Browse Skills — Page 174

secrets

BuilderIO/agent-native

>-

secrets-management

wshobson/agents

Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

secrets-management

diegosouzapw/awesome-omni-skills

Secrets Management workflow skill. Use this skill when the user needs Secure secrets management practices for CI/CD pipelines using Vault, AWS Secrets Manager, and other tools and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

secrets-management-v2

diegosouzapw/awesome-omni-skills

Secrets Management workflow skill. Use this skill when the user needs Secure secrets management practices for CI/CD pipelines using Vault, AWS Secrets Manager, and other tools and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

secrets-vault-manager

alirezarezvani/claude-skills

Use when the user asks to set up secret management infrastructure, integrate HashiCorp Vault, configure cloud secret stores (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager), implement secret rotation, or audit secret access patterns.

section-break-check

lyndonkl/claude

Verifies the section-break style in a substacker draft matches the post register — asterisks (* * *) for essayistic posts under 2500 words, H2 for methodology / how-to / technical posts. Flags mixed registers (H2 in a reflective essay, asterisks in a structured how-to). Per the style-guide rhythm rule. Use every draft. Trigger keywords: section break, asterisk, H2, headers, register, essayistic vs methodology.

section-portfolio-assessment

lyndonkl/claude

Classifies each substacker section as healthy / drifting / candidate-for-prune based on post volume, engagement trend, and niche alignment. Produces table + 2-4 paragraph narrative. Used in every quarterly review. Trigger keywords: portfolio, section health, healthy drifting prune, section assessment, which section is carrying.

sector-overview

anthropics/financial-services

Create comprehensive industry and sector landscape reports covering market dynamics, competitive positioning, key players, and thematic trends. Use for client requests, sector initiations, thematic research pieces, or internal knowledge building. Triggers on "sector overview", "industry report", "market landscape", "sector analysis", "industry deep dive", or "thematic research".

sector-rotation

HKUDS/Vibe-Trading

行业轮动分析——申万行业景气度评分、行业动量排名、产业链传导、估值/盈利/资金流多维比较框架

secure-linux-web-hosting

xixu-me/skills

Use when setting up, hardening, or reviewing a cloud server for self-hosting, including DNS, SSH, firewalls, Nginx, static-site hosting, reverse-proxying an app, HTTPS with Let's Encrypt or ACME clients, safe HTTP-to-HTTPS redirects, or optional post-launch network tuning such as BBR.

secure-workflow-guide

trailofbits/skills

Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.

securing-api-gateway-with-aws-waf

mukul975/Anthropic-Cybersecurity-Skills

>

securing-aws-iam-permissions

mukul975/Anthropic-Cybersecurity-Skills

>

securing-aws-lambda-execution-roles

mukul975/Anthropic-Cybersecurity-Skills

>

securing-azure-with-microsoft-defender

mukul975/Anthropic-Cybersecurity-Skills

>

securing-container-registry-images

mukul975/Anthropic-Cybersecurity-Skills

>

securing-container-registry-with-harbor

mukul975/Anthropic-Cybersecurity-Skills

Harbor is an open-source container registry that provides security features including vulnerability scanning (integrated Trivy), image signing (Notary/Cosign), RBAC, content trust policies, replicatio

securing-github-actions-workflows

mukul975/Anthropic-Cybersecurity-Skills

>

securing-helm-chart-deployments

mukul975/Anthropic-Cybersecurity-Skills

Secure Helm chart deployments by validating chart integrity, scanning templates for misconfigurations, and enforcing security contexts in Kubernetes releases.

securing-historian-server-in-ot-environment

mukul975/Anthropic-Cybersecurity-Skills

>

securing-kubernetes-on-cloud

mukul975/Anthropic-Cybersecurity-Skills

>

securing-remote-access-to-ot-environment

mukul975/Anthropic-Cybersecurity-Skills

>

securing-serverless-functions

mukul975/Anthropic-Cybersecurity-Skills

>

security

alinaqi/maggy

OWASP security patterns, secrets management, security testing

Security Dashboard

Community-Access/accessibility-agents

GitHub security alerts command center -- triage Dependabot, code scanning, and secret scanning alerts entirely from the editor. Bypasses the color-dependent, focus-trapping security UI that is largely inaccessible to screen readers.

Security Digest

aaronjmars/aeon

Lead with confirmed exploitation (CISA KEV), enrich with EPSS, filter GitHub Advisories to your tracked stack, output one action per item

security-audit

catlog22/Claude-Code-Workflow

OWASP Top 10 and STRIDE security auditing with supply chain analysis. Triggers on "security audit", "security scan", "cso".

security-audit-eval

UKGovernmentBEIS/inspect_evals

Audit a third-party Inspect AI evaluation for security risks before running it locally. Decide whether the eval is safe by checking for malicious host-side code, externally-fetched files that aren't quality-controlled, sandbox-breakout instructions, weak sandbox configuration, supply-chain hazards, credential exposure, resource exhaustion, and provenance signals. Use when the user asks to audit / vet / security-review an eval repo (GitHub URL or local path), or asks "is it safe to run X". Do NOT use for assessing whether an eval *measures what it claims* (use eval-validity-review) or for general code-quality review (use eval-quality-workflow / code-quality-review-all).

security-audit-v2

diegosouzapw/awesome-omni-skills

Security Auditing Workflow Bundle workflow skill. Use this skill when the user needs Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-auditor

alirezarezvani/claude-code-tresor

Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on file changes. Scans for SQL injection, XSS, secrets exposure, auth issues. Triggers on file changes, security mentions, deployment prep.

security-auditor-v2

diegosouzapw/awesome-omni-skills

security-auditor workflow skill. Use this skill when the user needs Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-auditor-v3

diegosouzapw/awesome-omni-skills

security-auditor workflow skill. Use this skill when the user needs Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-awareness

trailofbits/skills-curated

>

security-best-practices

tech-leads-club/agent-skills

Perform language and framework specific security best-practice reviews and suggest improvements. Use when the user explicitly requests security best practices guidance, a security review or report, or secure-by-default coding help. Supports Python, JavaScript/TypeScript, and Go. Do NOT use for general code review, debugging, threat modeling (use security-threat-model), or non-security tasks.

security-best-practices

openai/skills

"Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks."

security-bluebook-builder

diegosouzapw/awesome-omni-skills

Security Bluebook Builder workflow skill. Use this skill when the user needs Build a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST/SHOULD/CAN language, with explicit assumptions, scope, and security gates and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-bluebook-builder-v2

diegosouzapw/awesome-omni-skills

Security Bluebook Builder workflow skill. Use this skill when the user needs Build a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST/SHOULD/CAN language, with explicit assumptions, scope, and security gates and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-bounty-hunter

affaan-m/ECC

Hunt for exploitable, bounty-worthy security issues in repositories. Focuses on remotely reachable vulnerabilities that qualify for real reports instead of noisy local-only findings.

security-check

TermiX-official/cryptoclaw

Assess token and address security via the GoPlus Security API.

security-compliance-compliance-check

diegosouzapw/awesome-omni-skills

Regulatory Compliance Check workflow skill. Use this skill when the user needs You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-compliance-compliance-check-v2

diegosouzapw/awesome-omni-skills

Regulatory Compliance Check workflow skill. Use this skill when the user needs You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-diff-scan

openai/plugins

Use when the user asks for a security review of a pull request, commit, branch diff, working-tree patch, or other Git-backed change set.

security-engineering

elophanto/EloPhanto

Expert application security engineer specializing in threat modeling, vulnerability assessment, secure code review, and security architecture design. Adapted from msitarzewski/agency-agents.

security-expert

MicrosoftDocs/cloud-adoption-framework

Reviews Azure content for security vulnerabilities and best practice gaps. Use when asked to perform a security review of documentation.

security-flutter

TheBeardedBearSAS/claude-craft

Sécurité Flutter. Use when reviewing security, implementing auth, or hardening code.

security-guidance

alirezarezvani/claude-skills

PreToolUse security-anti-pattern hook for Claude Code. Catches 12 common security risks (command injection, XSS, SQL injection, unsafe deserialization, GitHub Actions workflow injection, eval/new Function code injection) BEFORE the Edit/Write/MultiEdit operation completes. Session-state caching prevents duplicate warnings on the same file+rule combo. Stdlib only — no dependencies. Use when you want a safety net during Claude Code sessions that touch security-sensitive code (auth, payments, user input handling, IaC). Disable with ENABLE_SECURITY_REMINDER=0 if you need to perform a verified-safe operation that would otherwise trip a pattern. Triggers — "add security hook", "block unsafe code", "detect command injection before write", "prevent SQL injection patterns", "security warning hook".

security-operations

serac-labs/serac

Build ServiceNow Security Operations — sn_si_incident with NIST-aligned state transitions, sn_vul_vulnerable_item with CVSS/risk scoring, sn_ti_indicator IOC matching, and containment playbooks.

security-ownership-map

tech-leads-club/agent-skills

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Use when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do NOT use for general maintainer lists, non-security ownership questions, or threat modeling (use security-threat-model).

security-ownership-map

openai/skills

"Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Trigger only when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do not trigger for general maintainer lists or non-security ownership questions."

security-paperclip

TheBeardedBearSAS/claude-craft

Paperclip-Sicherheit — Tenancy-Isolation, Secrets, Approval-Gates, harte Budgets, signierter Adapter-Channel. Verwenden Sie dies beim Auditing oder Härten von Paperclip.

security-patrol

sirkirby/unifi-mcp

Show everything that happened at a specific area across all UniFi products (Network, Protect, Access) in a given time window. Use when the user asks about activity at a door, entrance, room, or area.

security-patterns

yonatangross/orchestkit

Security patterns for authentication, defense-in-depth, input validation, OWASP Top 10, LLM safety, and PII masking. Use when implementing auth flows, security layers, input sanitization, vulnerability prevention, prompt injection defense, or data redaction.

security-pen-testing

alirezarezvani/claude-skills

Use when the user asks to perform security audits, penetration testing, vulnerability scanning, OWASP Top 10 checks, or offensive security assessments. Covers static analysis, dependency scanning, secret detection, API security testing, and pen test report generation.

security-pentest-planner

OneWave-AI/claude-skills

Plans security penetration tests for web applications. Analyzes codebase, API routes, auth implementation, and infrastructure config to generate comprehensive pentest plans. For authorized testing only.

security-react

TheBeardedBearSAS/claude-craft

Sécurité React. Use when reviewing security, implementing auth, or hardening code.

security-reactnative

TheBeardedBearSAS/claude-craft

Security - React Native 0.85+ Best Practices. Use when reviewing security, implementing auth, or hardening code.

security-requirement-extraction

wshobson/agents

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

security-requirement-extraction

diegosouzapw/awesome-omni-skills

Security Requirement Extraction workflow skill. Use this skill when the user needs Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-requirement-extraction-v2

diegosouzapw/awesome-omni-skills

Security Requirement Extraction workflow skill. Use this skill when the user needs Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

affaan-m/security-review

affaan-m/ECC

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

microsoft/security-review

microsoft/power-platform-skills

>-

github/security-review

github/awesome-copilot

'AI-powered codebase security scanner that reasons about code like a security researcher — tracing data flows, understanding component interactions, and catching vulnerabilities that pattern-matching tools miss. Use this skill when asked to scan code for security vulnerabilities, find bugs, check for SQL injection, XSS, command injection, exposed API keys, hardcoded secrets, insecure dependencies, access control issues, or any request like "is my code secure?", "review for security issues", "audit this codebase", or "check for vulnerabilities". Covers injection flaws, authentication and access control bugs, secrets exposure, weak cryptography, insecure dependencies, and business logic issues across JavaScript, TypeScript, Python, Java, PHP, Go, Ruby, and Rust.'

security-review-pr

warpdotdev/oz-for-oss

Audit a pull request diff for common security concerns (input validation, sanitization, authentication and authorization, secrets management, unsafe dependencies, and related risks) and fold findings into the same review.json produced by the base PR review. Use as a supplement to `review-pr` whenever a code PR is being reviewed.

security-review-spec

warpdotdev/oz-for-oss

Audit a product or tech spec pull request diff for high-level security concerns (threat surface, authentication and authorization model, trust boundaries, sensitive data handling, secrets and key management, dependency posture, and abuse or misuse cases) and fold findings into the same review.json produced by the base spec review. Use as a supplement to `review-spec` whenever a spec PR is being reviewed.

security-scan

affaan-m/ECC

Scan your Claude Code configuration (.claude/ directory) for security vulnerabilities, misconfigurations, and injection risks using AgentShield. Checks CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions.

security-scan

openai/plugins

Use when the user asks for a repository-wide or scoped-path security scan.

security-scanning-security-dependencies

diegosouzapw/awesome-omni-skills

Dependency Vulnerability Scanning workflow skill. Use this skill when the user needs You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-scanning-security-dependencies-v2

diegosouzapw/awesome-omni-skills

Dependency Vulnerability Scanning workflow skill. Use this skill when the user needs You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-scanning-security-hardening

diegosouzapw/awesome-omni-skills

security-scanning-security-hardening workflow skill. Use this skill when the user needs Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-scanning-security-hardening-v2

diegosouzapw/awesome-omni-skills

security-scanning-security-hardening workflow skill. Use this skill when the user needs Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-scanning-security-sast

diegosouzapw/awesome-omni-skills

SAST Security Plugin workflow skill. Use this skill when the user needs 'Static Application Security Testing (SAST) for code vulnerability and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-scanning-security-sast-v2

diegosouzapw/awesome-omni-skills

SAST Security Plugin workflow skill. Use this skill when the user needs 'Static Application Security Testing (SAST) for code vulnerability and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

security-suite

boshu2/agentops

Run composable security analysis.

security-symfony

TheBeardedBearSAS/claude-craft

Sécurité & RGPD - Atoll Tourisme. Use when reviewing security, implementing auth, or hardening code.

security-test

HoangNguyen0403/agent-skills-standard

Fast, continuous DevSecOps pipeline for Pull Requests and active branches. Runs SAST, SCA, and secrets detection to catch vulnerabilities before they merge.

security-threat-model

tech-leads-club/agent-skills

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Use when the user asks to threat model a codebase or path, enumerate threats or abuse paths, or perform AppSec threat modeling. Do NOT use for general architecture summaries, code review, security best practices (use security-best-practices), or non-security design work.

security-threat-model

openai/skills

"Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work."

security-triage

openclaw/openclaw

Triage OpenClaw security advisories, drafts, and GHSA reports with shipped-tag and trust-model proof.

securityheaders

taracodlabs/aiden

HTTP security header audit (A+ to F) with fix recommendations

securitytrails-automation

ComposioHQ/awesome-claude-skills

"Automate Securitytrails tasks via Rube MCP (Composio). Always search tools first for current schemas."

seed-data

ClipboardHealth/core-utils

Trigger seed data generation for test environments via GitHub Actions. Use when asked to seed, create test data, or set up HCPs/facilities/shifts.

seed-protocol-design

yogsoth-ai/de-anthropocentric-research-engine

SOP: design random seed strategy for reproducibility

seed-selection

yogsoth-ai/de-anthropocentric-research-engine

Validate and prioritize starting papers for snowball surveys. Evaluates which seeds will yield the richest citation traces based on citation count, recency, and network position.

seedance

vm0-ai/vm0-skills

Seedance video generation API by ByteDance. Use when user mentions "Seedance", "ByteDance video AI", "text-to-video", "image-to-video", or wants to generate AI videos using Seedance models.

seeing-images

oaustegard/claude-skills

Augmented vision tools for analyzing images beyond native visual capabilities. Use when tasked with describing images in detail, reproducing images as SVGs, identifying subtle features, comparing image regions, reading degraded text, or any task requiring careful visual inspection. Also use when the image-to-svg skill needs ground truth about colors, shapes, or boundaries.

seek-and-analyze-video

diegosouzapw/awesome-omni-skills

Seek and Analyze Video workflow skill. Use this skill when the user needs Seek and analyze video content using Memories.ai Large Visual Memory Model for persistent video intelligence and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

seek-and-analyze-video-v2

diegosouzapw/awesome-omni-skills

Seek and Analyze Video workflow skill. Use this skill when the user needs Seek and analyze video content using Memories.ai Large Visual Memory Model for persistent video intelligence and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

segment

TerminalSkills/skills

>-

segment-anything-model

NousResearch/hermes-agent

SAM: zero-shot image segmentation via points, boxes, masks.

segment-audience

indranilbanerjee/digital-marketing-pro

Create audience segments. Use when: building or updating CRM or email platform segments for campaign targeting.

segment-automation

diegosouzapw/awesome-omni-skills

Segment Automation via Rube MCP workflow skill. Use this skill when the user needs Automate Segment tasks via Rube MCP (Composio): track events, identify users, manage groups, page views, aliases, batch operations. Always search tools first for current schemas and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

segment-automation-v2

diegosouzapw/awesome-omni-skills

Segment Automation via Rube MCP workflow skill. Use this skill when the user needs Automate Segment tasks via Rube MCP (Composio): track events, identify users, manage groups, page views, aliases, batch operations. Always search tools first for current schemas and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

segment-cdp

diegosouzapw/awesome-omni-skills

Segment CDP workflow skill. Use this skill when the user needs Expert patterns for Segment Customer Data Platform including and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

segment-cdp-v2

diegosouzapw/awesome-omni-skills

Segment CDP workflow skill. Use this skill when the user needs Expert patterns for Segment Customer Data Platform including and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

segmetrics-automation

ComposioHQ/awesome-claude-skills

"Automate Segmetrics tasks via Rube MCP (Composio). Always search tools first for current schemas."

seisbench-model-api

elizaOS/eliza

An overview of the core model API of SeisBench, a Python framework for training and applying machine learning algorithms to seismic data. It is useful for annotating waveforms using pretrained SOTA ML models, for tasks like phase picking, earthquake detection, waveform denoising and depth estimation. For any waveform, you can manipulate it into an obspy stream object and it will work seamlessly with seisbench models.

seismic-automation

ComposioHQ/awesome-claude-skills

"Automate Seismic tasks via Rube MCP (Composio). Always search tools first for current schemas."

seismic-picker-selection

elizaOS/eliza

This is a summary the advantages and disadvantages of earthquake event detection and phase picking methods, shared by leading seismology researchers at the 2025 Earthquake Catalog Workshop. Use it when you have a seismic phase picking task at hand.

seismic-waveform-processing

InternScience/scp

Process seismic waveform data including reading MinISEED/SAC files, extracting metadata, and visualizing earthquake signals.

sekretariats-tagesbrief

Klotzkette/claude-fuer-deutsches-recht

Erzeugt morgens den Tagesbrief der Kanzlei mit allen Informationen die Anwalt und Sekretariat fuer den Tag brauchen — Fristen heute und in der naechsten Woche Vorfristen aus dem Fristenbuch eingegangene Post vom Vortag offene Mandantenrueckrufe Termine Gerichts- und Behoerdentermine Wiedervorlagen Geburtstage des Tages Honorarrueckstaende ueber Schwelle. Strukturiert zur schnellen Sichtung in fuenf Minuten. Bricht Information so herunter dass Anwalt entscheiden kann was Prioritaet hat.