SSH tu...

securitypythongo
0
52
Sql Injection TestingA

This skill should be used when the user asks to \"test for SQL injection vulnerabilities\", \"perform SQLi attacks\", \"bypass authentication using SQL injection\", \"extract database inform...

securitygophp
0
52
...