ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
input-sanitization
Эксперт по санитизации ввода. Используй для XSS prevention, encoding, validation и security headers.
majiayu000/claude-skill-registry 163
-
fastapi-auth-patterns
Implement and validate FastAPI authentication strategies including JWT tokens, OAuth2 password flows, OAuth2 scopes for permissions, and Supabase integration. Use when implementing authentication, securing endpoints, handling user login/signup, managing permissions, integrating OAuth providers, or when user mentions JWT, OAuth2, Supabase auth, protected routes, access control, role-based permissions, or authentication errors.
majiayu000/claude-skill-registry 163
-
detect-hardcoded-secrets
Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages. Use when user asks about security issues or secret detection.
majiayu000/claude-skill-registry 163
-
auth-module-builder
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
majiayu000/claude-skill-registry 163
-
ffp-code-review
Review code changes for FFP project standards including multi-tenant security, British English, architecture patterns, and SOLID principles. Use when reviewing PRs, checking branch changes, or auditing code quality.
majiayu000/claude-skill-registry 163
-
tool-usage
Security tool command reference
majiayu000/claude-skill-registry 163
-
convex-patterns
Convex backend patterns with security, validation, and performance best practices
majiayu000/claude-skill-registry 163
-
security-testing-patterns
Security testing patterns including SAST, DAST, penetration testing, and vulnerability assessment techniques. Use when implementing security testing pipelines, conducting security audits, or validating application security controls.
majiayu000/claude-skill-registry 163
-
secure-nextjs-api-routes
A comprehensive security middleware system for Next.js 13+ App Router API routes that provides authentication, rate limiting, CSRF protection, audit logging, and security headers in a composable, production-ready pattern. Use when building secure Next.js APIs that need protection against common web vulnerabilities.
majiayu000/claude-skill-registry 163
-
code-reviewing
高品質なコードレビューを実施するスキル。セキュリティ、パフォーマンス、保守性、
アーキテクチャの観点から包括的にレビューし、Must/Should/Nice to haveで
優先順位付けした建設的なフィードバックを提供します。
majiayu000/claude-skill-registry 163
-
google-connect
Connect to Google Workspace services (Gmail, Docs, Sheets, Calendar, Drive, Tasks, Slides). Load when user mentions 'connect google', 'setup google', 'configure google', 'google integration', or needs to set up Google OAuth credentials.
majiayu000/claude-skill-registry 163
-
rodauth
Plutonium Rodauth integration - authentication setup, account types, and configuration
majiayu000/claude-skill-registry 163
-
authentication-flows
API Key、JWT、OAuth 2.0、mTLS などの認証方式を比較し、適切なフロー設計と実装方針を整理するスキル。
方式選定、トークン管理、署名戦略、セキュリティ対策を一貫して設計します。
Anchors:
• Web Application Security / 適用: 脅威整理 / 目的: 認証フローのリスク把握
• OWASP Authentication Cheat Sheet / 適用: 実装ベストプラクティス / 目的: 安全な実装指針
• RFC 6749 & RFC 7519 / 適用: OAuth/JWT仕様 / 目的: 標準準拠の設計
Trigger:
Use when selecting authentication flows (API Key/JWT/OAuth/mTLS), designing token strategy, or validating auth configuration.
majiayu000/claude-skill-registry 163
-
auth-provider
认证提供商统一接口,支持 Supabase Auth、Clerk、Firebase Auth 等主流认证服务。
提供用户注册、登录、OAuth、会话管理、权限验证等功能。
majiayu000/claude-skill-registry 163
-
auth
Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures. Framework-agnostic patterns that work with any tech stack.
majiayu000/claude-skill-registry 163
-
app-sharing
Manage Glide app access, privacy, authentication, and publishing.
Use when configuring who can access an app, setting up sign-in methods,
publishing apps, inviting users, or configuring Row Owners for data security.
majiayu000/claude-skill-registry 163
-
security-reviewer
Use when reviewing code for security vulnerabilities, conducting threat modeling, ensuring SLSA compliance, or performing security assessments. Invoked for security analysis, vulnerability detection, and compliance verification.
majiayu000/claude-skill-registry 163
-
Wheels Controller Generator
Generate Wheels MVC controllers with CRUD actions, filters, parameter verification, and proper rendering. Use when creating or modifying controllers, adding actions, implementing filters for authentication/authorization, handling form submissions, or rendering views/JSON. Ensures proper Wheels conventions and prevents common controller errors.
majiayu000/claude-skill-registry 163
-
service-mesh-integrator
Configure service mesh solutions including Istio, Linkerd, and Consul for traffic management, security, and observability in microservices. Activates for service mesh setup, mTLS, traffic routing, and mesh configuration.
majiayu000/claude-skill-registry 163
-
security-express
Express.js security audit patterns. Load when reviewing Express apps. Covers Helmet.js, CORS, body-parser limits, auth middleware, and common Express security mistakes.
majiayu000/claude-skill-registry 163
-
writing-agent-skills
Author and structure effective Agent Skills. Use when creating new skills, refining existing ones, or auditing skill structure and best practices.
majiayu000/claude-skill-registry 163
-
checking-session-security
Analyze session management implementations to identify security vulnerabilities in web applications.
Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security.
Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".
majiayu000/claude-skill-registry 163
-
ark-vulnerability-fixer
CVE research and security patch workflow for Ark. Provides CVE API integration, mitigation strategies, and security-focused PR templates. Works with research, analysis, and setup skills for comprehensive vulnerability fixing.
majiayu000/claude-skill-registry 163
-
security-expert
OWASPの基本を前提に、デフォルト安全(入力検証/認可/秘密情報/監査ログ/SSR/CSRF等)を落とさずに設計・実装・レビューする。脅威と攻撃面を洗い出し、最小権限と安全な失敗で守るために使う。
majiayu000/claude-skill-registry 163