ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
security-prompts-controls
Simple security prompt templates for quick implementations using existing Secure Vibe Coding OS utilities. Use for straightforward features like contact forms, authenticated updates, and public APIs. Triggers include "contact form", "simple form", "authenticated update", "user update", "public API", "read-only API", "quick secure implementation".
majiayu000/claude-skill-registry 163
-
oauth2-flow-helper
Oauth2 Flow Helper - Auto-activating skill for Security Fundamentals.
Triggers on: oauth2 flow helper, oauth2 flow helper
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
Security Auditing
Audit security with vulnerability scanning, input validation checks, and auth/authz review against OWASP Top 10. Use when implementing authentication, reviewing security-sensitive code, or conducting security audits.
majiayu000/claude-skill-registry 163
-
picocom
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
-
webapp-nikto
Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions. Use when: (1) Conducting authorized web server security assessments, (2) Identifying common web vulnerabilities and misconfigurations, (3) Detecting outdated server software and known vulnerabilities, (4) Performing compliance scans for web server hardening, (5) Enumerating web server information and enabled features, (6) Validating security controls and patch levels.
majiayu000/claude-skill-registry 163
-
marketplace-audit
Display plugin versions from marketplace.json. Use when user asks to "audit versions", "show plugin versions", "list marketplace versions", or wants to see the current state of plugin versioning.
majiayu000/claude-skill-registry 163
-
Top 100 Web Vulnerabilities Reference
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability definitions, root causes, impacts, and mitigation strategies across all major web security categories.
majiayu000/claude-skill-registry 163
-
security-reviewer
Use when reviewing code for security vulnerabilities, conducting threat modeling, ensuring SLSA compliance, or performing security assessments. Invoked for security analysis, vulnerability detection, and compliance verification.
majiayu000/claude-skill-registry 163
-
reverse-proxy
Manage incoming internet traffic and reverse proxy configuration on the home network gateway. Configure Caddy, OAuth2 authentication, fail2ban security, and traffic routing.
majiayu000/claude-skill-registry 163
-
access-management
RBAC/ABAC implementation patterns, least privilege access, row-level security, column masking, and access review workflows.
majiayu000/claude-skill-registry 163
-
nick-theriot
Talk to Nick Theriot Youtuber about their expertise. Nick Theriot Youtuber provides authentic advice using their mental models, core beliefs, and real-world examples.
majiayu000/claude-skill-registry 163
-
laravel-routing
Route configuration, route model binding, and authorization. Use when working with routes, route binding, URL patterns, or when user mentions routing, route model binding, conditional binding, route-level authorization.
majiayu000/claude-skill-registry 163
-
spider
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
majiayu000/claude-skill-registry 163
-
spider
Web crawling and scraping with analysis. Use for crawling websites, security scanning, and extracting information from web pages.
majiayu000/claude-skill-registry 163
-
validating-csrf-protection
Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.
majiayu000/claude-skill-registry 163
-
owasp-top-10
OWASP Top 10 security vulnerabilities with detection and remediation patterns. Use when conducting security audits, implementing secure coding practices, or reviewing code for common security vulnerabilities.
majiayu000/claude-skill-registry 163
-
asking-codex
Code review, security audits, bug detection, alternative implementations, second opinions via OpenAI Codex. Use when user asks for code review, security analysis, implementation advice, bug detection, code patterns, or wants a second opinion on code. Supports uncommitted changes review. Do not use for architecture design or web searches.
majiayu000/claude-skill-registry 163
-
authorization-security
Authorization security standards covering RBAC, ABAC, policy enforcement, OAuth2 scopes, resource-based access control, and NIST 800-53 compliance (AC-3, AC-4, AC-6) for production systems
majiayu000/claude-skill-registry 163
-
langchain-core-workflow-a
Build LangChain chains and prompts for structured LLM workflows.
Use when creating prompt templates, building LCEL chains,
or implementing sequential processing pipelines.
Trigger with phrases like "langchain chains", "langchain prompts",
"LCEL workflow", "langchain pipeline", "prompt template".
majiayu000/claude-skill-registry 163
-
security-bluebook-builder
Create or refine a concise, normative security policy ("Blue Book") for sensitive applications. Use when users need a threat model, data classification rules, auth/session policy, logging and audit requirements, retention/deletion expectations, incident response, or security gates for apps handling PII/PHI/financial data.
majiayu000/claude-skill-registry 163
-
handling-authentication
Handling authentication and authorization in StickerNest. Use when the user asks about login, signup, auth, session, protected routes, user context, JWT, tokens, logout, or permission checks. Covers Supabase Auth, AuthContext, protected routes, and widget auth.
majiayu000/claude-skill-registry 163
-
github-security-review
Analyze GitHub repository security alerts and generate remediation plans. Use when the user asks to review security alerts, fix vulnerabilities, check dependabot alerts, review code scanning issues, or address secret scanning findings for a GitHub repository. Triggers on requests mentioning GitHub security, repo security review, vulnerability remediation, or security audit.
majiayu000/claude-skill-registry 163
-
ark-vulnerability-fixer
CVE research and security patch workflow for Ark. Provides CVE API integration, mitigation strategies, and security-focused PR templates. Works with research, analysis, and setup skills for comprehensive vulnerability fixing.
majiayu000/claude-skill-registry 163
-
secrets-scanner
Scan codebase for secrets, API keys, credentials, and PII. Detect hardcoded sensitive data. Use when auditing for secrets, checking for exposed keys, reviewing security, or scanning for PII.
majiayu000/claude-skill-registry 163