ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
typescript-security-checker
Next.js/TypeScriptプロジェクト向けセキュリティ診断スキル。OWASP準拠。
以下の場合に使用:
(1) PRレビュー時のセキュリティチェック
(2) API Routes のセキュリティ検証
(3) 認証・認可ロジックの確認
(4) 依存パッケージの脆弱性確認
(5) 環境変数・シークレット管理の確認
majiayu000/claude-skill-registry 163
-
software-security-appsec
Modern application security patterns including OWASP Top 10:2025, zero trust architecture, supply chain security, authentication, authorization, input validation, and cryptography for 2024-2025
majiayu000/claude-skill-registry 163
-
qa-security-scan
Security scanning templates and checklists for OWASP Top 10, authentication, authorization, data protection. Use when conducting security testing or vulnerability assessment.
This skill provides comprehensive security testing:
- OWASP Top 10 checklist with remediation
- Authentication and authorization testing
- Data protection verification
- Security report generation
- Integration with Codex CLI MCP for automated scanning
Triggers: "security scan", "vulnerability check", "OWASP", "security test", "セキュリティスキャン", "脆弱性チェック", "セキュリティテスト"
majiayu000/claude-skill-registry 163
-
log-analysis-security
Log Analysis Security - Auto-activating skill for Security Advanced.
Triggers on: log analysis security, log analysis security
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163
-
spring-security
Secure Spring Boot applications - authentication, authorization, OAuth2, JWT, CORS/CSRF protection
majiayu000/claude-skill-registry 163
-
IoT UART Console (picocom)
Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.
majiayu000/claude-skill-registry 163
-
security-engineering
Security auditing and vulnerability detection using OWASP patterns, CWE analysis, and threat modeling. Use when auditing code for security issues, reviewing authentication/authorization, evaluating input validation, analyzing cryptographic usage, reviewing dependency security, or when security-audit, vulnerability-scan, OWASP, threat-model, or --security are mentioned.
majiayu000/claude-skill-registry 163
-
secrets-management-gha
GitHub Actionsワークフローでの安全な秘密情報管理を実現する。
リポジトリ/環境/組織/Dependabotの4種類のシークレット使い分け、OIDCによるクラウド認証、ローテーション、監査を包括的に提供する。
Anchors:
• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング・セキュア設計 / 目的: シークレット管理戦略の基盤
• GitHub Actions Secrets API / 適用: シークレット設定・アクセス制御 / 目的: 各タイプの正確な使い分け
• OpenID Connect (OIDC) Specification / 適用: クラウドプロバイダー認証 / 目的: 長期認証情報の排除
Trigger:
Use when configuring GitHub Actions secrets, implementing cloud OIDC authentication, rotating secrets, or auditing secret access patterns.
GitHub secrets, OIDC, secret rotation, environment secrets, organization secrets, cloud authentication
majiayu000/claude-skill-registry 163
-
sinatra-security
Security best practices for Sinatra applications including input validation, CSRF protection, and authentication patterns. Use when hardening applications or conducting security reviews.
majiayu000/claude-skill-registry 163
-
oauth-client-setup
Oauth Client Setup - Auto-activating skill for API Integration.
Triggers on: oauth client setup, oauth client setup
Part of the API Integration skill category.
majiayu000/claude-skill-registry 163
-
pentest-metasploit
Penetration testing framework for exploit development, vulnerability validation, and authorized security assessments using Metasploit Framework. Use when: (1) Validating vulnerabilities in authorized security assessments, (2) Demonstrating exploit impact for security research, (3) Testing defensive controls in controlled environments, (4) Conducting authorized penetration tests with proper scoping and authorization, (5) Developing post-exploitation workflows for red team operations.
majiayu000/claude-skill-registry 163
-
Pentest Checklist
This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
majiayu000/claude-skill-registry 163
-
oauth-callback-handler
Oauth Callback Handler - Auto-activating skill for API Integration.
Triggers on: oauth callback handler, oauth callback handler
Part of the API Integration skill category.
majiayu000/claude-skill-registry 163
-
vuln-patterns-languages
Language-specific vulnerability detection patterns for JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. Provides regex patterns and grep commands for common security vulnerabilities.
majiayu000/claude-skill-registry 163
-
cookbook-audit
Audit an Anthropic Cookbook notebook based on a rubric. Use whenever a notebook review or audit is requested.
majiayu000/claude-skill-registry 163
-
graphql-security
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
majiayu000/claude-skill-registry 163
-
team-sync-coderhzy-vibecoding-project-m
majiayu000/claude-skill-registry 163
-
auth-implementation-patterns
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.
majiayu000/claude-skill-registry 163
-
workers-security
Cloudflare Workers security with authentication, CORS, rate limiting, input validation. Use for securing APIs, JWT/API keys, or encountering auth failures, CORS errors, XSS/injection vulnerabilities.
majiayu000/claude-skill-registry 163
-
outline-cli
Allow droids to interact with Outline Wiki via the outlinectl CLI (auth, collections, docs) with automation-friendly JSON output.
majiayu000/claude-skill-registry 163
-
bandit-security-scan
Run Bandit security analysis to find common security issues and vulnerabilities in Python code. Use when the user mentions Bandit, security analysis, vulnerability scanning, security audit, software composition analysis (SCA), or wants to check for security issues in Python code.
majiayu000/claude-skill-registry 163
-
testing-web-applications
Test web applications for security vulnerabilities including SQLi, XSS, command injection, JWT attacks, SSRF, file uploads, XXE, and API flaws. Use when pentesting web apps, analyzing authentication, or exploiting OWASP Top 10 vulnerabilities.
majiayu000/claude-skill-registry 163
-
security-williaby-image-preprocessing-d-williaby-image-preprocessing-
majiayu000/claude-skill-registry 163
-
threat-model-creator
Threat Model Creator - Auto-activating skill for Security Advanced.
Triggers on: threat model creator, threat model creator
Part of the Security Advanced skill category.
majiayu000/claude-skill-registry 163