toh-framework
Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.
Discover reusable agent skills, browse implementation details, and find the right skill for your workflow.
79 skills found
Security-first auditing framework for AI-generated code. Provides multi-level protection including hardcoded secret detection, dangerous pattern identification, and comprehensive vulnerability audits for modern web applications.
Extracts Supabase anonymous API keys from client-side source code to facilitate RLS testing and security auditing.
A professional bug bounty reporting agent that enforces impact-first writing, CVSS 3.1 scoring, and pre-submit validation for platforms like HackerOne, Bugcrowd, and Intigriti.
Automated detection of IDOR vulnerabilities using a three-phase subagent workflow to verify authorization and ownership checks on sensitive endpoints.
Implement PCI DSS compliance for secure payment processing, cardholder data protection, and audit preparation using standardized security patterns.
Automated security scanning for n8n workflows: detects credential exposure, validates OAuth flows, tests API key management, and checks data sanitization.
Run Semgrep static analysis scans on codebases using parallel subagents, multi-language detection, and Pro-enabled cross-file taint tracking.
A systematic code auditing framework for identifying technical debt, security vulnerabilities, dead code, and code quality issues in software projects.
AI-powered Technical SEO auditor that runs Lighthouse/PageSpeed tests and automatically applies code-level fixes for performance, accessibility, and structured data.
Configure host-based firewalls (UFW, nftables, iptables) and cloud security groups (AWS, GCP, Azure) with production-ready security rules.
Automate regulatory compliance testing for GDPR, CCPA, HIPAA, SOC2, and PCI-DSS to ensure legal adherence, prepare for audits, and secure sensitive data.
Analyze and audit React projects for security, performance, correctness, and architecture issues with actionable diagnostics and scoring.