Agent Skills Hub

sast-idor

Automated detection of IDOR vulnerabilities using a three-phase subagent workflow to verify authorization and ownership checks on sensitive endpoints.

n8n-security-testing

Automated security scanning for n8n workflows: detects credential exposure, validates OAuth flows, tests API key management, and checks data sanitization.

Data Optimizer Pro

A security scanner for Claude Skills to detect malicious code, data exfiltration risks, and unauthorized system access before installation.

security-audit

Automated security validation, RLS enforcement, OWASP compliance, and vulnerability scanning for AI-assisted development workflows.

constant-time-analysis

Detects timing side-channel vulnerabilities in cryptographic code through static and dynamic analysis across multiple programming languages.

semgrep-rule-creator

Create, test, and validate custom Semgrep rules for security vulnerabilities and code pattern detection.

codeql

Perform deep security analysis on codebases using CodeQL for interprocedural data flow, taint tracking, and automated vulnerability detection across multiple languages.

toh-framework

Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.

entry-point-analyzer

Map the attack surface of smart contract codebases by identifying and categorizing state-changing entry points.

dojo-debug

Diagnose and resolve connection, sync, subscription, and type issues in Dojo.js applications. Use for troubleshooting Torii, entity queries, and state updates.

rt.safety.auditor

Analyze C++ code for real-time safety violations including heap allocations, locks, blocking calls, and non-deterministic operations in high-performance audio threads.

supabase-extract-anon-key

Extracts Supabase anonymous API keys from client-side source code to facilitate RLS testing and security auditing.