toh-framework
Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.
Discover reusable agent skills, browse implementation details, and find the right skill for your workflow.
123 skills found
Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.
Multi-LLM code review pipeline using consensus-based analysis to detect security, architectural, and quality issues.
Performs a structured five-stage code review covering requirements, correctness, code quality, testing, and security. Provides actionable, categorized feedback (Blocker/Major/Minor/Nit) to improve PR quality.
Technical SEO audit skill for crawlability, indexability, and Core Web Vitals analysis. Use to audit webpages, validate schema, and fix technical performance issues.
Advanced Python security vulnerability scanner for Flask, Django, and FastAPI projects. Audits OWASP Top 10, dependencies, hardcoded secrets, and framework-specific flaws.
AI-powered Technical SEO auditor that runs Lighthouse/PageSpeed tests and automatically applies code-level fixes for performance, accessibility, and structured data.
Perform automated security audits, bug detection, and code quality assessments on local branch diffs using a structured, checklist-driven verification process.
Verifies blockchain smart contract code against technical specifications, whitepapers, and design documents to ensure exact implementation compliance.
Analyze C++ code for real-time safety violations including heap allocations, locks, blocking calls, and non-deterministic operations in high-performance audio threads.
Systematic security assessment using STRIDE threat modeling, OWASP top 10 review, and secure coding practices for code, architecture, and infrastructure.
Comprehensive security audit and hardening for AI agents: credential scanning, PII protection, prompt injection defense, and workspace config optimization.
Execute implementation plans in separate sessions with review checkpoints, ensuring task-by-task verification and robust code quality.