Find the perfect skill
AI Ethics and Fairness Validator
Security
Validate AI/ML models and datasets for bias, fairness, and ethical compliance. Computes fairness metrics (demographic parity, equalized odds) and generates audit reports with mitigation strategies aligned to IEEE, EU, and ACM ethical frameworks.
Dependency Vulnerability Scanning
Security
Scans project dependencies across ecosystems to identify known vulnerabilities, generates SBOMs, and suggests automated remediation. Helps during security audits or for supply chain compliance and risk assessment.
Ask Secure by Design Questions
Security
Generates a prioritized set of security questions to ensure components and systems are designed securely from the ground up. Helps builders identify and address design-level vulnerabilities before implementation.
Dependency Vulnerability Scanner
Security
Scan project dependencies for known CVEs, suggest upgrades, and generate security audit reports.
Kubernetes Security Policies
Security
This skill covers implementing Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use it to enforce network segmentation, configure pod security standards, or set up least-privilege access controls.
API Security Hardening
Security
Harden API endpoints with rate limiting, input validation, CORS, and proper error handling to prevent abuse.
Penetration Test Reporter
Security
Document and report security findings from penetration tests with severity ratings and remediation guides.
Global Validation
Security
Implements comprehensive server-side input validation with complementary client-side validation for user experience. Uses allowlists, type checking, and sanitization to prevent SQL injection, XSS, and other injection attacks. Apply when validating any external data entering the application, ensuring consistent security across all entry points and maintaining data integrity with field-specific error messages.
1Password Secrets Management
Security
Enables management of 1Password secrets via the op CLI, using service account authentication. Use it to list vaults and items, retrieve passwords, OTP codes, and API keys, or read specific secret fields. Ideal for securely accessing credentials during development or automation workflows.
OWASP Security Checker
Security
Audit code against OWASP Top 10 vulnerabilities including XSS, SQL injection, CSRF, and authentication flaws.
Backend Security Coder
Security
This skill provides expert guidance on secure backend coding practices, including input validation, authentication, API security, and vulnerability prevention. It is designed for hands-on implementation of security features and code reviews, focusing on writing secure code rather than auditing existing systems. Use it when building or reviewing backend components that require robust security measures.
Secrets Scanner and Rotator
Security
Detect hardcoded secrets in code, suggest proper secret management, and help rotate compromised credentials.