security-review
A comprehensive security auditing and hardening assistant that applies best practices for authentication, input validation, secrets management, and SQL injection prevention to your codebase.
Discover reusable agent skills, browse implementation details, and find the right skill for your workflow.
89 skills found
A comprehensive security auditing and hardening assistant that applies best practices for authentication, input validation, secrets management, and SQL injection prevention to your codebase.
Conduct automated security assessments of WordPress sites using WPScan, enumeration techniques, and vulnerability scanning for themes, plugins, and users.
Automated security validation, RLS enforcement, OWASP compliance, and vulnerability scanning for AI-assisted development workflows.
Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.
Automated security scanning for n8n workflows: detects credential exposure, validates OAuth flows, tests API key management, and checks data sanitization.
Security advisory monitoring for NanoClaw WhatsApp bots, providing vulnerability scanning, skill safety checks, and integrity protection through MCP tools.
Build, optimize, and maintain production-ready backend systems using Node.js, Python, Go, and Rust. Includes API design, database management, security, and DevOps best practices.
Perform automated security audits, bug detection, and code quality assessments on local branch diffs using a structured, checklist-driven verification process.
Implement robust server-side and client-side input validation using sanitization and allowlists to prevent injection attacks and ensure data integrity.
Map the attack surface of smart contract codebases by identifying and categorizing state-changing entry points.
A security scanner for Claude Skills to detect malicious code, data exfiltration risks, and unauthorized system access before installation.
Automated detection of IDOR vulnerabilities using a three-phase subagent workflow to verify authorization and ownership checks on sensitive endpoints.