README.md

Category: security

• Back: Awesome

Top Tags

• auth (98)
• vulnerability-analysis (95)
• appsec (82)
• vuln-scanning (71)
• audit (71)
• security-audit (68)
• penetration-testing (66)
• compliance (47)
• best-practices (38)
• secrets (35)
• api (26)
• static-analysis (24)
• access-control (21)
• supabase (21)
• binary-analysis (20)
• configuration (19)
• analysis (19)
• backend (19)
• owasp (19)
• threat-modeling (18)
• security-automation (18)
• code-review (17)
• risk-management (16)
• security-hardening (16)
• session-management (14)
• testing (14)
• smart-contract (12)
• jwt (11)
• rbac (11)
• setup (11)

All Skills (400)

Skill	Repo	Summary	⭐	⬇️	Updated	Tags
authentication-setup	supercent-io/skills-template	Setup and manage authentication and authorization systems including JWT, OAuth, and role-based access control.	26	6.2K	2026-03-06	auth, session-management, jwt, oauth, rbac
azure-role-selector	github/awesome-copilot	Helps users select appropriate Azure roles based on required permissions with least privilege access.	24K	6K	2026-03-06	access-control, auth, rbac, azure
security-best-practices	supercent-io/skills-template	Implement security best practices for web apps and infrastructure, covering HTTPS, CORS, XSS, SQL injection, CSRF, rate limiting, and OWASP	26	5K	2026-03-06	best-practices, appsec, web-applications
security-requirement-extraction	wshobson/agents	Extract security requirements from threat models and business context for actionable security measures.	30K	4K	2026-02-21	threat-modeling, requirements, appsec, compliance, risk-management
auth-implementation-patterns	wshobson/agents	Implement authentication and authorization patterns like JWT, OAuth2, session management, and RBAC for secure API access.	30K	2.9K	2026-02-21	auth, api, session-management, rbac, jwt
email-and-password-best-practices	better-auth/skills	Configure email verification, password reset, policies, and hashing for Better Auth. Setup login, sign-up, and credential security.	145	2.7K	2026-03-02	auth, email, best-practices, better-auth
solidity-security	wshobson/agents	Master Solidity smart contract security best practices for auditing, vulnerability prevention, and secure blockchain implementation.	30K	2.6K	2026-02-21	best-practices, security-audit, solidity, smart-contract
organization-best-practices	better-auth/skills	Configure multi-tenant organizations, manage members and roles, and implement RBAC using Better Auth's organization plugin.	145	2.5K	2026-03-02	auth, user-management, better-auth, rbac
k8s-security-policies	wshobson/agents	Implements Kubernetes security policies like NetworkPolicy, PodSecurityPolicy, and RBAC for cluster security and network isolation.	30K	2.4K	2026-02-21	configuration, compliance, kubernetes, network
gdpr-data-handling	wshobson/agents	Implements GDPR-compliant data handling with consent management and privacy by design for systems processing EU personal data.	30K	2.4K	2026-02-21	compliance, data-management, gdpr, privacy
better-auth-security-best-practices	better-auth/skills	Security best practices for better authentication implementation and management	145	2.3K	2026-03-02	best-practices, auth, security-audit, better-auth
two-factor-authentication-best-practices	better-auth/skills	Implement 2FA flows using Better Auth's twoFactor plugin, including TOTP, email/SMS OTP, backup codes, and trusted devices.	145	2.3K	2026-03-02	auth, best-practices, better-auth, mfa, otp
protocol-reverse-engineering	wshobson/agents	Master network protocol reverse engineering, packet analysis, dissection, and documentation for traffic analysis and debugging.	30K	2.2K	2026-02-21	analysis, debugging, network, protocol
memory-forensics	wshobson/agents	Master memory forensics using Volatility for memory acquisition, process analysis, and artifact extraction from RAM dumps during incidents.	30K	2.2K	2026-02-21	analysis, security-audit, binary-analysis, memory
threat-mitigation-mapping	wshobson/agents	Maps identified threats to security controls and mitigations for prioritizing investments and validating effectiveness.	30K	2.2K	2026-02-21	risk-management, compliance, appsec, threat-modeling
sast-configuration	wshobson/agents	Configure SAST tools for automated vulnerability detection in code. Supports DevSecOps and security scanning setup.	30K	2.2K	2026-02-21	appsec, vuln-scanning, automation, devsecops, code
anti-reversing-techniques	wshobson/agents	Understand anti-reversing, obfuscation, and protection techniques for analyzing protected binaries and authorized anti-debugging bypass.	30K	2.1K	2026-02-21	binary-analysis, security-audit, reverse-engineering, software
attack-tree-construction	wshobson/agents	Build comprehensive attack trees to visualize threat paths and identify defense gaps.	30K	2.1K	2026-02-21	threat-modeling, visualization, risk-management, security-documentation
stride-analysis-patterns	wshobson/agents	Apply STRIDE methodology to identify system threats and conduct security analysis.	30K	2.1K	2026-02-21	threat-modeling, analysis, appsec, security-patterns
binary-analysis-patterns	wshobson/agents	Master binary analysis patterns including disassembly, decompilation, and control flow analysis for executables and compiled code.	30K	2.1K	2026-02-21	binary-analysis, static-analysis, code
pci-compliance	wshobson/agents	Implements PCI DSS compliance requirements for secure handling of payment card data and payment systems.	30K	2.1K	2026-02-21	compliance, security-audit, pci-dss, payments
mtls-configuration	wshobson/agents	Configure mutual TLS (mTLS) for secure service-to-service communication in zero-trust networks.	30K	2.1K	2026-02-21	configuration, auth, backend, mtls, zero-trust
api-security-best-practices	sickn33/antigravity-awesome-skills	Implement secure API design patterns including authentication, authorization, input validation, and rate limiting.	21K	2K	2026-03-06	api, best-practices, auth, security-patterns
security-review	sickn33/antigravity-awesome-skills	A skill template designed for performing security reviews and audits on software systems to identify potential risks.	21K	1.8K	2026-03-06	security-audit, review, software, application
security-review	affaan-m/everything-claude-code	Provides a security checklist and patterns for authentication, user input, secrets, API endpoints, and sensitive features.	63K	1.7K	2026-03-05	appsec, audit, auth, secrets, security-patterns
clerk-setup	clerk/skills	Set up Clerk authentication for any project using official quickstart guides.	19	1.7K	2026-03-06	auth, setup, clerk
clerk-orgs	clerk/skills	A skill for managing B2B SaaS organizations with Clerk, including multi-tenancy, role-based access, and SSO.	19	1.3K	2026-03-06	auth, organization, clerk
springboot-security	affaan-m/everything-claude-code	Best practices for Spring Boot security including authentication, authorization, CSRF, and dependency security.	63K	858	2026-03-05	auth, best-practices, secrets, java, spring
semgrep	trailofbits/skills	Runs Semgrep static analysis via parallel subagents. Supports full or security modes to detect vulnerabilities and bugs in multi-language co	3.4K	837	2026-03-06	static-analysis, security-audit, semgrep, code
differential-review	trailofbits/skills	Performs security-focused differential code review for PRs and commits with markdown reporting.	3.4K	820	2026-03-06	code-review, static-analysis, vuln-scanning, git, pull-request
security-reviewer	jeffallan/claude-skills	Identifies security vulnerabilities, generates audit reports with severity ratings, and provides remediation guidance for code and systems.	5.3K	778	2026-03-06	security-audit, vulnerability-analysis, code, devsecops
sharp-edges	trailofbits/skills	Identifies error-prone APIs and dangerous configurations to prevent security mistakes.	3.4K	777	2026-03-06	api, audit, appsec, best-practices, security-hardening
codeql	trailofbits/skills	Scans codebases for security vulnerabilities using CodeQL data flow analysis. Supports multiple scan modes and SARIF output.	3.4K	774	2026-03-06	vuln-scanning, code-analysis, codeql, sarif
secure-workflow-guide	trailofbits/skills	A guide for Trail of Bits' 5-step secure development workflow including Slither scans and security diagram generation.	3.4K	753	2026-03-06	workflows, static-analysis, vuln-scanning, smart-contract, solidity
variant-analysis	trailofbits/skills	Find similar vulnerabilities and bugs using pattern-based analysis across codebases.	3.4K	743	2026-03-06	vuln-scanning, static-analysis, codeql, pattern-detection
audit-context-building	trailofbits/skills	Enables ultra-granular, line-by-line code analysis for building architectural context before vulnerability or bug detection.	3.4K	738	2026-03-06	audit, analysis, static-analysis, codeql, vuln-scanning
django-security	affaan-m/everything-claude-code	Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deploym	63K	714	2026-03-05	best-practices, appsec, django
authenticate-wallet	coinbase/agentic-wallet-skills	Wallet authentication skill for login, connection, and setup operations before wallet transactions	75	712	2026-02-20	auth, setup, wallet, access-control
token-integration-analyzer	trailofbits/skills	Analyzes token implementations for ERC20/ERC721 conformity and checks for unusual patterns.	3.4K	711	2026-03-06	audit, analysis, smart-contract, tokenization
solana-vulnerability-scanner	trailofbits/skills	Scans Solana programs for critical vulnerabilities like arbitrary CPI and PDA validation issues.	3.4K	706	2026-03-06	vuln-scanning, audit, solana, smart-contract
guidelines-advisor	trailofbits/skills	A smart contract development advisor that analyzes codebases for best practices, architecture, upgradeability, and security.	3.4K	704	2026-03-06	audit, best-practices, smart-contract, static-analysis, code-review
sarif-parsing	trailofbits/skills	Parse and analyze SARIF files for security scan results and vulnerability management.	3.4K	693	2026-03-06	static-analysis, vuln-scanning, ci-cd, sarif
spec-to-code-compliance	trailofbits/skills	Verifies blockchain code compliance with specifications for audits and protocol implementations.	3.4K	687	2026-03-06	audit, compliance, blockchain, smart-contract
fuzzing-obstacles	trailofbits/skills	This skill provides techniques for patching code to overcome fuzzing obstacles like checksums and global state.	3.4K	684	2026-03-06	penetration-testing, vuln-scanning, fuzzing
secure-code-guardian	jeffallan/claude-skills	Implements authentication, authorization, and OWASP Top 10 prevention. Handles password hashing, SQL sanitization, input validation, and JWT	5.3K	679	2026-03-06	auth, appsec, jwt, owasp
audit-prep-assistant	trailofbits/skills	An assistant that prepares codebases for security review using Trail of Bits' checklist, including static analysis and documentation generat	3.4K	658	2026-03-06	audit, static-analysis, code-review, trail-of-bits, security-hardening
fullstack-guardian	jeffallan/claude-skills	Builds security-focused full-stack web apps with layered security, auth, and validation across frontend, backend, and database.	5.3K	648	2026-03-06	appsec, coding, fullstack, web-development
code-maturity-assessor	trailofbits/skills	Assesses code maturity using Trail of Bits' 9-category framework with focus on security and best practices.	3.4K	638	2026-03-06	audit, static-analysis, code-review, security-hardening, best-practices
entry-point-analyzer	trailofbits/skills	Analyzes smart contract entry points for security auditing, detecting state-changing functions and categorizing by access level.	3.4K	633	2026-03-06	audit, analysis, smart-contract, solidity, vyper
semgrep-rule-creator	trailofbits/skills	Creates custom Semgrep rules for detecting security vulnerabilities and code patterns.	3.4K	631	2026-03-06	static-analysis, code-review, vuln-scanning, semgrep
firebase-apk-scanner	trailofbits/skills	Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, and authentication issues.	3.4K	614	2026-03-06	vuln-scanning, appsec, mobile, firebase, android
constant-time-analysis	trailofbits/skills	Detects timing side-channel vulnerabilities in cryptographic code across multiple languages.	3.4K	611	2026-03-06	analysis, static-analysis, vuln-scanning, c, cpp
harness-writing	trailofbits/skills	Techniques for writing effective fuzzing harnesses across languages.	3.4K	611	2026-03-06	fuzzing, testing, code-review
fuzzing-dictionary	trailofbits/skills	A skill for creating fuzzing dictionaries to test parsers, protocols, and format-specific code.	3.4K	605	2026-03-06	fuzzing, penetration-testing, vuln-scanning, protocol, parser
cosmos-vulnerability-scanner	trailofbits/skills	Scans Cosmos SDK blockchains for consensus-critical vulnerabilities.	3.4K	603	2026-03-06	vuln-scanning, audit, cosmos, blockchain
algorand-vulnerability-scanner	trailofbits/skills	Scans Algorand smart contracts for common vulnerabilities like rekeying attacks and unchecked fees.	3.4K	600	2026-03-06	vuln-scanning, audit, smart-contract, algorand
substrate-vulnerability-scanner	trailofbits/skills	Scans Substrate/Polkadot pallets for critical vulnerabilities like arithmetic overflow and panic DoS.	3.4K	596	2026-03-06	vuln-scanning, audit, static-analysis, substrate, polkadot
ossfuzz	trailofbits/skills	Provides continuous fuzzing for open source projects to improve security.	3.4K	595	2026-03-06	fuzzing, open-source, security-hardening, vuln-scanning
constant-time-testing	trailofbits/skills	Detects timing side channels in cryptographic code for vulnerability auditing.	3.4K	594	2026-03-06	audit, testing, crypto, security-hardening
wycheproof	trailofbits/skills	Provides test vectors for validating cryptographic implementations against known attacks.	3.4K	593	2026-03-06	testing, crypto, vuln-scanning
ton-vulnerability-scanner	trailofbits/skills	Scans TON smart contracts for critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without g	3.4K	591	2026-03-06	vuln-scanning, audit, smart-contract, ton, blockchain
cairo-vulnerability-scanner	trailofbits/skills	Scans Cairo/StarkNet smart contracts for critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address con	3.4K	590	2026-03-06	vuln-scanning, audit, smart-contract, starknet
aflpp	trailofbits/skills	AFL++ is a fork of AFL with better fuzzing performance and advanced features for multi-core fuzzing of C/C++ projects.	3.4K	589	2026-03-06	fuzzing, c, cpp, testing, security-hardening
ruzzy	trailofbits/skills	A coverage-guided Ruby fuzzer by Trail of Bits for testing Ruby code and C extensions.	3.4K	585	2026-03-06	fuzzing, ruby, trail-of-bits, vuln-scanning
semgrep-rule-variant-creator	trailofbits/skills	Creates language variants of Semgrep rules for cross-language porting.	3.4K	584	2026-03-06	static-analysis, linting, semgrep, rule
security-scan	affaan-m/everything-claude-code	Scan Claude Code configurations for security vulnerabilities, misconfigurations, and injection risks using AgentShield.	63K	527	2026-03-05	vuln-scanning, security-audit, claude, mcp
insecure-defaults	trailofbits/skills	Detects insecure defaults like hardcoded secrets and weak auth in production environments.	3.4K	522	2026-03-06	audit, configuration, secrets, appsec
security-review	getsentry/skills	Security code review for vulnerabilities. Systematic review with confidence-based reporting for injection, XSS, auth issues.	368	520	2026-03-06	security-audit, vulnerability-analysis, code-review, owasp, appsec
senior-security	davila7/claude-code-templates	A comprehensive security engineering skill covering application security, penetration testing, security architecture, and compliance auditin	22K	464	2026-03-07	appsec, penetration-testing, architecture, compliance, audit
better-auth	jezweb/claude-skills	A self-hosted authentication solution for TypeScript/Cloudflare Workers with social login, 2FA, and RBAC.	587	441	2026-03-04	auth, session-management, typescript, cloudflare
auth-wechat-miniprogram	tencentcloudbase/skills	Guide for WeChat Mini Program authentication with CloudBase, covering native login and cloud function integration.	31	435	2026-03-05	auth, wechat, cloudbase
owasp-security	hoodini/ai-agents-skills	Implement secure coding practices based on OWASP Top 10 to prevent vulnerabilities and secure APIs.	119	423	2026-03-05	appsec, best-practices, owasp
yara-rule-authoring	trailofbits/skills	Create high-quality YARA-X rules for malware detection, covering naming, optimization, and false positive reduction.	3.4K	400	2026-03-06	binary-analysis, vulnerability-analysis, rule, yara
security-best-practices	openai/skills	Performs language and framework specific security best-practice reviews and suggests improvements for Python, JavaScript/TypeScript, and Go	12K	398	2026-03-06	best-practices, review, python, javascript, go
firebase-auth	jezweb/claude-skills	A skill for implementing Firebase Authentication with email/password, OAuth, phone auth, and custom tokens.	587	372	2026-03-04	auth, session-management, firebase
vulnerability-scanner	sickn33/antigravity-awesome-skills	An advanced vulnerability scanner focusing on OWASP 2025, supply chain security, and risk prioritization.	21K	361	2026-03-06	vuln-scanning, vulnerability-analysis, appsec, risk-management, owasp
oauth-integrations	jezweb/claude-skills	Implement OAuth 2.0 authentication with GitHub and Microsoft Entra in Cloudflare Workers.	587	361	2026-03-04	auth, oauth, oauth2, cloudflare, azure
cloudflare-turnstile	jezweb/claude-skills	Add bot protection with Cloudflare Turnstile CAPTCHA alternative for forms, login, and spam prevention.	587	353	2026-03-04	appsec, auth, frontend, cloudflare
clerk-auth	sickn33/antigravity-awesome-skills	Expert patterns for Clerk authentication implementation, middleware, organizations, webhooks, and user sync.	21K	349	2026-03-06	auth, clerk, backend
spring-boot-security-jwt	giuseppe-trisciuoglio/developer-kit	JWT authentication and authorization patterns for Spring Boot 3.5.x with JJWT, Bearer/cookie auth, database/OAuth2 integration, and RBAC acc	139	338	2026-03-06	auth, access-control, spring-boot, jwt, oauth2
sensitive-browser	napoleond/sensitive-browser	A skill for executing sensitive browser actions like login and payments securely outside the main agent loop.	0	338	2026-01-29	browser-automation, secrets, cli, auth, payment
azure-auth	jezweb/claude-skills	Azure AD authentication for React SPAs with MSAL.js and Cloudflare Workers JWT validation.	587	334	2026-03-04	auth, azure, react, jwt, cloudflare
security-compliance	davila7/claude-code-templates	Helps security professionals implement secure architectures and comply with standards like SOC2, ISO27001, GDPR, and HIPAA.	22K	326	2026-03-07	compliance, architecture, appsec, gdpr, iso27001
cybersecurity-analyst	rysweet/amplihack	Analyzes cybersecurity events using threat modeling, attack surface analysis, and risk-based frameworks like MITRE ATT&CK.	30	325	2026-03-07	vulnerability-analysis, risk-management, threat-modeling, security-automation, zero-trust
clerk-auth	jezweb/claude-skills	A skill for Clerk authentication with API keys, Next.js middleware, and webhook handling.	587	315	2026-03-04	auth, api, clerk, nextjs
differential-fuzzer	tursodatabase/turso	A skill for using a differential fuzzer tool to find bugs in Turso.	18K	314	2026-03-06	fuzzing, turso, vuln-scanning
auth-web-cloudbase	tencentcloudbase/skills	Provides Web frontend authentication solutions with multiple login methods and user management for CloudBase.	31	295	2026-03-05	auth, frontend, cloudbase
mcp-oauth-cloudflare	jezweb/claude-skills	Adds OAuth authentication to MCP servers on Cloudflare Workers with Google OAuth for Claude.ai compatibility.	587	294	2026-03-04	auth, api, cloudflare, oauth, mcp
auth-tool-cloudbase	tencentcloudbase/skills	Configure and manage authentication providers for web apps using CloudBase Auth tool.	31	294	2026-03-05	auth, access-control, cloudbase
auth-nodejs-cloudbase	tencentcloudbase/skills	A complete guide for CloudBase Auth using the CloudBase Node SDK, covering caller identity, user lookup, custom login tickets, and server-si	31	293	2026-03-05	auth, best-practices, backend, cloudbase, nodejs
burpsuite-project-parser	trailofbits/skills	A CLI tool for parsing and exploring Burp Suite project files to analyze HTTP traffic and security findings.	3.4K	277	2026-03-06	penetration-testing, cli, burpsuite
red-team-tactics	sickn33/antigravity-awesome-skills	A skill focused on red team tactics based on MITRE ATT&CK framework for attack phases, detection evasion, and reporting.	21K	276	2026-03-06	penetration-testing, vulnerability-analysis, security-hardening
security-threat-model	openai/skills	Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations in Markdow	12K	271	2026-03-06	threat-modeling, appsec, security-audit, codebase, markdown
aws-sdk-java-v2-kms	giuseppe-trisciuoglio/developer-kit	AWS KMS patterns for Java 2.x SDK covering encryption keys, data encryption/decryption, key rotation, and Spring Boot integration.	139	264	2026-03-06	encryption, secrets, aws, java, spring-boot
senior-secops	davila7/claude-code-templates	A comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices.	22K	254	2026-03-07	appsec, compliance, vuln-scanning, security-automation, audit
api-security-hardening	aj-geddes/useful-ai-prompts	Hardens REST APIs with authentication, rate limiting, CORS, and input validation.	112	247	2026-03-04	api, auth, security-hardening
clawdstrike	cantinaxyz/clawdstrike	Security audit and threat model for OpenClaw gateway hosts. Verifies configuration, exposure, skills/plugins, filesystem hygiene, and produc	17	241	2026-02-05	security-audit, vulnerability-analysis, openclaw, gateway
skill-scanner	getsentry/skills	Scans agent skills for security issues like prompt injection, malicious scripts, and supply chain risks to ensure safe installation.	368	225	2026-03-06	security-audit, vuln-scanning, agentic-systems, llm
security-review	davila7/claude-code-templates	Provides a security checklist and patterns for authentication, user input, secrets, API endpoints, and sensitive features.	22K	222	2026-03-07	appsec, audit, auth, secrets, security-patterns
top-100-web-vulnerabilities-reference	sickn33/antigravity-awesome-skills	Reference guide for top 100 web vulnerabilities providing comprehensive security insights and best practices for web application protection.	21K	211	2026-03-06	vulnerability-analysis, security-audit, reference
api-fuzzing-for-bug-bounty	sickn33/antigravity-awesome-skills	API fuzzing for bug bounty hunting to discover security vulnerabilities through automated testing	21K	210	2026-03-06	api, fuzzing, bug-bounty, vulnerability-analysis, security-audit
senior-security	alirezarezvani/claude-skills	A security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing with OWASP guidance	2.6K	210	2026-03-07	threat-modeling, vulnerability-analysis, penetration-testing, security-automation, appsec
better-auth-best-practices	better-auth/skills	Best practices and guidelines for implementing authentication securely, focusing on the Better Auth library or general standards.	145	206	2026-03-02	auth, best-practices, better-auth
senior-secops	alirezarezvani/claude-skills	A comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices.	2.6K	201	2026-03-07	appsec, compliance, vuln-scanning, security-automation, audit
api-security-best-practices	davila7/claude-code-templates	Implement secure API design patterns including authentication, authorization, input validation, and rate limiting.	22K	198	2026-03-07	api, best-practices, auth, security-patterns
security-auditor	sickn33/antigravity-awesome-skills	A security auditor skill focused on DevSecOps, cybersecurity, and compliance frameworks with vulnerability assessment and threat modeling ca	21K	194	2026-03-06	audit, compliance, devsecops, vulnerability-analysis, owasp
security-ownership-map	openai/skills	Analyze git repositories to build security ownership topology, compute bus factor and sensitive-code ownership, and export for graph databas	12K	192	2026-03-06	analysis, security-audit, git, visualization
wordpress-penetration-testing	sickn33/antigravity-awesome-skills	A skill for conducting comprehensive WordPress security assessments including vulnerability scanning and penetration testing.	21K	191	2026-03-06	penetration-testing, vuln-scanning, wordpress
cross-site-scripting-and-html-injection-testing	sickn33/antigravity-awesome-skills	Testing for cross-site scripting and HTML injection vulnerabilities in web applications	21K	190	2026-03-06	vulnerability-analysis, web-testing, xss, html, security-audit
security-scanning-tools	sickn33/antigravity-awesome-skills	Security scanning tools for vulnerability detection and security assessment	21K	190	2026-03-06	security-audit, vuln-scanning, vulnerability-analysis, appsec, compliance
shodan-reconnaissance-and-pentesting	sickn33/antigravity-awesome-skills	Shodan-based reconnaissance and penetration testing for security assessment and vulnerability discovery.	21K	189	2026-03-06	reconnaissance, penetration-testing, shodan, vulnerability-analysis, security-audit
wireshark-network-traffic-analysis	sickn33/antigravity-awesome-skills	Wireshark network traffic analysis tool for capturing and analyzing network packets	21K	189	2026-03-06	traffic-analysis, wireshark, security-audit, monitoring
owasp-top-10	nickcrew/claude-ctx-plugin	OWASP Top 10 security vulnerabilities with detection and remediation patterns for security audits and secure coding.	12	189	2026-03-06	security-audit, vulnerability-analysis, owasp, secure-coding, compliance
healthcheck	steipete/clawdis	Security healthcheck for OpenClaw deployments including hardening, risk assessment, and periodic security checks.	272K	188	2026-03-07	security-audit, hardening, openclaw, cron
cloud-penetration-testing	sickn33/antigravity-awesome-skills	Perform cloud penetration testing and security assessments across major cloud platforms like Azure, AWS, and GCP.	21K	188	2026-03-06	penetration-testing, vulnerability-analysis, cloud, azure, aws
burp-suite-web-application-testing	sickn33/antigravity-awesome-skills	Web application security testing with Burp Suite for vulnerability detection and penetration testing	21K	187	2026-03-06	web-testing, penetration-testing, vulnerability-analysis, burpsuite
linux-privilege-escalation	sickn33/antigravity-awesome-skills	A skill for identifying and exploiting Linux privilege escalation paths.	21K	187	2026-03-06	penetration-testing, vulnerability-analysis, privilege-escalation, linux
gdpr-dsgvo-expert	davila7/claude-code-templates	A senior GDPR/DSGVO expert for data protection compliance and privacy audits.	22K	186	2026-03-07	compliance, audit, legal, gdpr, privacy
red-team-tools-and-methodology	sickn33/antigravity-awesome-skills	Red team tools and methodology for security testing and vulnerability assessment	21K	186	2026-03-06	security-audit, vulnerability-analysis, penetration-testing, methodology
sqlmap-database-penetration-testing	sickn33/antigravity-awesome-skills	SQLMap database penetration testing skill for identifying and exploiting SQL injection vulnerabilities in web applications.	21K	186	2026-03-06	penetration-testing, databases, sqlmap, security-audit, vulnerability-analysis
active-directory-attacks	sickn33/antigravity-awesome-skills	A skill for conducting Active Directory attacks and penetration testing.	21K	183	2026-03-06	penetration-testing, vulnerability-analysis, windows-domain
broken-authentication-testing	sickn33/antigravity-awesome-skills	Testing for broken authentication vulnerabilities in web applications to identify security weaknesses.	21K	183	2026-03-06	testing, vulnerability-analysis, auth
file-path-traversal-testing	sickn33/antigravity-awesome-skills	Testing for file path traversal vulnerabilities to prevent unauthorized access to sensitive files and directories.	21K	183	2026-03-06	vulnerability-analysis, security-audit, file-storage
network-101	sickn33/antigravity-awesome-skills	A skill for setting up web servers, configuring network services, and performing penetration testing tasks.	21K	183	2026-03-06	penetration-testing, networking, configuration, setup, testing
information-security-manager-iso27001	alirezarezvani/claude-skills	An ISO 27001 ISMS implementation skill for HealthTech and MedTech companies, covering security risk assessment, control implementation, and	2.6K	183	2026-03-07	compliance, risk-management, iso27001, healthcare, medtech
code-security	semgrep/skills	Provides security guidelines for writing secure code, useful for code review and vulnerability checking.	136	181	2026-03-02	best-practices, code-review, coding, code-quality
html-injection-testing	sickn33/antigravity-awesome-skills	A skill for testing HTML injection vulnerabilities and performing related security assessments.	21K	179	2026-03-06	penetration-testing, vulnerability-analysis, appsec, html
windows-privilege-escalation	sickn33/antigravity-awesome-skills	A skill for identifying and exploiting Windows privilege escalation vulnerabilities.	21K	178	2026-03-06	penetration-testing, vulnerability-analysis, privilege-escalation, windows
data-privacy-compliance	davila7/claude-code-templates	A specialist skill for ensuring data privacy and regulatory compliance with GDPR, CCPA, HIPAA, and other international data protection laws.	22K	176	2026-03-07	compliance, legal, privacy, gdpr, ccpa
idor-vulnerability-testing	sickn33/antigravity-awesome-skills	Tests for IDOR (Insecure Direct Object Reference) vulnerabilities in web applications	21K	175	2026-03-06	vulnerability-analysis, testing, appsec
smtp-penetration-testing	sickn33/antigravity-awesome-skills	A skill for performing SMTP penetration testing and assessing mail server security.	21K	175	2026-03-06	penetration-testing, vulnerability-analysis, email, server
information-security-manager-iso27001	davila7/claude-code-templates	An expert in ISO 27001 and ISO 27002 implementation for HealthTech and MedTech companies, providing ISMS design and cybersecurity risk asses	22K	174	2026-03-07	compliance, risk-management, iso27001, healthcare, medtech
metasploit-framework	sickn33/antigravity-awesome-skills	A skill for using the Metasploit Framework in security assessments, including penetration testing and vulnerability exploitation.	21K	170	2026-03-06	penetration-testing, vuln-scanning, metasploit
gdpr-dsgvo-expert	alirezarezvani/claude-skills	Automates GDPR and DSGVO compliance checks, DPIA documentation, and data subject rights management.	2.6K	170	2026-03-07	compliance, audit, privacy
isms-audit-expert	alirezarezvani/claude-skills	An expert skill for auditing Information Security Management Systems to ensure ISO 27001 compliance.	2.6K	170	2026-03-07	audit, compliance, iso27001
security-compliance-audit	aj-geddes/useful-ai-prompts	Conduct comprehensive security compliance audits for SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001.	112	170	2026-03-04	compliance, audit, soc-2, gdpr, hipaa
backend-security-coder	sickn33/antigravity-awesome-skills	A skill focused on secure backend coding practices including input validation, authentication, and API security.	21K	168	2026-03-06	backend, auth, secure-coding
privilege-escalation-methods	sickn33/antigravity-awesome-skills	A skill for guiding users through privilege escalation techniques on Linux and Windows systems.	21K	167	2026-03-06	penetration-testing, vulnerability-analysis, privilege-escalation, linux, windows
access-control-rbac	aj-geddes/useful-ai-prompts	Implement Role-Based Access Control (RBAC) for secure permission management.	112	166	2026-03-04	auth, access-control, rbac, backend, best-practices
security-scanning-security-hardening	sickn33/antigravity-awesome-skills	Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.	21K	159	2026-03-06	security-audit, vulnerability-analysis, compliance, application, infrastructure
security-testing	aj-geddes/useful-ai-prompts	A skill for identifying security vulnerabilities using SAST, DAST, penetration testing, and dependency scanning.	112	157	2026-03-04	vuln-scanning, penetration-testing, security-automation, owasp, sql-injection
top-100-web-vulnerabilities-reference	davila7/claude-code-templates	Reference guide for top 100 web vulnerabilities providing comprehensive security insights and best practices for web application protection.	22K	155	2026-03-07	vulnerability-analysis, security-audit, reference
vulnerability-scanner	davila7/claude-code-templates	An advanced vulnerability scanner focusing on OWASP 2025, supply chain security, and risk prioritization.	22K	153	2026-03-07	vuln-scanning, vulnerability-analysis, appsec, risk-management, owasp
claude-settings-audit	getsentry/skills	Audit repository settings for Claude Code permissions and detect tech stack.	368	151	2026-03-06	audit, configuration, claude, settings
api-rate-limiting	aj-geddes/useful-ai-prompts	Implement API rate limiting using token bucket, sliding window, and fixed window algorithms to protect APIs from abuse.	112	148	2026-03-04	api, rate-limiting, backend
mapbox-token-security	mapbox/mapbox-agent-skills	Security best practices for Mapbox access tokens, including scope management, URL restrictions, rotation strategies, and protecting sensitiv	15	145	2026-03-07	best-practices, secrets, mapbox, auth
compliance	anthropics/knowledge-work-plugins	Navigate privacy regulations (GDPR, CCPA), review DPAs, and handle data subject requests for compliance assessment.	8.7K	143	2026-03-06	compliance, legal, review, assessment, gdpr
frontend-security-coder	sickn33/antigravity-awesome-skills	A skill focused on secure frontend coding practices, including XSS prevention and client-side security.	21K	140	2026-03-06	frontend, appsec, code-review, xss, output-sanitization
security-review	zackkorman/skills	Perform security reviews and audit codebases for vulnerabilities.	15	140	2026-03-05	audit, vuln-scanning, code-review, security-hardening
sql-injection-testing	davila7/claude-code-templates	A skill for testing SQL injection vulnerabilities and exploiting database query flaws.	22K	137	2026-03-07	penetration-testing, vuln-scanning, appsec, database
isms-audit-expert	davila7/claude-code-templates	A senior ISMS audit expert for ISO 27001 compliance and security control assessment.	22K	134	2026-03-07	audit, compliance, iso27001
reverse-engineering-tools	gmh5225/awesome-game-security	A guide for reverse engineering tools and techniques used in game security research.	2.7K	134	2026-03-06	binary-analysis, debugging, vulnerability-analysis, game-development, anti-cheat
create-auth-skill	better-auth/skills	Skill template for creating authentication logic or setup.	145	134	2026-03-02	auth, setup, access-control
api-authentication	aj-geddes/useful-ai-prompts	Secure API authentication using JWT, OAuth 2.0, API keys, and session management.	112	134	2026-03-04	auth, api, session-management, jwt, oauth2
prompt-guard	seojoonkim/prompt-guard	Prompt injection defense with 577+ patterns, optional API, tiered loading, hash cache, 11 SHIELD categories, 10 languages support.	111	133	2026-03-05	prompting, appsec, api
llm-security	semgrep/skills	Provides security guidelines for LLM applications based on OWASP Top 10 for LLM 2025.	136	132	2026-03-02	appsec, llm, owasp
security-scanning-tools	davila7/claude-code-templates	Security scanning tools for vulnerability detection and security assessment	22K	131	2026-03-07	security-audit, vuln-scanning, vulnerability-analysis, appsec, compliance
oauth-implementation	aj-geddes/useful-ai-prompts	Implement secure OAuth 2.0, OpenID Connect (OIDC), JWT authentication, and SSO integration for web and mobile apps.	112	131	2026-03-04	auth, api, oauth, oauth2, jwt
red-team-tactics	davila7/claude-code-templates	A skill focused on red team tactics based on MITRE ATT&CK framework for attack phases, detection evasion, and reporting.	22K	130	2026-03-07	penetration-testing, vulnerability-analysis, security-hardening
semgrep	semgrep/skills	Run Semgrep static analysis scans and create custom detection rules for security vulnerabilities and bug patterns.	136	130	2026-03-02	static-analysis, code-analysis, vulnerability-analysis, security-audit, semgrep
pentest-checklist	davila7/claude-code-templates	A skill for creating structured penetration test checklists and defining security assessment scopes.	22K	127	2026-03-07	penetration-testing, planning, best-practices
frontend-mobile-security-xss-scan	sickn33/antigravity-awesome-skills	Detects and prevents Cross-Site Scripting (XSS) vulnerabilities in frontend code.	21K	126	2026-03-06	vuln-scanning, frontend, xss, appsec
data-encryption	aj-geddes/useful-ai-prompts	Implement strong encryption using AES, RSA, TLS, and proper key management for data at rest, in transit, or end-to-end encryption.	112	125	2026-03-04	secrets, data-management, encryption, auth, compliance
security-audit-logging	aj-geddes/useful-ai-prompts	Implement comprehensive security audit logging for compliance, forensics, and SIEM integration.	112	125	2026-03-04	audit, compliance, logging
red-team-tools-and-methodology	davila7/claude-code-templates	Red team tools and methodology for security testing and vulnerability assessment	22K	124	2026-03-07	security-audit, vulnerability-analysis, penetration-testing, methodology
pentest-commands	davila7/claude-code-templates	Provides essential penetration testing command references for network scanning, vulnerability assessment, and exploit usage.	22K	123	2026-03-07	penetration-testing, vuln-scanning, nmap, metasploit, nikto
auth-implementation-patterns	sickn33/antigravity-awesome-skills	Implement authentication and authorization patterns like JWT, OAuth2, session management, and RBAC for secure API access.	21K	121	2026-03-06	auth, api, session-management, rbac, jwt
penetration-testing	aj-geddes/useful-ai-prompts	Ethical hacking and security testing using penetration testing tools and exploit frameworks.	112	121	2026-03-04	penetration-testing, vulnerability-analysis, appsec, security-automation
api-fuzzing-for-bug-bounty	davila7/claude-code-templates	API fuzzing for bug bounty hunting to discover security vulnerabilities through automated testing	22K	118	2026-03-07	api, fuzzing, bug-bounty, vulnerability-analysis, security-audit
vulnerability-scanning	aj-geddes/useful-ai-prompts	Automated vulnerability detection using OWASP tools and CVE databases for security audits and compliance checks.	112	118	2026-03-04	vuln-scanning, vulnerability-analysis, audit, owasp, security-automation
incident-response-plan	aj-geddes/useful-ai-prompts	Create and execute incident response procedures for security breaches, data leaks, and cyber attacks.	112	117	2026-03-04	incident-response, security-automation, risk-management, security-documentation
ethical-hacking-methodology	davila7/claude-code-templates	A skill for learning ethical hacking methodologies, including penetration testing lifecycle, reconnaissance, and vulnerability exploitation.	22K	116	2026-03-07	penetration-testing, vuln-scanning, appsec, security-automation
html-injection-testing	davila7/claude-code-templates	A skill for testing HTML injection vulnerabilities and performing related security assessments.	22K	116	2026-03-07	penetration-testing, vulnerability-analysis, appsec, html
codebase-cleanup-deps-audit	sickn33/antigravity-awesome-skills	Audit project dependencies for vulnerabilities, licensing issues, and outdated packages with actionable remediation strategies.	21K	116	2026-03-06	audit, dependency-management, vuln-scanning, codebase
convex-security-check	waynesutton/convexskills	Security audit checklist for Convex applications covering auth, function exposure, validation, RLS, and env var handling.	343	116	2026-02-06	audit, security-audit, convex, access-control, auth
convex-security-audit	waynesutton/convexskills	Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive ope	343	115	2026-02-06	security-audit, appsec, auth, rate-limiting, convex
clerk-auth	davila7/claude-code-templates	Expert patterns for Clerk authentication implementation, middleware, organizations, webhooks, and user sync.	22K	114	2026-03-07	auth, clerk, backend
rate-limiting-implementation	aj-geddes/useful-ai-prompts	Implement rate limiting, throttling, and API quotas to protect services from abuse and manage system load.	112	114	2026-03-04	api, backend, rate-limiting, monitoring
security-headers-configuration	aj-geddes/useful-ai-prompts	Configure HTTP security headers for web application hardening.	112	114	2026-03-04	configuration, appsec, web-server
sqlmap-database-penetration-testing	davila7/claude-code-templates	SQLMap database penetration testing skill for identifying and exploiting SQL injection vulnerabilities in web applications.	22K	113	2026-03-07	penetration-testing, databases, sqlmap, security-audit, vulnerability-analysis
burp-suite-web-application-testing	davila7/claude-code-templates	Web application security testing with Burp Suite for vulnerability detection and penetration testing	22K	112	2026-03-07	web-testing, penetration-testing, vulnerability-analysis, burpsuite
cross-site-scripting-and-html-injection-testing	davila7/claude-code-templates	Testing for cross-site scripting and HTML injection vulnerabilities in web applications	22K	112	2026-03-07	vulnerability-analysis, web-testing, xss, html, security-audit
mobile-security-coder	sickn33/antigravity-awesome-skills	A skill focused on secure mobile coding practices, including input validation and WebView security.	21K	112	2026-03-06	appsec, mobile, secure-coding
cloud-penetration-testing	davila7/claude-code-templates	Perform cloud penetration testing and security assessments across major cloud platforms like Azure, AWS, and GCP.	22K	111	2026-03-07	penetration-testing, vulnerability-analysis, cloud, azure, aws
wireshark-network-traffic-analysis	davila7/claude-code-templates	Wireshark network traffic analysis tool for capturing and analyzing network packets	22K	110	2026-03-07	traffic-analysis, wireshark, security-audit, monitoring
security-review-2	zackkorman/skills	A general skill for performing security reviews and auditing codebases for vulnerabilities. ALWAYS run this at the end of each task.	15	110	2026-03-05	security-audit, vulnerability-analysis, code-review, appsec
shodan-reconnaissance-and-pentesting	davila7/claude-code-templates	Shodan-based reconnaissance and penetration testing for security assessment and vulnerability discovery.	22K	109	2026-03-07	reconnaissance, penetration-testing, shodan, vulnerability-analysis, security-audit
ssh-penetration-testing	davila7/claude-code-templates	A skill for conducting comprehensive SSH penetration testing, including configuration enumeration, credential brute-forcing, and vulnerabili	22K	109	2026-03-07	penetration-testing, vulnerability-analysis, ssh
reverse-engineer	sickn33/antigravity-awesome-skills	A skill for expert reverse engineering including binary analysis, disassembly, and vulnerability research using tools like IDA Pro and Ghidr	21K	109	2026-03-06	binary-analysis, vulnerability-analysis, vuln-scanning
drupal-security	madsnorgaard/agent-resources	Drupal security expertise that auto-activates to prevent XSS, SQL injection, and access bypass vulnerabilities.	32	108	2026-03-06	security-audit, appsec, drupal, vulnerability-analysis
broken-authentication-testing	davila7/claude-code-templates	Testing for broken authentication vulnerabilities in web applications to identify security weaknesses.	22K	107	2026-03-07	testing, vulnerability-analysis, auth
active-directory-attacks	davila7/claude-code-templates	A skill for conducting Active Directory attacks and penetration testing.	22K	105	2026-03-07	penetration-testing, vulnerability-analysis, windows-domain
aws-penetration-testing	davila7/claude-code-templates	A skill for conducting AWS security assessments including IAM enumeration, S3 bucket testing, and privilege escalation.	22K	105	2026-03-07	penetration-testing, vulnerability-analysis, aws, appsec
wordpress-penetration-testing	davila7/claude-code-templates	A skill for conducting comprehensive WordPress security assessments including vulnerability scanning and penetration testing.	22K	105	2026-03-07	penetration-testing, vuln-scanning, wordpress
session-management	aj-geddes/useful-ai-prompts	Manage user sessions securely with JWT tokens, refresh, logout, and CSRF protection.	112	105	2026-03-04	auth, session-management, jwt
idor-vulnerability-testing	davila7/claude-code-templates	Tests for IDOR (Insecure Direct Object Reference) vulnerabilities in web applications	22K	104	2026-03-07	vulnerability-analysis, testing, appsec
linux-privilege-escalation	davila7/claude-code-templates	A skill for identifying and exploiting Linux privilege escalation paths.	22K	104	2026-03-07	penetration-testing, vulnerability-analysis, privilege-escalation, linux
privilege-escalation-methods	davila7/claude-code-templates	A skill for guiding users through privilege escalation techniques on Linux and Windows systems.	22K	104	2026-03-07	penetration-testing, vulnerability-analysis, privilege-escalation, linux, windows
smtp-penetration-testing	davila7/claude-code-templates	A skill for performing SMTP penetration testing and assessing mail server security.	22K	104	2026-03-07	penetration-testing, vulnerability-analysis, email, server
sql-injection-prevention	aj-geddes/useful-ai-prompts	Prevent SQL injection attacks using prepared statements and input validation.	112	104	2026-03-04	appsec, databases, sql-injection
ssl-certificate-management	aj-geddes/useful-ai-prompts	Automated SSL/TLS certificate management with provisioning, renewal, and monitoring.	112	104	2026-03-04	secrets, monitoring, automation, certificate, tls
network-101	davila7/claude-code-templates	A skill for setting up web servers, configuring network services, and performing penetration testing tasks.	22K	103	2026-03-07	penetration-testing, networking, configuration, setup, testing
cloud-security-configuration	aj-geddes/useful-ai-prompts	Configure cloud security across AWS, Azure, and GCP with IAM, encryption, and network security.	112	103	2026-03-04	configuration, compliance, cloud, aws, azure
file-path-traversal-testing	davila7/claude-code-templates	Testing for file path traversal vulnerabilities to prevent unauthorized access to sensitive files and directories.	22K	102	2026-03-07	vulnerability-analysis, security-audit, file-storage
metasploit-framework	davila7/claude-code-templates	A skill for using the Metasploit Framework in security assessments, including penetration testing and vulnerability exploitation.	22K	102	2026-03-07	penetration-testing, vuln-scanning, metasploit
threat-modeling-expert	sickn33/antigravity-awesome-skills	Expert in threat modeling, security architecture review, and risk assessment using STRIDE, PASTA, and attack trees.	21K	102	2026-03-06	appsec, architecture, risk-management, threat-modeling
csrf-protection	aj-geddes/useful-ai-prompts	Implement CSRF protection using tokens, SameSite cookies, and origin validation for web applications.	112	102	2026-03-04	appsec, auth, backend
license-keys	dodopayments/skills	A guide for implementing license key management with Dodo Payments, including activation, validation, and access control.	7	102	2026-03-05	auth, payment, dodo-payments
security-documentation	aj-geddes/useful-ai-prompts	Generate security policies, guidelines, and compliance documentation.	112	101	2026-03-04	documentation, compliance, best-practices, security-documentation
zero-trust-architecture	aj-geddes/useful-ai-prompts	Implement a Zero Trust security model with identity verification, microsegmentation, and continuous monitoring for secure cloud-native apps.	112	99	2026-03-04	architecture, zero-trust, vuln-scanning
1password	steipete/clawdis	A skill for setting up and using 1Password CLI to manage secrets and authentication.	272K	97	2026-03-07	secrets, cli, setup, 1password
windows-privilege-escalation	davila7/claude-code-templates	A skill for identifying and exploiting Windows privilege escalation vulnerabilities.	22K	97	2026-03-07	penetration-testing, vulnerability-analysis, privilege-escalation, windows
better-auth	mrgoonie/claudekit-skills	A framework-agnostic TypeScript authentication framework with features like OAuth, 2FA, and RBAC.	1.8K	96	2026-02-04	auth, session-management, backend, api, access-control
secrets-management	aj-geddes/useful-ai-prompts	Manages secrets using HashiCorp Vault, AWS Secrets Manager, or Kubernetes Secrets for secure credential storage and rotation.	112	96	2026-03-04	secrets, configuration, auth, kubernetes, aws
xss-prevention	aj-geddes/useful-ai-prompts	Prevent Cross-Site Scripting (XSS) attacks using input sanitization, output encoding, and CSP.	112	96	2026-03-04	appsec, web-research, xss
security-scanning-security-dependencies	sickn33/antigravity-awesome-skills	Security expert for dependency vulnerability analysis, SBOM generation, and supply chain security scanning across ecosystems.	21K	95	2026-03-06	vulnerability-analysis, dependency-management, security-audit, appsec, sbom
osint	danielmiessler/personal_ai_infrastructure	Open source intelligence gathering for OSINT, due diligence, background checks, and research on persons or companies.	9.6K	93	2026-03-02	intelligence, osint, background-check, due-diligence, vuln-scanning
network-security-groups	aj-geddes/useful-ai-prompts	Configure network security groups and firewall rules for traffic control and network segmentation.	112	91	2026-03-04	configuration, networking, firewall
secrets-rotation	aj-geddes/useful-ai-prompts	Automated secrets rotation for API keys, credentials, certificates, and encryption keys.	112	91	2026-03-04	secrets, automation, compliance, security-hardening
api-security-review	bobmatnyc/claude-mpm-skills	A checklist for API security review before deployment, focusing on authentication, authorization, and input validation.	18	91	2026-02-20	api, appsec, audit, rest-api
security-compliance-compliance-check	sickn33/antigravity-awesome-skills	Compliance expert for regulatory requirements including GDPR, HIPAA, SOC2, PCI-DSS with audit and implementation guidance	21K	89	2026-03-06	compliance, audit, regulatory, gdpr, hipaa
ghidra	mitsuhiko/agent-stuff	Analyze and reverse engineer binaries using Ghidra's headless mode for decompilation and function extraction.	1.5K	89	2026-03-04	binary-analysis, code-analysis, ghidra
ctf-web	ljagiello/ctf-skills	Offers web exploitation techniques for CTF challenges, covering XSS, SQLi, SSRF, JWT attacks, and common web security vulnerabilities for pr	19	89	2026-03-04	penetration-testing, vulnerability-analysis, ctf, web-security
wordpress-security-validation	bobmatnyc/claude-mpm-skills	A security-focused WordPress development skill emphasizing nonces, sanitization, and escaping to prevent XSS, CSRF, and SQL injection.	18	88	2026-02-20	appsec, wordpress, security-hardening
security-scanning-security-sast	sickn33/antigravity-awesome-skills	Perform static application security testing (SAST) for code vulnerability analysis across multiple languages and frameworks.	21K	87	2026-03-06	vuln-scanning, static-analysis, code-analysis, security-automation, appsec
axiom-privacy-ux	charleswiltgen/axiom	A skill for implementing privacy manifests, permissions, and App Tracking Transparency UX on Apple platforms.	581	87	2026-03-05	privacy, ux, apple, app-store
security	alinaqi/claude-bootstrap	A skill focused on OWASP security patterns, secrets management, and security testing.	527	87	2026-02-14	appsec, secrets, security-patterns, owasp
axiom-file-protection-ref	charleswiltgen/axiom	Provides comprehensive reference for iOS file encryption and data protection APIs.	581	86	2026-03-05	api, encryption, ios, file-storage
secrets-management	sickn33/antigravity-awesome-skills	Manage secrets securely in CI/CD pipelines using Vault, AWS Secrets Manager, or native solutions.	21K	85	2026-03-06	secrets, ci-cd, vault, aws
django-access-review	getsentry/skills	Security review for Django access control and IDOR vulnerabilities. Analyzes views, DRF viewsets, ORM queries for authorization issues.	368	85	2026-03-06	code-review, security-audit, django, access-control
anti-reversing-techniques	sickn33/antigravity-awesome-skills	Analyze anti-reversing and obfuscation techniques in software binaries for security research and authorized debugging.	21K	83	2026-03-06	binary-analysis, debugging, penetration-testing, anti-cheat, vulnerability-research
binary-analysis-patterns	sickn33/antigravity-awesome-skills	Learn binary analysis techniques like disassembly and decompilation for examining compiled code.	21K	83	2026-03-06	binary-analysis, static-analysis, analysis
malware-analyst	sickn33/antigravity-awesome-skills	Expert malware analyst for defensive research, threat intelligence, and incident response.	21K	82	2026-03-06	binary-analysis, vulnerability-analysis, incident-response
pentest-checklist	sickn33/antigravity-awesome-skills	A skill for creating structured penetration test checklists and defining security assessment scopes.	21K	82	2026-03-06	penetration-testing, planning, best-practices
security-best-practices	davila7/claude-code-templates	Performs language and framework specific security best-practice reviews and suggests improvements for Python, JavaScript/TypeScript, and Go	22K	81	2026-03-07	best-practices, review, python, javascript, go
game-hacking-techniques	gmh5225/awesome-game-security	A guide for game hacking techniques including memory manipulation and cheat development.	2.7K	81	2026-03-06	penetration-testing, vulnerability-analysis, binary-analysis, anti-cheat
veil	bankrbot/openclaw-skills	Privacy and shielded transactions on Base via Veil Cash using ZK proofs for anonymous transfers and private pools.	975	81	2026-03-05	privacy, transactions, base-network, zk-proofs, vuln-scanning
security-requirement-extraction	sickn33/antigravity-awesome-skills	Extract security requirements from threat models and business context for actionable security measures.	21K	79	2026-03-06	threat-modeling, requirements, appsec, compliance, risk-management
security-review	yeachan-heo/oh-my-claudecode	Performs comprehensive security reviews on source code to identify vulnerabilities and ensure safety standards.	8.7K	79	2026-03-06	security-audit, code-review, code
mobile-security	gmh5225/awesome-game-security	A guide for mobile game security on Android and iOS platforms, covering reverse engineering, APK analysis, and anti-cheat systems.	2.7K	79	2026-03-06	mobile, appsec, penetration-testing, android, ios
auth0-mfa	auth0/agent-skills	Add multi-factor authentication (MFA/2FA) or require additional verification for sensitive operations using Auth0	9	79	2026-03-03	auth, mfa, auth0
protocol-reverse-engineering	sickn33/antigravity-awesome-skills	Reverse engineer network protocols with packet analysis and dissection.	21K	78	2026-03-06	analysis, debugging, network, protocol
attack-tree-construction	sickn33/antigravity-awesome-skills	Build comprehensive attack trees to visualize threat paths and identify defense gaps.	21K	77	2026-03-06	threat-modeling, visualization, risk-management, security-documentation
gdpr-data-handling	sickn33/antigravity-awesome-skills	A skill for implementing GDPR-compliant data handling with consent management and privacy controls.	21K	77	2026-03-06	compliance, privacy, gdpr, legal
k8s-security-policies	sickn33/antigravity-awesome-skills	Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security.	21K	76	2026-03-06	appsec, kubernetes, rbac, networking, configuration
solidity-security	sickn33/antigravity-awesome-skills	Learn secure Solidity coding practices to prevent vulnerabilities in smart contracts.	21K	76	2026-03-06	best-practices, audit, smart-contract, solidity, blockchain
firmware-analyst	sickn33/antigravity-awesome-skills	An expert firmware analyst for embedded systems, IoT security, and hardware reverse engineering.	21K	74	2026-03-06	binary-analysis, vulnerability-analysis, embedded-systems, iot, penetration-testing
incident-response-incident-response	sickn33/antigravity-awesome-skills	Handles incident response workflows and processes for security incidents	21K	74	2026-03-06	incident-response, workflows, automation
memory-forensics	sickn33/antigravity-awesome-skills	Learn memory forensics techniques for analyzing RAM captures and investigating incidents.	21K	74	2026-03-06	analysis, binary-analysis, memory, vuln-scanning
deep-analysis	cyberkaida/reverse-engineering-assistant	Performs deep reverse engineering analysis on binaries to answer specific security questions and make incremental improvements to understand	619	74	2026-03-02	analysis, binary-analysis, reverse-engineering
1password	steipete/agent-scripts	A skill for setting up and using 1Password CLI to manage secrets and authentication.	2.1K	73	2026-02-14	secrets, cli, setup, 1password
ctf-osint	ljagiello/ctf-skills	OSINT techniques for CTF challenges. Gather info from public sources, social media, DNS, geolocation, and identify unknown data like hashes.	19	73	2026-03-04	analysis, web-research, ctf, osint
threat-mitigation-mapping	sickn33/antigravity-awesome-skills	Maps identified threats to security controls and mitigations for prioritizing investments and validating effectiveness.	21K	72	2026-03-06	risk-management, compliance, appsec, threat-modeling
ctf-pwn	cyberkaida/reverse-engineering-assistant	Solve CTF binary exploitation challenges by discovering and exploiting memory corruption vulnerabilities to read flags.	619	72	2026-03-02	penetration-testing, vulnerability-analysis, binary-analysis, exploitation, ctf
authentication	andrelandgraf/fullstackrecipes	A complete authentication system with email verification, password reset, and protected routes.	8	72	2026-02-21	auth, session-management, backend, access-control, accounting
pci-compliance	sickn33/antigravity-awesome-skills	Implement PCI DSS compliance for secure payment card data handling.	21K	70	2026-03-06	compliance, payment, audit, appsec
vulnerability-scanner	vudovn/antigravity-kit	An advanced vulnerability scanner focusing on OWASP 2025, supply chain security, and risk prioritization.	5.6K	70	2026-03-03	vuln-scanning, vulnerability-analysis, appsec, risk-management, owasp
authjs-skills	gocallum/nextjs16-agent-skills	Setup authentication for Next.js with Google OAuth and credentials provider.	16	70	2026-01-21	auth, setup, nextjs, oauth
stride-analysis-patterns	sickn33/antigravity-awesome-skills	Apply STRIDE methodology to identify system threats and conduct security analysis.	21K	68	2026-03-06	threat-modeling, analysis, appsec, security-patterns
anti-cheat-systems	gmh5225/awesome-game-security	This skill provides guidance on understanding anti-cheat systems and bypass techniques for game protection research.	2.7K	68	2026-03-06	vulnerability-analysis, penetration-testing, anti-cheat
repomix-safe-mixer	daymade/claude-code-skills	Safely package codebases with repomix by automatically detecting and removing hardcoded credentials before packing.	623	68	2026-03-02	secrets, code-analysis, code-generation, repomix
sast-configuration	sickn33/antigravity-awesome-skills	Configure SAST tools for automated vulnerability detection in application code.	21K	67	2026-03-06	configuration, vuln-scanning, appsec, ci-cd, static-analysis
docker-security-guide	josiahsiegel/claude-plugin-marketplace	Comprehensive Docker security guidelines and threat mitigation strategies.	19	67	2026-02-14	best-practices, docker, containerization, vulnerability-analysis
mtls-configuration	sickn33/antigravity-awesome-skills	Configure mutual TLS (mTLS) for secure service-to-service communication in zero-trust networks.	21K	66	2026-03-06	configuration, auth, backend, mtls, zero-trust
security-expert	shipshitdev/library	A security expert skill focused on application security, OWASP Top 10, and best practices for React, Next.js, and NestJS.	7	66	2026-03-02	appsec, auth, best-practices, react, nextjs
pentest-commands	sickn33/antigravity-awesome-skills	Provides essential penetration testing command references for network scanning, vulnerability assessment, and exploit usage.	21K	64	2026-03-06	penetration-testing, vuln-scanning, nmap, metasploit, nikto
windows-kernel-security	gmh5225/awesome-game-security	A guide for Windows kernel security research including driver development and exploitation techniques.	2.7K	64	2026-03-06	vulnerability-analysis, binary-analysis, kernel
auth-patterns	davepoon/buildwithclaude	A skill for handling authentication-related queries in Next.js applications, including NextAuth, Auth.js, middleware auth, and JWT.	2.5K	64	2026-03-07	auth, session-management, nextjs
security-testing-patterns	nickcrew/claude-ctx-plugin	Security testing patterns covering SAST, DAST, penetration testing, and vulnerability assessment for secure application development.	12	63	2026-03-06	security-audit, testing, appsec, vulnerability-analysis, penetration-testing
security-bluebook-builder	sickn33/antigravity-awesome-skills	Generates security policies (Blue Book) including threat models, auth rules, audit requirements, and incident response for sensitive applica	21K	62	2026-03-06	documentation, compliance, security-audit, application, security-documentation
ctf-rev	cyberkaida/reverse-engineering-assistant	Solve CTF reverse engineering challenges using systematic analysis to find flags, keys, or passwords in binaries and obfuscated code.	619	62	2026-03-02	binary-analysis, vulnerability-analysis, challenges, ctf
vuln-analysis-expert	tanweai/wooyun-legacy	Expert skill for analyzing vulnerabilities, conducting security audits, and managing security risks.	1.3K	61	2026-03-06	vulnerability-analysis, security-audit, appsec, risk-management
senior-security	borghei/claude-skills	A security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing with OWASP guidance	23	61	2026-03-06	threat-modeling, vulnerability-analysis, penetration-testing, security-automation, appsec
ln-621-security-auditor	levnikolaevich/claude-code-skills	Audits code for hardcoded secrets, SQL injection, XSS, insecure dependencies, and input validation. Returns findings with severity, location	165	60	2026-03-06	security-audit, vulnerability-analysis, code, dependencies
better-auth-authentication	bobmatnyc/claude-mpm-skills	A skill for implementing email/password authentication and social login flows in TypeScript applications.	18	60	2026-02-20	auth, session-management, typescript
auth0-express	auth0/agent-skills	Integrates Auth0 authentication and session management into Express.js server-rendered web applications.	9	60	2026-03-03	auth, session-management, express, auth0
pr-review	onekeyhq/app-monorepo	A security-first PR review checklist focusing on auth, networking, sensitive data, and dependency updates.	2.3K	59	2026-03-07	code-review, audit, secrets, auth, dependency-management
n8n-security-testing	proffesor-for-testing/agentic-qe	Security testing for n8n workflows including credential exposure detection, OAuth validation, API key management testing, and data sanitizat	226	59	2026-03-06	security-audit, testing, n8n, workflows
threat-modeling	bobmatnyc/claude-mpm-skills	A threat modeling workflow for software systems including scope, data flow diagrams, STRIDE analysis, risk scoring, and mitigation planning.	18	59	2026-02-20	risk-management, architecture, threat-modeling
aws-penetration-testing	sickn33/antigravity-awesome-skills	A skill for conducting AWS security assessments including IAM enumeration, S3 bucket testing, and privilege escalation.	21K	57	2026-03-06	penetration-testing, vulnerability-analysis, aws, appsec
software-security-appsec	vasilyu1983/ai-agents-public	A modern application security skill aligned with OWASP Top 10:2025, NIST SSDF, and zero trust principles.	38	57	2026-02-24	appsec, auth, compliance, owasp, zero-trust
better-auth-plugins	bobmatnyc/claude-mpm-skills	A TypeScript-based authentication plugin system for adding advanced features like 2FA, magic links, and JWT.	18	57	2026-02-20	auth, backend, typescript, api
idapython	mrexodia/ida-pro-mcp	IDA Pro Python scripting for reverse engineering tasks including binary analysis, disassembly, decompilation, and database manipulation.	6.1K	56	2026-03-07	binary-analysis, reverse-engineering, ida-pro, python
awesome-game-security-overview	gmh5225/awesome-game-security	A guide for contributing to a curated security resource list, focusing on README maintenance and category organization.	2.7K	56	2026-03-06	documentation, best-practices, readme
sql-injection-testing	sickn33/antigravity-awesome-skills	A skill for testing SQL injection vulnerabilities and exploiting database query flaws.	21K	55	2026-03-06	penetration-testing, vuln-scanning, appsec, database
varlock-claude-skill	sickn33/antigravity-awesome-skills	Securely manages environment variables to prevent secret leakage in Claude sessions, terminals, logs, and git commits.	21K	55	2026-03-06	secrets, configuration, claude, git
red-team-tactics	vudovn/antigravity-kit	A skill focused on red team tactics based on MITRE ATT&CK framework for attack phases, detection evasion, and reporting.	5.6K	55	2026-03-03	penetration-testing, vulnerability-analysis, security-hardening
ffuf-claude-skill	sickn33/antigravity-awesome-skills	A Claude skill template for performing web fuzzing and security testing using the ffuf tool.	21K	54	2026-03-06	web-testing, security-audit, ffuf, web-security
ethical-hacking-methodology	sickn33/antigravity-awesome-skills	A skill for learning ethical hacking methodologies, including penetration testing lifecycle, reconnaissance, and vulnerability exploitation.	21K	53	2026-03-06	penetration-testing, vuln-scanning, appsec, security-automation
vercel-security-access	bobmatnyc/claude-mpm-skills	Manage Vercel project security and access controls including RBAC, SSO, and 2FA.	18	53	2026-02-20	access-control, auth, audit, vercel
auth0-migration	auth0/agent-skills	Guide for migrating from various auth providers to Auth0, including user import, strategies, code patterns, and JWT validation.	9	53	2026-03-03	migration, auth, auth0, jwt
git-safety	shipshitdev/library	Scan git history for sensitive files and clean leaked credentials.	7	53	2026-03-02	secrets, git, audit, code-analysis
ssh-penetration-testing	sickn33/antigravity-awesome-skills	A skill for conducting comprehensive SSH penetration testing, including configuration enumeration, credential brute-forcing, and vulnerabili	21K	52	2026-03-06	penetration-testing, vulnerability-analysis, ssh
cognito	itsmostafa/aws-agent-skills	AWS Cognito for user authentication and authorization.	1K	52	2026-03-02	auth, api, aws
security-auditor	ovachiever/droid-tings	Continuously scans for security vulnerabilities including OWASP Top 10 and common issues.	25	52	2025-11-25	vuln-scanning, audit, static-analysis, owasp, security-automation
better-auth-core	bobmatnyc/claude-mpm-skills	A TypeScript-based authentication core for managing sessions and server-side APIs.	18	52	2026-02-20	auth, session-management, setup, typescript, backend
healthcare-compliance	eddiebe147/claude-settings	A skill for ensuring HIPAA compliance and handling healthcare regulations.	15	51	2026-01-22	compliance, legal, healthcare, privacy
open-source-checker	shipshitdev/library	Detects private information, API keys, and sensitive data in codebases before open sourcing.	7	51	2026-03-02	secrets, code-analysis, audit, code
security-threat-model	davila7/claude-code-templates	Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations in Markdow	22K	50	2026-03-07	threat-modeling, appsec, security-audit, codebase, markdown
capacitor-security	cap-go/capacitor-skills	A comprehensive security guide for Capacitor apps using the Capsec scanner, covering 63+ security rules.	18	50	2026-02-12	vuln-scanning, appsec, audit, capacitor
security-ownership-map	davila7/claude-code-templates	Analyze git repositories to build security ownership topology, compute bus factor and sensitive-code ownership, and export for graph databas	22K	49	2026-03-07	analysis, security-audit, git, visualization
dma-attack-techniques	gmh5225/awesome-game-security	A guide for Direct Memory Access (DMA) attack techniques using FPGA hardware, useful for PCIe DMA attacks and game security research.	2.7K	49	2026-03-06	penetration-testing, vulnerability-analysis, fpga, hardware
security-scanning	bobmatnyc/claude-mpm-skills	CI security scanning for secrets, dependencies, SAST, triage, and expiring exceptions.	18	49	2026-02-20	ci-cd, vuln-scanning, secrets, security-automation
better-auth-protected-routes	andrelandgraf/fullstackrecipes	Protect server-side routes with authentication enforcement.	8	49	2026-02-21	auth, backend, access-control
clerk-validator	shipshitdev/library	Validates Clerk authentication setup and detects deprecated patterns in Next.js applications.	7	49	2026-03-02	auth, audit, clerk, nextjs, configuration
security-scanner	eddiebe147/claude-settings	Scans code and infrastructure for security vulnerabilities and compliance issues.	15	47	2026-01-22	vuln-scanning, compliance, static-analysis, code, infrastructure
better-auth-setup	andrelandgraf/fullstackrecipes	Set up user authentication with Better Auth, Drizzle ORM, and Neon Postgres.	8	46	2026-02-21	auth, setup, drizzle-orm, neon-postgres
using-authentication	andrelandgraf/fullstackrecipes	This skill demonstrates how to implement client and server-side authentication using Better Auth, covering session management, protected rou	8	45	2026-02-21	auth, session-management, backend, api, access-control
recon	danielmiessler/personal_ai_infrastructure	Security reconnaissance skill for discovering attack surfaces, conducting security audits, and identifying vulnerabilities during bug bounty	9.6K	44	2026-03-02	reconnaissance, security-audit, vulnerability-analysis, bug-bounty
ctf-crypto	cyberkaida/reverse-engineering-assistant	Solve CTF cryptography challenges by identifying and exploiting weak crypto implementations in binaries to extract keys or decrypt data.	619	43	2026-03-02	cryptography, binary-analysis, vulnerability-analysis, ctf, crypto
credentials	alinaqi/claude-bootstrap	Manages API keys centrally from Access.txt for secure access control.	527	43	2026-02-14	secrets, auth, api, configuration
owasp-top-10	yonatangross/orchestkit	OWASP Top 10 security assessment and vulnerability analysis tool for identifying common web application security risks.	106	43	2026-03-07	security-audit, compliance, vulnerability-analysis, owasp
redteam	danielmiessler/personal_ai_infrastructure	Uses 32 agents for adversarial analysis, red teaming, critique, and stress testing of ideas.	9.6K	42	2026-03-02	security-audit, agents, multi-agent, ai
mod-actions	civitai/civitai	Moderator tool for user actions like banning, muting, content removal, and leaderboard management.	7K	42	2026-03-07	user-management, management, access-control
smart-contract-security	pluginagentmarketplace/custom-plugin-blockchain	Master smart contract security with auditing, vulnerability detection, and incident response.	1	42	2026-01-05	audit, vulnerability-analysis, smart-contract
proxychains	2025emma/vibe-coding-cn	A skill for configuring and using proxychains to route network traffic through proxy servers.	14K	41	2025-12-17	proxy, networking, cli
security-auditor	erichowens/some_claude_skills	Security vulnerability scanner and OWASP compliance auditor for codebases with dependency scanning, secret detection, and SAST.	47	40	2026-03-07	security-audit, vulnerability-analysis, codebase
burp-suite	trailofbits/skills	A skill for performing penetration testing and vulnerability scanning using Burp Suite.	3.4K	38	2026-03-06	penetration-testing, vuln-scanning, burpsuite
auth-wechat-miniprogram	tencentcloudbase/cloudbase-mcp	Guide for WeChat Mini Program authentication with CloudBase, covering native login and cloud function integration.	969	38	2026-03-07	auth, wechat, cloudbase
encore-auth	encoredev/skills	Implement authentication with auth handlers and gateways in Encore.ts.	17	38	2026-01-28	auth, backend, api, access-control
supabase-help	yoanbernabeu/supabase-pentest-skills	Provides quick reference for Supabase security audit skills with usage examples and command overview.	31	37	2026-01-31	audit, supabase, vuln-scanning
supabase-audit-auth-config	yoanbernabeu/supabase-pentest-skills	Analyzes Supabase auth config for security issues.	31	36	2026-01-31	audit, auth, supabase
supabase-audit-buckets-list	yoanbernabeu/supabase-pentest-skills	Audit Supabase storage buckets to identify potential security risks.	31	36	2026-01-31	audit, vulnerability-analysis, supabase, storage
supabase-audit-buckets-public	yoanbernabeu/supabase-pentest-skills	Audit Supabase storage buckets for public accessibility and sensitive data exposure.	31	36	2026-01-31	audit, storage, supabase
supabase-audit-realtime	yoanbernabeu/supabase-pentest-skills	Audit Supabase Realtime WebSocket channels for unauthorized access and data exposure.	31	36	2026-01-31	audit, realtime, supabase, websocket
supabase-audit-rls	yoanbernabeu/supabase-pentest-skills	Tests Row Level Security policies for bypass vulnerabilities in Supabase.	31	36	2026-01-31	audit, vulnerability-analysis, supabase, databases
supabase-audit-rpc	yoanbernabeu/supabase-pentest-skills	Audit Supabase PostgreSQL RPC functions for security issues and RLS bypass risks.	31	36	2026-01-31	audit, vulnerability-analysis, postgresql, supabase
supabase-extract-db-string	yoanbernabeu/supabase-pentest-skills	Detects exposed PostgreSQL database connection strings in client-side code to prevent direct database access.	31	36	2026-01-31	secrets, vuln-scanning, appsec, postgresql, database
supabase-extract-service-key	yoanbernabeu/supabase-pentest-skills	Detects leaked Supabase service_role keys in client-side code.	31	36	2026-01-31	secrets, static-analysis, supabase
bitwarden	andrejones92/canifi-life-os	A skill for managing passwords and secrets using Bitwarden, focusing on authentication and security audit capabilities.	5	36	2026-01-09	secrets, auth, security-audit
wish-ssh-code-review	existential-birds/beagle	Reviews SSH server code for security patterns and session handling using charmbracelet/wish.	38	35	2026-03-05	code-review, security-patterns, ssh, middleware, session-handling
supabase-audit-auth-signup	yoanbernabeu/supabase-pentest-skills	Audit Supabase user signup for security vulnerabilities and abuse risks.	31	35	2026-01-31	audit, auth, supabase
supabase-audit-auth-users	yoanbernabeu/supabase-pentest-skills	Audit Supabase auth users for enumeration vulnerabilities.	31	35	2026-01-31	audit, auth, vulnerability-analysis, supabase
supabase-audit-buckets-read	yoanbernabeu/supabase-pentest-skills	Audit Supabase storage buckets for access control verification.	31	35	2026-01-31	audit, access-control, supabase, storage
supabase-audit-functions	yoanbernabeu/supabase-pentest-skills	Audit Supabase Edge Functions for security issues.	31	35	2026-01-31	audit, vulnerability-analysis, supabase
supabase-audit-tables-list	yoanbernabeu/supabase-pentest-skills	Audit Supabase tables exposed via PostgREST API to identify attack surface.	31	35	2026-01-31	audit, databases, supabase
supabase-audit-tables-read	yoanbernabeu/supabase-pentest-skills	Audit Supabase table access to verify data exposure and RLS effectiveness.	31	35	2026-01-31	audit, databases, supabase
supabase-extract-anon-key	yoanbernabeu/supabase-pentest-skills	Extract Supabase anon key from client-side code for RLS testing.	31	35	2026-01-31	secrets, api, supabase
supabase-extract-jwt	yoanbernabeu/supabase-pentest-skills	Extract and decode Supabase-related JWTs from client-side code, cookies, and local storage.	31	35	2026-01-31	auth, jwt, supabase
supabase-pentest	yoanbernabeu/supabase-pentest-skills	Orchestrate a Supabase security audit with guided execution and ownership confirmation.	31	35	2026-01-31	penetration-testing, audit, supabase
supabase-report	yoanbernabeu/supabase-pentest-skills	Generates a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.	31	35	2026-01-31	audit, markdown, vuln-scanning
supabase-report-compare	yoanbernabeu/supabase-pentest-skills	Compare security audit reports to track remediation and identify new vulnerabilities.	31	35	2026-01-31	audit, vulnerability-analysis, supabase
supabase-audit-authenticated	yoanbernabeu/supabase-pentest-skills	Audit authenticated vs anonymous user access in Supabase to detect IDOR and privilege escalation.	31	34	2026-01-31	audit, auth, supabase
supabase-evidence	yoanbernabeu/supabase-pentest-skills	Initialize and manage evidence collection for security audits with documented findings.	31	34	2026-01-31	audit, supabase, evidence-collection
iam	itsmostafa/aws-agent-skills	Manage AWS IAM policies, roles, and permissions for secure access control.	1K	32	2026-03-02	auth, access-control, aws
appsec-expert	martinholovsky/claude-skills-generator	An elite application security expert for secure SDLC, OWASP Top 10 2025, SAST/DAST/SCA integration, and vulnerability remediation.	27	32	2025-12-06	appsec, audit, threat-modeling, vulnerability-analysis, owasp
supabase-auth	nice-wolf-studio/claude-code-supabase-skills	A skill for managing Supabase authentication and user operations including signup, signin, and password reset.	9	32	2025-10-20	auth, backend, supabase
security-check	schroneko/security-check	A skill that performs security checks in response to specific prompts.	7	32	2026-01-23	vuln-scanning, audit, security-automation
network-engineer	404kidwiz/claude-supercode-skills	Designs secure network architectures with zero-trust principles for cloud and hybrid environments.	42	31	2026-01-16	architecture, networking, zero-trust
ci/cd-pipeline-security-expert	martinholovsky/claude-skills-generator	A CI/CD pipeline security expert focused on secret management, code signing, and supply chain protection for desktop applications.	27	31	2025-12-06	ci-cd, secrets, appsec, desktop-app
keycloak-administration	dauquangthanh/hanoi-rainbow	Comprehensive KeyCloak administration guidance for realm management, user/group administration, client configuration, authentication flows,	6	31	2026-01-23	auth, configuration, user-management, keycloak, sso
forensic-data-engineer	daffy0208/ai-dev-standards	A forensic data engineer specializing in data forensics, anomaly detection, and fraud detection.	18	30	2025-12-25	audit, analysis, data-analysis, fraud-detection, anomaly-detection
security-engineer	daffy0208/ai-dev-standards	A skill for implementing security best practices across the application stack, covering OWASP Top 10, auth patterns, and vulnerability preve	18	30	2025-12-25	appsec, best-practices, auth, owasp, vulnerability-analysis
code-review-security	hieutrtr/ai1-skills	Security-focused code review checklist and automated scanning patterns for pull requests, authentication code, OWASP Top 10 vulnerabilities,	8	30	2026-02-06	code-review, security-audit, python, react
dashlane	andrejones92/canifi-life-os	Dashlane password manager skill for secure credential storage and authentication management	5	30	2026-01-09	auth, secrets, vuln-scanning
lastpass	andrejones92/canifi-life-os	LastPass password manager integration for secure credential storage and authentication management	5	30	2026-01-09	secrets, auth, security-audit
azure-identity-dotnet	microsoft/agent-skills	Provides authentication for Azure SDK clients using Microsoft Entra ID.	445	29	2026-02-03	auth, azure, dotnet
1password	andrejones92/canifi-life-os	A skill for managing passwords and authentication using 1Password.	5	29	2026-01-09	auth, 1password, vuln-scanning
frontend-security	schalkneethling/webdev-agent-skills	Audit frontend codebases for security vulnerabilities including XSS/CSRF/DOM issues, CSP configs, input validation, and dependency checks ba	1	29	2026-01-05	audit, security-audit, frontend, react, astro
dcg	dicklesworthstone/agent_flywheel_clawdbot_skills_and_integrations	High-performance Rust hook for Claude Code that blocks dangerous commands before execution with SIMD acceleration and whitelist-first archit	53	28	2026-03-03	guardrails, security-audit, command-line, rust, claude
devsecops-expert	martinholovsky/claude-skills-generator	A DevSecOps expert skill for secure CI/CD pipelines, shift-left security, and compliance automation.	27	28	2025-12-06	devsecops, ci-cd, security-automation, compliance, containerization
security-architect	daffy0208/ai-dev-standards	A comprehensive security architecture skill combining threat modeling, secure design, code review, and compliance validation.	18	28	2025-12-25	architecture, appsec, compliance, threat-modeling, secure-coding
configuring-tauri-permissions	dchuk/claude-code-tauri-skills	Guide to configuring Tauri permissions including security systems, allow/deny lists, and plugin permissions.	10	28	2026-01-20	configuration, appsec, tauri
openfga	openfga/agent-skills	OpenFGA authorization modeling best practices and guidelines for creating, reviewing, or refactoring authorization models with support for m	0	28	2026-01-27	auth, best-practices, access-control, fga, javascript
sql-injection-testing	zebbern/claude-code-guide	A skill for testing SQL injection vulnerabilities and exploiting database query flaws.	3.4K	27	2026-02-20	penetration-testing, vuln-scanning, appsec, database
moai-platform-auth0	modu-ai/moai-adk	A security specialist for Auth0, covering attack protection, MFA, token security, and compliance.	797	27	2026-03-07	auth, compliance, appsec, auth0
hipaa-compliance	erichowens/some_claude_skills	Ensure HIPAA compliance when handling Protected Health Information (PHI). Activates for audit logging, data access, security events, and com	47	27	2026-03-07	compliance, security-audit, healthcare, hipaa
oauth2-authentication	manutej/luxor-claude-marketplace	A comprehensive OAuth2 authentication skill covering authorization flows, token management, PKCE, OpenID Connect, and security best practice	42	27	2026-01-25	auth, api, best-practices, oauth2
defender-for-devops	josiahsiegel/claude-plugin-marketplace	Microsoft Defender for DevOps integration with Azure Pipelines for security automation and threat protection in CI/CD pipelines.	19	27	2026-02-14	integration, security-automation, azure, microsoft, vuln-scanning
ctf-solver	hacktronai/skills	Solve CTF challenges by analyzing descriptions, source code, and interacting with challenge environments to capture flags.	90	26	2025-12-27	penetration-testing, vulnerability-analysis, ctf, security-audit, analysis
mapbox-token-security	mapbox/mcp-devkit-server	Security best practices for Mapbox access tokens, including scope management, URL restrictions, rotation strategies, and protecting sensitiv	43	26	2026-03-05	best-practices, secrets, mapbox, auth
kanidm-expert	martinholovsky/claude-skills-generator	Expert in Kanidm identity management system with focus on user/group management, OAuth2/OIDC, LDAP, RADIUS, SSH key management, WebAuthn, an	27	26	2025-12-06	auth, identity, access-control, iam, oauth2
sqlcipher-encrypted-database-expert	martinholovsky/claude-skills-generator	Expert in SQLCipher encrypted database development with focus on encryption key management, key rotation, secure data handling, and cryptogr	27	26	2025-12-06	databases, encryption, best-practices, sql
git-security-2025	josiahsiegel/claude-plugin-marketplace	Git security best practices for 2025 including signed commits, zero-trust workflows, secret scanning, and verification	19	26	2026-02-14	best-practices, security-audit, git, commits
security-first-2025	josiahsiegel/claude-plugin-marketplace	Security-first bash scripting patterns for 2025 with mandatory validation and zero-trust principles	19	26	2026-02-14	security-patterns, best-practices, bash, validation, zero-trust
specstory-guard	specstoryai/agent-skills	Installs a pre-commit hook to scan .specstory/history for secrets before commits.	18	26	2026-01-31	secrets, setup, specstory
kubernetes-security-policies	nickcrew/claude-ctx-plugin	Implements Kubernetes security policies, RBAC, and Pod Security Standards for hardened cluster deployments.	12	26	2026-03-06	rbac, kubernetes, security-hardening, vuln-scanning
backend-security-coder	rmyndharis/antigravity-skills	A skill focused on secure backend coding practices including input validation, authentication, and API security.	489	25	2026-01-18	backend, auth, secure-coding
azure-keyvault-py	microsoft/agent-skills	Manage secrets, keys, and certificates securely with Azure Key Vault SDK for Python.	445	25	2026-02-03	secrets, auth, azure, python
opencode-authentication	supercent-io/skills-template	Handles OAuth authentication flows for multiple AI services including Claude Code, Gemini, and Codex.	26	25	2026-03-06	auth, api, opencode, claude, gemini
powershell-security	josiahsiegel/claude-plugin-marketplace	Modern PowerShell security practices including SecretManagement, JEA, WDAC, and credential protection	19	25	2026-02-14	security-audit, best-practices, powershell, secrets
v3-security-overhaul	ruvnet/claude-flow	Security architecture overhaul for claude-flow v3, addressing CVEs and implementing secure-by-default patterns.	20K	24	2026-03-06	appsec, architecture, claude, security-hardening
secrets-manager	itsmostafa/aws-agent-skills	AWS Secrets Manager for secure secret storage and rotation with RDS integration	1K	24	2026-03-02	secrets, configuration, aws, databases
flywheel-discord	dicklesworthstone/agent_flywheel_clawdbot_skills_and_integrations	Security rules and behavioral guidelines for operating as Clawdstein in The Agent Flywheel Hub Discord server with strict data isolation.	53	24	2026-03-03	security-audit, compliance, discord, community
cryptography	melodic-software/claude-code-plugins	Covers encryption, hashing, TLS configuration, key management, and post-quantum considerations for secure cryptographic implementations.	33	24	2026-03-04	best-practices, appsec, cryptography, encryption, ssl-tls
dependency-auditor	ovachiever/droid-tings	Audits dependencies for vulnerabilities using npm audit and pip-audit.	25	24	2025-11-25	audit, vuln-scanning, dependency-management, npm, pip
rbac-authorization-patterns	linehaul-ai/linehaulai-claude-marketplace	Provides RBAC and multi-tenant authorization patterns for laneweaverTMS with JWT claims and RLS policies.	3	24	2026-02-17	auth, access-control, rbac, multi-tenancy, laneweavertms
gdpr-ccpa-privacy-auditor	jorgealves/agent_skills	Audits web applications to ensure privacy policies match actual data collection practices, identifying discrepancies in cookies, tracking sc	0	24	2026-01-25	audit, compliance, privacy, web-applications, cookies
prompt-injection-scanner	jorgealves/agent_skills	Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection.	0	24	2026-01-25	audit, vulnerability-analysis, agents, prompting
auth-module-architecture	tencentblueking/bk-ci	Guide for designing authentication module architecture with IAM integration, RBAC model, and OAuth.	2.5K	23	2026-03-06	auth, architecture, iam, rbac, oauth
secret-scanner	ovachiever/droid-tings	Detects exposed secrets, API keys, credentials, and tokens in code before commits or file saves.	25	23	2025-11-25	secrets, static-analysis, code-analysis, git, cli
hipaa-compliance-guard	jorgealves/agent_skills	Audits HealthTech applications for HIPAA technical safeguards like encryption and audit logging.	0	23	2026-01-25	compliance, audit, healthcare, hipaa
security-scanning	yonatangross/orchestkit	Security scanning skill for identifying vulnerabilities and security issues in applications and systems.	106	22	2026-03-07	security-audit, vuln-scanning, vulnerability-analysis, appsec, compliance
kali-docker-pentesting	kroegha/kali-docker-pentesting	Comprehensive pentesting toolkit using Kali Linux Docker container with 200+ security tools for assessments and vulnerability scanning.	9	22	2025-11-17	penetration-testing, vuln-scanning, assessment, docker, kali-linux
openharmony-security-review	openharmonyinsight/openharmony-skills	Reviews OpenHarmony C++ system service code for security vulnerabilities, focusing on IPC handlers, multithreading, and sensitive data handl	0	22	2026-02-14	code-review, security-audit, harmonyos, cpp
permission-model-change-guide	tencentblueking/bk-ci	Guide for IAM RBAC permission model changes including resource types, operations, and migration scripts.	2.5K	21	2026-03-06	auth, access-control, iam, rbac, migration
ffuf-web-fuzzing	jthack/ffuf_claude_skill	Expert guidance for ffuf web fuzzing during penetration testing, including authenticated fuzzing with raw requests, auto-calibration, and re	122	21	2025-10-16	penetration-testing, web-testing, fuzzing, ffuf
ipsw	blacktop/ipsw-skill	Apple firmware and binary reverse engineering with the ipsw CLI tool for iOS/macOS binary analysis, disassembly, header dumping, and securit	41	21	2026-01-27	analysis, binary-analysis, reverse-engineering, apple, ios
skills-security-check	toolsai/skills-security-check	Detect skill vulnerabilities using static and AI checks. Activate evaluation upon scan requests for security assessment.	24	21	2026-02-06	vulnerability-analysis, static-analysis, ai-assisted, security-audit, appsec
solodit	bowtiedswan/solodit-api-skill	Search 50,000+ smart contract vulnerabilities from Cyfrin Solodit with 8 MCP tools for blockchain security analysis.	2	21	2026-01-27	vulnerability-analysis, smart-contracts, blockchain, analysis, search

Browse by Name

• 0-9 (3)
• a (47)
• b (20)
• c (41)
• d (15)
• e (5)
• f (15)
• g (10)
• h (7)
• i (12)
• k (6)
• l (6)
• m (14)
• n (5)
• o (13)
• p (17)
• r (13)
• s (118)
• t (9)
• u (1)
• v (10)
• w (10)
• x (1)
• y (1)
• z (1)