Security AI Agent Skills

Expert Terraform/OpenTofu specialist mastering advanced IaC

Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.

Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification.

Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working with HSM-backed keys.

kubectl-mcp-server Control your entire Kubernetes infrastructure through natural language conversations with AI. Talk to your clusters like you talk to a DevOps expert. Debug crashed pods, optimize costs, deploy applications, audit security, manage Helm charts, and visualize dashboards—all through natural language. - What Can You Do? - Why kubectl-mcp-server? - Live Demos - Installation - Quick St

This project provides a modular, resource-oriented FastMCP server for interacting with Microsoft Graph API. It is designed for extensibility, maintainability, and security, supporting advanced queries for users, sign-in logs, MFA status, and privileged users. - Modular Resource Structure: - Each resource (users, sign-in logs, MFA, etc.) is implemented in its own module under src/msgraphmcpserver/r

MCP (Model Context Protocol) server for Biothings.io This server implements the Model Context Protocol (MCP) for BioThings, providing a standardized interface for accessing and manipulating biomedical data. MCP enables AI assistants and agents to access specialized biomedical knowledge through structured interfaces to authoritative data sources. Supported BioThings data sources include: - mygene.i

An MCP server that provides safe, read-only access to SQLite databases through Model Context Protocol (MCP). This server is built with the FastMCP framework, which enables LLMs to explore and query SQLite databases with built-in safety features and query validation. - Python 3.6+ - SQLite database file (path specified via environment variable) Install all required dependencies: - fastmcp: Framewor

This project is a Model Context Protocol (MCP) server that provides access to the Bear Notes. Bear stores notes on SQLite database. This MCP server runs some SQL commands to access this notes. - Read notes - Search notes by text - List all tags Update your claudedesktopconfig.json When the server is started, the following MCP tools become available: - getnotes: Retrieves all notes - gettags: Lists

Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability

A Model Context Protocol (MCP) server for Database EKM/TDE operations using CipherTrust Application Key Management (CAKM). - Resource-Based Management: Tools are organized by the database objects they manage (e.g., keys, encryption, wallets), not just by actions. - Operational Grouping: Each tool exposes multiple operations (e.g., create, list, rotate) for comprehensive lifecycle management. - Uni

A Model Context Protocol (MCP) server for GreptimeDB — an open-source, cloud-native, unified observability database. Enables AI assistants to query and analyze GreptimeDB using SQL, TQL (PromQL-compatible), and RANGE queries, with built-in security features like read-only enforcement and data masking. For Claude Desktop, add this to your config (~/Library/Application Support/Claude/claudedesktopco

mcpmysqlserverpro is not just about MySQL CRUD operations, but also includes database anomaly analysis capabilities and makes it easy for developers to extend with custom tools. - Supports all Model Context Protocol (MCP) transfer modes (STDIO, SSE, Streamable Http) - Supports OAuth2.0 - Supports multiple SQL execution, separated by ";" - Supports querying database table names and fields based on

SmartDB is a universal database gateway that implements the Model Context Protocol (MCP) server interface. This gateway allows MCP-compatible clients to connect and explore different databases. Compared to similar products, SmartDB not only provides basic database connection and exploration capabilities but also adds advanced features such as OAuth 2.0 authentication , health checks, SQL optimizat

Triggers on stock/market analysis, investment research, earnings, valuations, sentiment queries.

A personal MCP (Model Context Protocol) server for securely storing and accessing API keys across projects using the macOS Keychain. ServeMyAPI allows you to store API keys securely in the macOS Keychain and access them through a consistent MCP interface. This makes it easy to: - Store API keys securely (they're never visible in .env files or config files) - Access the same keys across multiple pr

Shared configuration patterns for project setup commands. Provides security hooks, Claude framework structure templates, and framework detection patterns used across multiple setup commands.

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

Expert firmware analyst specializing in embedded systems, IoT

API authentication patterns including JWT, OAuth 2.0, API keys, and session-based auth. Covers token generation, validation, refresh strategies, security best practices, and when to use each pattern. Use when implementing API authentication, choosing auth strategy, securing endpoints, or debugging auth issues. Prevents common vulnerabilities like token theft, replay attacks, and insecure storage.

A Claude Code skill that integrates the powerful web fuzzer ffuf (Fuzz Faster U Fool) for web security testing and reconnaissance tasks. This skill enables Claude Code to perform intelligent web fuzzing operations using ffuf, making it easier to discover hidden directories, files, subdomains, and API endpoints. - ffuf must be installed on your system - Claude Desktop application - Appropriate auth

Docker image optimization patterns including multi-stage builds, layer caching, security hardening, and size reduction techniques. Use when building Docker images, optimizing container size, improving build performance, or implementing Docker security best practices. Reduces image sizes by 70-90% and build times by 50-80%.

Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit code on the current branch.

This skill should be used when the user asks to "perform vulnerability scanning", "scan networks for open ports", "assess web application security", "scan wireless networks", "detect malware", "check cloud security", or "evaluate system compliance". It provides comprehensive guidance on security scanning tools and methodologies.