Security AI Agent Skills

|

This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password policies", "test for session fixation", or "identify authentication bypass flaws". It provides comprehensive techniques for identifying authentication and session management weaknesses in web applications.

This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

A standalone MCP server for API testing and management, allowing AI assistants to interact with RESTful APIs through natural language. Postmancer is an MCP (Model Context Protocol) server that enables AI assistants like Claude to make HTTP requests, manage collections of API endpoints, and test API responses. It provides similar functionality to tools like Postman or Insomnia but designed specific

Expert deployment engineer specializing in modern CI/CD pipelines,

Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing zero-trust networking with minimal overhead.

A comprehensive Model Context Protocol (MCP) server for Jira integration with Claude Code. This server provides complete Jira functionality including issue management, sprint operations, comments, attachments, and batch processing. ⚠️ Security Note: Never commit your API tokens! All credentials should be in .env files or environment variables. - create-issue - Create issues with full field support

Simple utility to combine multiple files into one. Fast, secure, and easy to use. - Simple - Merge any number of files with a single command - Fast - Efficiently combines files of any size - Secure - Only accesses directories you allow - Detailed - Reports file sizes and merge summary - mergefiles - inputPaths (string[]): Files to merge - outputPath (string): Output file location - Success message

Implement PCI DSS compliance requirements for secure handling of payment card data and payment systems. Use when securing payment processing, achieving PCI compliance, or implementing payment card security measures.

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface. This plugin enables AI assistants (such as Claude) to interact directly with IDA Pro for binary analysis tasks. This server provides a series of tools that allow AI assistants to perform the following operations: - Get byte data from specific addresses - Get disasse

MCP (Model Context Protocol) server for domain and URL security analysis powered by GridinSoft Inspector. This MCP server allows your AI agent (Claude, Cursor, etc.) to verify any website or link. It helps answer the critical question: "Can I trust this site?" - Domain Reputation - Check if a site is well-known, safe, or suspicious. - Phishing Detection - Identify fraudulent pages designed to stea

Documentation Try with Claude Try with Goose A Model Context Protocol (MCP) server that enables AI models to interact with Bitcoin and Lightning Network, allowing them to generate keys, validate addresses, decode transactions, query the blockchain, and more. - ₿itcoin \& Lightning Network MCP Server - 💼 Table of Contents - 🔧 Features - 🔑 Claude Desktop Integration - Testing the Claude Desktop I

This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessment.

MCP server to let LLM take full control on your device by providing screen automation toolkit for controlling and interacting with graphical user interfaces. Good for automation, education and having fun. - 📷 Screen capture and analysis - 🖱️ Mouse control (clicking, positioning) - ⌨️ Keyboard input (typing, key presses, hotkeys) 0. Install python 3.12 1. Clone the repository: 2. create virtiual

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use for security architecture reviews, threat identification, and secure-by-design planning.

This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.

You are an expert in Solidity and smart contract security.

This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.

Zero-hallucination answers • Gemini Deep Research • 14 Security Layers • Enterprise Compliance What's New 2026 • Deep Research • Document API • Create Notebooks • Security • Install - 🔍 Query your NotebookLM notebooks — source-grounded, zero-hallucination answers - 📚 Create & manage notebooks programmatically — no manual clicking - 🎙️ Generate audio overviews — podcast-style summaries of your d

Build security Blue Books for sensitive apps

Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.

Triggers on stock/market analysis, investment research, earnings, valuations, sentiment queries.