ReddRadar
Agent skills
Skills you can use with AI coding agents, indexed from public GitHub repositories.
-
recon-nmap
Network reconnaissance and security auditing using Nmap for port scanning, service enumeration, and vulnerability detection. Use when: (1) Conducting authorized network reconnaissance and asset discovery, (2) Enumerating network services and identifying running versions, (3) Detecting security vulnerabilities through NSE scripts, (4) Mapping network topology and firewall rules, (5) Performing compliance scanning for security assessments, (6) Validating network segmentation and access controls.
majiayu000/claude-skill-registry 163
-
Provider Management
Skill for managing model provider priorities with authentication (OAuth/Subscription/API), usage limits, and automatic fallback across all major AI providers
majiayu000/claude-skill-registry 163
-
better-auth-sso
Integrate with Better Auth SSO for OAuth2/OIDC authentication. Use this skill when implementing SSO login flows, PKCE authentication, token management, JWKS verification, or global logout in Next.js applications connecting to a Better Auth server.
majiayu000/claude-skill-registry 163
-
threat-model-generator
Creates comprehensive threat models using STRIDE methodology with asset identification, threat enumeration, mitigation strategies, and residual risk assessment. Use for "threat modeling", "security analysis", "STRIDE", or "risk assessment".
majiayu000/claude-skill-registry 163
-
marketplace-audit
Display plugin versions from marketplace.json. Use when user asks to "audit versions", "show plugin versions", "list marketplace versions", or wants to see the current state of plugin versioning.
majiayu000/claude-skill-registry 163
-
security-symfony
Sicherheit & DSGVO - Atoll Tourisme. Use when reviewing security, implementing auth, or hardening code.
majiayu000/claude-skill-registry 163
-
.claude/skills/file-watcher-security/SKILL.md
ファイル監視システムのセキュリティ対策とプロダクション環境での安全な運用パターン。
最小権限の原則、Defense in Depth、Fail-Safe Defaultsに基づく多層防御設計を提供。
専門分野:
📖 参照書籍:
- 『Web Application Security』(Andrew Hoffman): 脅威モデリング
📚 リソース参照:
- `resources/Level1_basics.md`: レベル1の基礎ガイド
- `resources/Level2_intermediate.md`: レベル2の実務ガイド
- `resources/Level3_advanced.md`: レベル3の応用ガイド
- `resources/Level4_expert.md`: レベル4の専門ガイド
- `resources/legacy-skill.md`: 旧SKILL.mdの全文
- `resources/threat-model.md`: threat-model の詳細ガイド
- `scripts/log_usage.mjs`: 使用記録・自動評価スクリプト
- `scripts/security-audit.sh`: セキュリティを監査するスクリプト
- `scripts/validate-skill.mjs`: スキル構造検証スクリプト
- `templates/secure-watcher.ts`: secure-watcher のテンプレート
- `resources/requirements-index.md`: 要求仕様の索引(docs/00-requirements と同期)
Use proactively when handling file watcher security tasks.
majiayu000/claude-skill-registry 163
-
moai-alfred-code-reviewer
Enterprise systematic code review orchestrator with TRUST 5 principles, multi-language support, Context7 integration, AI-powered quality checks, SOLID principle validation, security vulnerability detection, and maintainability analysis across 25+ programming languages; activates for code reviews, quality standard validation, TRUST 5 enforcement, architectural audits, and automated review automation
majiayu000/claude-skill-registry 163
-
testing-apis
Test REST and GraphQL APIs for authentication bypasses, authorization flaws, IDOR, mass assignment, injection attacks, and rate limiting issues. Use when pentesting APIs or testing microservices security.
majiayu000/claude-skill-registry 163
-
Dependency Health
Security-first dependency management methodology with batch remediation, policy-driven compliance, and automated enforcement. Use when security vulnerabilities exist in dependencies, dependency freshness low (outdated packages), license compliance needed, or systematic dependency management lacking. Provides security-first prioritization (critical vulnerabilities immediately, high within week, medium within month), batch remediation strategy (group compatible updates, test together, single PR), policy-driven compliance framework (security policies, freshness policies, license policies), and automation tools for vulnerability scanning, update detection, and compliance checking. Validated in meta-cc with 6x speedup (9 hours manual to 1.5 hours systematic), 3 iterations, 88% transferability across package managers (concepts universal, tools vary by ecosystem).
majiayu000/claude-skill-registry 163
-
greg-isenberg
Talk to Greg Isenberg about their expertise. Greg Isenberg provides authentic advice using their mental models, core beliefs, and real-world examples.
majiayu000/claude-skill-registry 163
-
generate-report-header
Create standardized report headers with metadata for all agent-generated reports. Use when generating bug reports, security audits, dependency reports, or any worker output requiring consistent formatting.
majiayu000/claude-skill-registry 163
-
csp-header-generator
Generate Content Security Policy (CSP) header configurations for web security. Triggers on "create csp header", "generate content security policy", "csp config", "security headers".
majiayu000/claude-skill-registry 163
-
security-express
Review Express.js security audit patterns for middleware and routes. Use for auditing Helmet.js, CORS, body-parser limits, and auth middleware. Use proactively when reviewing Express.js apps.
Examples:
- user: "Secure my Express app" → add Helmet.js and disable x-powered-by
- user: "Check Express CORS config" → verify origin allowlists and credentials
- user: "Review Express auth middleware" → check route order and coverage
- user: "Scan for Express path traversal" → verify path normalization and validation
- user: "Audit Express session config" → check secure, httpOnly, and sameSite flags
majiayu000/claude-skill-registry 163
-
content-security-policy-generator
Content Security Policy Generator - Auto-activating skill for Security Fundamentals.
Triggers on: content security policy generator, content security policy generator
Part of the Security Fundamentals skill category.
majiayu000/claude-skill-registry 163
-
Vulnerability Detection
Systematic approach to identifying security vulnerabilities in code, dependencies, and infrastructure
majiayu000/claude-skill-registry 163
-
vulnerability-assessor
Assess identified vulnerabilities for exploitability, impact, and risk. Provide CVSS scoring and remediation strategies. Use when analyzing security findings.
majiayu000/claude-skill-registry 163
-
ffp-code-review
Review code changes for FFP project standards including multi-tenant security, British English, architecture patterns, and SOLID principles. Use when reviewing PRs, checking branch changes, or auditing code quality.
majiayu000/claude-skill-registry 163
-
qa-scenario-authoring
Create well-formed quality attribute scenarios with measurable response criteria
majiayu000/claude-skill-registry 163
-
security-audit-checklist
Provides exhaustive security vulnerability checklists with severity classifications, point deductions, and detection commands. Use when performing security audits, code reviews, penetration testing preparation, or checking OWASP compliance.
majiayu000/claude-skill-registry 163
-
analysis-tshark
Network protocol analyzer and packet capture tool for traffic analysis, security investigations, and forensic examination using Wireshark's command-line interface. Use when: (1) Analyzing network traffic for security incidents and malware detection, (2) Capturing and filtering packets for forensic analysis, (3) Extracting credentials and sensitive data from network captures, (4) Investigating network anomalies and attack patterns, (5) Validating encryption and security controls, (6) Performing protocol analysis for vulnerability research.
majiayu000/claude-skill-registry 163
-
ui-design-a11y
无障碍设计审查与修复能力。
majiayu000/claude-skill-registry 163
-
security-guardian
Expert en sécurité applicative pour détecter les vulnérabilités, auditer le code, et guider les bonnes pratiques de sécurité. OWASP Top 10, authentification, autorisation, cryptographie, gestion de secrets. Utiliser pour audits sécurité, reviews de code sensible, conception de features sécurisées, ou résolution de failles.
majiayu000/claude-skill-registry 163
-
mcp-security
Multi-agent and MCP pipeline security with 5-layer defense architecture. Use when building MCP servers, multi-agent systems, or any pipeline that handles user input to prevent prompt injection and ensure proper authorization.
majiayu000/claude-skill-registry 163