ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
code-reviewer-advanced
Use when reviewing code for quality, design issues, implementation problems, security vulnerabilities, or architectural concerns. Apply when user asks to review code, check implementation, find issues, or audit code quality. Use proactively after implementation is complete. Also use to provide feedback to system-architect and principal-engineer on design and implementation decisions.
majiayu000/claude-skill-registry 163
-
goth-fundamentals
This skill should be used when the user asks to "set up goth", "install goth", "oauth in go", "authentication in golang", "goth package", "goth basics", or mentions "github.com/markbates/goth". Provides foundational guidance for the Goth multi-provider authentication library.
majiayu000/claude-skill-registry 163
-
auth-security-validator
Autonomous validation of authentication security. Checks password hashing, cookie configuration, CSRF protection, and session management for OWASP compliance.
majiayu000/claude-skill-registry 163
-
security-convex
Convex security audit patterns. Load when reviewing Convex apps (convex/ directory present). Covers query/mutation auth, row-level security, public vs authenticated functions, validators, and Convex-specific issues.
majiayu000/claude-skill-registry 163
-
sandbox-configuration
Central authority for Claude Code sandboxing and isolation. Covers sandboxed bash tool, /sandbox command, filesystem isolation (blocked access, custom paths), network isolation (domain restrictions, proxy support), OS-level enforcement (bubblewrap on Linux, Seatbelt on macOS), sandbox configuration options, escape hatches (dangerouslyDisableSandbox, allowUnsandboxedCommands), and sandbox security limitations. Assists with configuring sandbox settings, understanding isolation mechanisms, and troubleshooting sandbox issues. Delegates 100% to docs-management skill for official documentation.
majiayu000/claude-skill-registry 163
-
cookie-security-analyzer
Cookie Security Analyzer - Auto-activating skill for Security Fundamentals.
Triggers on: cookie security analyzer, cookie security analyzer
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
picocom
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
-
security-nextjs
Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps.
Examples:
- user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix
- user: "Audit Server Actions" → check for missing auth and input validation
- user: "Review Next.js middleware" → verify matcher coverage for protected routes
- user: "Check Next.js API routes" → verify auth in app/api and pages/api
- user: "Secure Next.js headers" → audit next.config.js for security headers
majiayu000/claude-skill-registry 163
-
agent-compliance-auditor
Expert compliance auditor specializing in regulatory frameworks, data privacy laws, and security standards. Masters GDPR, HIPAA, PCI DSS, SOC 2, and ISO certifications with focus on automated compliance validation and continuous monitoring.
majiayu000/claude-skill-registry 163
-
auditing-project
Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
majiayu000/claude-skill-registry 163
-
audit-log-generator
Эксперт по аудит-логам. Используй для создания систем логирования, compliance требований, структуры логов и мониторинга.
majiayu000/claude-skill-registry 163
-
wp-orchestrator
Master WordPress project orchestrator - coordinates all WordPress skills for complete site setup, audit, and optimization. Use for new project setup, site audits, or comprehensive reviews. Runs interview phases and manages todo lists.
majiayu000/claude-skill-registry 163
-
reverse-engineering-firmware-analysis
Extended firmware analysis for embedded/IoT images with deep extraction, emulation, and vulnerability assessment.
majiayu000/claude-skill-registry 163
-
sbom-management
Software Bill of Materials management including generation, formats, vulnerability tracking, and supply chain security
majiayu000/claude-skill-registry 163
-
tacosdedatos-writer
Use this skill when helping write content for tacosdedatos newsletter/blog. Provides complete voice analysis, structural patterns, engagement mechanics, and writing principles for the distinctive bilingual tech-writer voice. Use for brainstorming post ideas, structuring drafts, writing posts, editing for voice authenticity, creating headlines, quality checking drafts, and generating quick outlines. Essential for maintaining the unique tacosdedatos voice that blends Spanish/English, technical depth with accessibility, vulnerability with expertise, and Mexican cultural identity with Bay Area tech culture.
majiayu000/claude-skill-registry 163
-
white-label
Complete WordPress white-labeling using FREE plugins only - ASE, Branda, White Label CMS, Admin Menu Editor. Covers login page branding, admin cleanup, security hardening, and client handoff preparation.
majiayu000/claude-skill-registry 163
-
grey-haven-security-practices
Grey Haven's security best practices - input validation, output sanitization, multi-tenant RLS, secret management with Doppler, rate limiting, OWASP Top 10 for TanStack/FastAPI stack. Use when implementing security-critical features.
majiayu000/claude-skill-registry 163
-
json-validation
Centralized JSON validation for AGENT_SUCCESS_CRITERIA with defensive parsing and injection attack prevention (CVSS 8.2)
majiayu000/claude-skill-registry 163
-
oauth2-flows
OAuth 2.0認可フローの実装パターンとセキュリティベストプラクティス。
Authorization Code Flow、PKCE、Refresh Token Flowの正確な実装を提供。
Web/SPA/モバイルアプリでの安全な認可フロー実装を支援。
Anchors:
• OAuth 2.0 Simplified (Aaron Parecki) / 適用: 認可フロー全般 / 目的: RFC準拠の正確な実装
• Web Application Security (Andrew Hoffman) / 適用: セキュリティ設計 / 目的: 脅威モデリングと対策
• RFC 6749 (OAuth 2.0 Framework) / 適用: プロトコル仕様 / 目的: 標準準拠の担保
Trigger:
Use when implementing OAuth 2.0 authentication, configuring authorization flows, integrating with OAuth providers, implementing PKCE for SPAs, or managing token lifecycle.
oauth2, authorization code, pkce, access token, refresh token, oauth provider, google auth, github oauth
majiayu000/claude-skill-registry 163
-
cursor-install-auth
Install Cursor IDE and configure authentication. Triggers on "install cursor",
"setup cursor", "cursor authentication", "cursor login", "cursor license". Use when working with cursor install auth functionality. Trigger with phrases like "cursor install auth", "cursor auth", "cursor".
majiayu000/claude-skill-registry 163
-
internal-red-team-audit
majiayu000/claude-skill-registry 163
-
threat-model-creator
Threat Model Creator - Auto-activating skill for Security Advanced.
Triggers on: threat model creator, threat model creator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
cursor-compliance-audit
Execute compliance and security auditing for Cursor usage. Triggers on "cursor compliance",
"cursor audit", "cursor security review", "cursor soc2", "cursor gdpr". Use when analyzing or auditing cursor compliance audit. Trigger with phrases like "cursor compliance audit", "cursor audit", "cursor".
majiayu000/claude-skill-registry 163
-
grey-haven-authentication-patterns
Grey Haven's authentication patterns using better-auth - magic links, passkeys, OAuth providers, session management with Redis, JWT claims with tenant_id, and Doppler for auth secrets. Use when implementing authentication features.
majiayu000/claude-skill-registry 163