AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials an
Test-driven development skill for writing unit tests, generating test fixtures and mocks, analyzing coverage gaps, and guiding red-green-refactor workflows a...
# Next.js Security Audit - Comprehensive Vulnerability Scanner and Fixer ## Development Philosophy - **Security First**: Every line of code should be written with security in mind - **Mini
Meta-skill that orchestrates logging, monitoring, error handling, performance, security, deployment, and testing skills to ensure a service is fully production-ready before launch. Use before first de
一体化健身追踪系统。自动同步饮食记录和身体状态到 intervals.icu。支持配置引导和错误处理。
--- name: pentest-auth-bypass description: Test authentication and session management controls for bypass and account takeover scenarios. --- # Pentest Auth Bypass ## Stage - PTES: 5 - MITRE: T1110
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
--- name: audit-code description: Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities disable-model-invocation: true allowed-tools: Read, Glob, Grep, Bash c
AI-native agent runtime with typestate-enforced ORGA reasoning loop, Cedar policy authorization, knowledge bridge, zero-trust security, multi-tier sandboxing...