ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
security-header-generator
Generates security HTTP headers (CSP, HSTS, CORS, etc.) for web applications to prevent common attacks. Use when user asks to "add security headers", "setup CSP", "configure CORS", "secure headers", or "HSTS setup".
majiayu000/claude-skill-registry 163
-
secure-nextjs-api-routes
A comprehensive security middleware system for Next.js 13+ App Router API routes that provides authentication, rate limiting, CSRF protection, audit logging, and security headers in a composable, production-ready pattern. Use when building secure Next.js APIs that need protection against common web vulnerabilities.
majiayu000/claude-skill-registry 163
-
agent-security-auditor
Expert security auditor specializing in comprehensive security assessments, compliance validation, and risk management. Masters security frameworks, audit methodologies, and compliance standards with focus on identifying vulnerabilities and ensuring regulatory adherence.
majiayu000/claude-skill-registry 163
-
checkpoints
majiayu000/claude-skill-registry 163
-
waf-rule-creator
Waf Rule Creator - Auto-activating skill for Security Advanced.
Triggers on: waf rule creator, waf rule creator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
attack-methods-lookup
Looks up OWASP Top 10 attack methods, CWE references, and form-specific vulnerability patterns with a bounty hunter mindset. Returns attack vectors, payloads, and payout estimates. Use when user asks about "XSS", "SQL injection", "CSRF", "OWASP", "CWE", "IDOR", "injection", "bypass", "vulnerability", "exploit", "SQLインジェクション", "クロスサイトスクリプティング", "脆弱性".
majiayu000/claude-skill-registry 163
-
auditing-project
Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
majiayu000/claude-skill-registry 163
-
oauth-client-setup
Oauth Client Setup - Auto-activating skill for API Integration.
Triggers on: oauth client setup, oauth client setup
Part of the API Integration skill category.
majiayu000/claude-skill-registry 163
-
auth-configs
Configure Supabase authentication providers (OAuth, JWT, email). Use when setting up authentication, configuring OAuth providers (Google/GitHub/Discord), implementing auth flows, configuring JWT settings, or when user mentions Supabase auth, social login, authentication setup, or auth configuration.
majiayu000/claude-skill-registry 163
-
security/threat-model
Threat Modeling security skill
majiayu000/claude-skill-registry 163
-
telnetshell
Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.
majiayu000/claude-skill-registry 163
-
generate-report-header
Create standardized report headers with metadata for all agent-generated reports. Use when generating bug reports, security audits, dependency reports, or any worker output requiring consistent formatting.
majiayu000/claude-skill-registry 163
-
http-header-security-audit
Http Header Security Audit - Auto-activating skill for Security Fundamentals.
Triggers on: http header security audit, http header security audit
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
secrets-management-gha
GitHub Actionsワークフローでの安全な秘密情報管理を実現する。
リポジトリ/環境/組織/Dependabotの4種類のシークレット使い分け、OIDCによるクラウド認証、ローテーション、監査を包括的に提供する。
Anchors:
• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング・セキュア設計 / 目的: シークレット管理戦略の基盤
• GitHub Actions Secrets API / 適用: シークレット設定・アクセス制御 / 目的: 各タイプの正確な使い分け
• OpenID Connect (OIDC) Specification / 適用: クラウドプロバイダー認証 / 目的: 長期認証情報の排除
Trigger:
Use when configuring GitHub Actions secrets, implementing cloud OIDC authentication, rotating secrets, or auditing secret access patterns.
GitHub secrets, OIDC, secret rotation, environment secrets, organization secrets, cloud authentication
majiayu000/claude-skill-registry 163
-
siem-rule-generator
Siem Rule Generator - Auto-activating skill for Security Advanced.
Triggers on: siem rule generator, siem rule generator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
prioritizing-improvements
Use when stakeholders pressure you to change technical priorities and you're tempted to compromise on security-first or call it synthesis - enforces risk-based prioritization over stakeholder preferences
majiayu000/claude-skill-registry 163
-
langchain-agents
Expert guidance for building LangChain agents with proper tool binding, memory, and configuration. Use when creating agents, configuring models, or setting up tool integrations in LangConfig.
majiayu000/claude-skill-registry 163
-
dependency-guardian
Automated dependency management with security scanning, update orchestration, and compatibility validation
majiayu000/claude-skill-registry 163
-
Provider Management
Skill for managing model provider priorities with authentication (OAuth/Subscription/API), usage limits, and automatic fallback across all major AI providers
majiayu000/claude-skill-registry 163
-
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
-
security/input-validation
Input Validation security skill
majiayu000/claude-skill-registry 163
-
nostr-wallet-connect
Use when implementing Nostr Wallet Connect (NIP-47) wallet service - provides complete patterns for generating NWC connection strings, publishing info events, listening for requests, processing wallet commands, and sending encrypted responses. Client-side patterns included for reference.
majiayu000/claude-skill-registry 163
-
compliance-auditor
Automated compliance auditing for SOC2, HIPAA, GDPR, and PCI-DSS. Activates for compliance checks, security audits, regulatory requirements, and compliance automation.
majiayu000/claude-skill-registry 163
-
sqlmodel-task-models
This skill should be used when defining a robust, type-safe, and async-compatible database schema for the Todo application using SQLModel, ensuring compatibility with Better Auth and optimized for PostgreSQL.
majiayu000/claude-skill-registry 163