ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
OC Authentication Helper
Helper skill to retrieve OAuth tokens from the correct OpenShift cluster context when multiple clusters are configured
majiayu000/claude-skill-registry 163
-
discovery.risk_assessment
Identify potential quality, security, and delivery risks early in discovery to inform mitigation planning.
majiayu000/claude-skill-registry 163
-
crack-hashcat
Advanced password recovery and hash cracking tool supporting multiple algorithms and attack modes. Use when: (1) Performing authorized password auditing and security assessments, (2) Recovering passwords from captured hashes in forensic investigations, (3) Testing password policy strength and complexity, (4) Validating encryption implementations, (5) Conducting security research on cryptographic hash functions, (6) Demonstrating password weakness in penetration testing reports.
majiayu000/claude-skill-registry 163
-
bir-tax-filing
Automate Philippine BIR (Bureau of Internal Revenue) tax form generation and filing. Handles 1601-C (withholding tax), 2550Q (quarterly VAT), 1702-RT/EX (annual income tax), and ATP (Authorization to Print) validation. Ensures 100% compliance with BIR regulations.
majiayu000/claude-skill-registry 163
-
auditing-access-control
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.
majiayu000/claude-skill-registry 163
-
nextauth
Implements authentication with Auth.js/NextAuth.js v5 including OAuth providers, credentials, sessions, and route protection. Use when adding authentication to Next.js, configuring OAuth providers, or protecting routes.
majiayu000/claude-skill-registry 163
-
session-management-ssg-ssr
Expert skill for implementing session management in SSG (Static Site Generation) and SSR (Server-Side Rendering) contexts. Covers stateless authentication with JWT, database session management, client-side session handling, and security best practices for different rendering strategies. Use when implementing session management in static sites (SSG), handling authentication in server-side rendered applications (SSR), or implementing stateless authentication with JWT tokens.
majiayu000/claude-skill-registry 163
-
audit-skill
Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis. Use this skill when performing security audits, code reviews, vulnerability assessments, module structure validation, or generating audit reports.
majiayu000/claude-skill-registry 163
-
cybersecurity-analyst
Analyzes events through cybersecurity lens using threat modeling, attack surface analysis, defense-in-depth,
zero-trust architecture, and risk-based frameworks (CIA triad, STRIDE, MITRE ATT&CK).
Provides insights on vulnerabilities, attack vectors, defense strategies, incident response, and security posture.
Use when: Security incidents, vulnerability assessments, threat analysis, security architecture, compliance.
Evaluates: Confidentiality, integrity, availability, threat actors, attack patterns, controls, residual risk.
majiayu000/claude-skill-registry 163
-
aws-security-best-practices
Implement comprehensive AWS security controls and compliance
majiayu000/claude-skill-registry 163
-
sr-cardoso-backend
Backend Cloud Run/Express/Firestore do Sr Cardoso. Use quando criar ou alterar endpoints, auth JWT, regras de agenda, financeiro, branding, WhatsApp, cron jobs, ou modelagem Firestore.
majiayu000/claude-skill-registry 163
-
windsurf-dependency-management
Analyze and update dependencies with vulnerability scanning. Activate when users mention
"update dependencies", "security audit", "npm audit", "vulnerability scan",
or "dependency updates". Handles dependency analysis and updates. Use when working with windsurf dependency management functionality. Trigger with phrases like "windsurf dependency management", "windsurf management", "windsurf".
majiayu000/claude-skill-registry 163
-
attacking-wireless-networks
Attack WiFi networks using WPA/WPA2 cracking, WPS exploitation, Evil Twin attacks, deauthentication, and wireless reconnaissance. Use when pentesting wireless networks or performing WiFi security assessments.
majiayu000/claude-skill-registry 163
-
Security Auditing
Audit security with vulnerability scanning, input validation checks, and auth/authz review against OWASP Top 10. Use when implementing authentication, reviewing security-sensitive code, or conducting security audits.
majiayu000/claude-skill-registry 163
-
detect-hardcoded-secrets
Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages. Use when user asks about security issues or secret detection.
majiayu000/claude-skill-registry 163
-
fastapi-security-expert
Expert in securing FastAPI applications with JWT tokens and Better Auth. Use this when implementing authentication middleware, route protection, and user isolation.
majiayu000/claude-skill-registry 163
-
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
-
vulnerability-scanning
Automated vulnerability detection using OWASP tools, CVE databases, and security scanners. Use when performing security audits, compliance checks, or continuous security monitoring.
majiayu000/claude-skill-registry 163
-
openwebf-security-remote-content
Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.
majiayu000/claude-skill-registry 163
-
audit-style
Audit and refactor CSS to comply with Game Loopers design system and BEM methodology
majiayu000/claude-skill-registry 163
-
WordPress Penetration Testing
This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.
majiayu000/claude-skill-registry 163
-
SSH Penetration Testing
This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
majiayu000/claude-skill-registry 163
-
google-docs-sheets
Export Google Docs and Google Sheets (spreadsheets) to Markdown files or stdout. Use when asked to fetch, download, or ingest Google Docs/Sheets content for summarization, analysis, or context loading. Tries gcloud ADC first with browser OAuth fallback.
majiayu000/claude-skill-registry 163
-
authentication-docs
API認証ドキュメント(OAuth 2.0/PKCE、API Key、JWT、トークン管理)の作成と図解を支援するスキル。
認証フローの説明、トークン取得手順、セキュリティ注意点をわかりやすく整理します。
Anchors:
• OAuth 2.0 Simplified / 適用: フロー図解 / 目的: 正確な説明と用語整理
• Web Application Security / 適用: セキュリティ注意点 / 目的: 安全な認証ドキュメント
• API Documentation Best Practices / 適用: ドキュメント構成 / 目的: 読みやすさの担保
Trigger:
Use when writing authentication docs, creating OAuth flow diagrams, documenting token management, or preparing quickstart guides for API auth.
majiayu000/claude-skill-registry 163