Search Skills
Search across 54932 indexed skills
hardening-docker-containers-for-production
Hardening Docker containers for production involves applying security best practices aligned with CIS Docker Benchmark v1.8.0 to minimize attack surfa...
performing-alert-triage-with-elastic-siem
Alert triage in Elastic Security is the systematic process of reviewing, classifying, and prioritizing security alerts to determine which represent ge...
performing-soc-tabletop-exercise
Use this skill when: Annual or semi-annual incident response testing is required (NIST, ISO 27001, PCI DSS compliance) New SOC analysts need exposure ...
testing-oauth2-implementation-flaws
Assessing OAuth 2.0 authorization code flow for redirect URI validation weaknesses Testing OAuth client applications for CSRF protection (state parame...
sql-code-review
Perform a thorough SQL code review of ${selection} (or entire project if no selection) focusing on security, performance, maintainability, and databas...
agent-owasp-compliance
Evaluate AI agent systems against the OWASP Agentic Security Initiative (ASI) Top 10 — the industry standard for agent security posture. The OWASP ASI...
find-bugs
Review changes on this branch for bugs, security vulnerabilities, and code quality issues. Get the FULL diff: git diff master...HEAD If output is trun...
trivy-offline-vulnerability-scanning
This skill provides guidance on using Trivy, an open-source security scanner, to discover vulnerabilities in software dependencies using offline mode....
code-review
Thorough, structured approach to reviewing code. Work through each dimension systematically rather than scanning randomly. npx clawhub@latest install ...
password-policy-auditor
Audit your authentication system against modern security standards. Check password complexity rules, storage practices (bcrypt vs MD5), MFA adoption, ...
spring-boot-actuator-analyzer
Analyze Spring Boot Actuator configuration for security vulnerabilities, health check completeness, metrics exposure, and production readiness. Audit ...
bookforge-web-application-hardening-assessment
You have authorized access to a web application (source code, server configuration, HTTP traffic, or a combination) and need to assess the quality of ...