Security AI Agent Skills

A Model Context Protocol server that enables retrieval of transcripts from YouTube videos. This server provides direct access to video captions and subtitles through a simple interface. To install YouTube Transcript Server for Claude Desktop automatically via Smithery: - gettranscript - Extract transcripts from YouTube videos - url (string, required): YouTube video URL, Shorts URL, or video ID - l

This skill should be used when the user asks to "follow red team methodology", "perform bug bounty hunting", "automate reconnaissance", "hunt for XSS vulnerabilities", "enumerate subdomains", or needs security researcher techniques and tool configurations from top bug bounty hunters.

Identify error-prone APIs and dangerous configurations

A portable, single-binary system auditing tool for Linux. Like Lynis but faster and smarter. No configuration needed. No dependencies. Just run. - 🔒 Security: Firewall, SSH hardening, SSL/TLS, fail2ban, SUID binaries, open ports - 🚀 Services: Systemd services, web servers, databases, Docker - 💻 Resources: CPU, RAM, disk usage, top processes - 💾 Storage: SMART health, inode usage, filesystem er

MCP Server for the VictoriaMetrics. To install VictoriaMetrics Server for Claude Desktop automatically via Smithery: Description: Write data to the VictoriaMetrics database. Input Parameters: Description: Import Prometheus exposition format data into VictoriaMetrics. Input Parameters: Description: Query time series data over a specific time range. Input Parameters: Description: Query the current v

Also available in TypeScript Send requests to OpenAI, MistralAI, Anthropic, xAI, Google AI, DeepSeek, Alibaba, Inception using MCP protocol via tool or predefined prompts. Vendor API key required The server implements one tool: - unichat: Send a request to unichat - Takes "messages" as required string arguments - Returns a response - codereview - Review code for best practices, potential issues, a

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform compliance audits and provide implementation guidance.

Expert service mesh architect specializing in Istio, Linkerd, and cloud-native networking patterns. Masters traffic management, security policies, observability integration, and multi-cluster mesh con

A small FastMCP-based Microservice that renders LaTeX to PDF. The server exposes MCP tools to render raw LaTeX or templates and produces artifacts (a .tex file and .pdf) under src/artifacts/. This repository is prepared to run locally and to be loaded by Claude Desktop (via the Model Context Protocol). The default entrypoint is runserver.py. - Render raw LaTeX to .tex and (optionally) .pdf using p

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.

Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards.

An MCP (Model Context Protocol) server providing comprehensive Xcode integration for AI assistants. This server enables AI agents to interact with Xcode projects, manage iOS simulators, and perform various Xcode-related tasks with enhanced error handling and support for multiple project types. - Set active projects and get detailed project information - Create new Xcode projects from templates (iO

Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.

Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.

One of the strange design decisions Anthropic made was depriving Claude of timestamps for messages sent by the user in claude.ai or current time in general. Poor Claude can't tell what time it is! mcp-simple-timeserver is a simple MCP server that fixes that. This server provides the following tools: All tools (except getlocaltime) use accurate time from NTP servers. If NTP is unavailable, they gra

Secure environment variable management with Varlock. Use when handling secrets, API keys, credentials, or any sensitive configuration. Ensures secrets are never exposed in terminals, logs, traces, or Claude's context. Trigger phrases include "environment variables", "secrets", ".env", "API key", "credentials", "sensitive", "Varlock".

After install, run st --cleanup to scan for and remove any malicious AI integrations. Security scanner detects supply chain attacks targeting AI assistants. Why this matters: Some npm packages install MCP servers that phone home to external endpoints, fetch mutable content via IPFS/IPNS, and can inject behavioral modifications into your AI sessions. These supply chain attacks are difficult to dete

A Claude Code skill that integrates the powerful web fuzzer ffuf (Fuzz Faster U Fool) for web security testing and reconnaissance tasks. This skill enables Claude Code to perform intelligent web fuzzing operations using ffuf, making it easier to discover hidden directories, files, subdomains, and API endpoints. - ffuf must be installed on your system - Claude Desktop application - Appropriate auth

Google News MCP Server A Model Context Protocol (MCP) server implementation that provides Google News search capabilities via SerpAPI integration. Automatically categorizes news results and supports multiple languages and regions. Comprehensive search capabilities including query-based search, topic search, publication filtering and story coverage. Supports multiple languages and regions through c

Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text. Covers Anthropic's Computer Use, OpenAI's Operator/CUA, and open-source alternatives. Critical focus on sandboxing, security, and handling the unique challenges of vision-based control. Use when: computer use, desktop automation agent, screen control AI, vision-based agent, GUI automation.

An MCP server (stdio transport) that wraps Hugging Face's LocalPythonExecutor (from the smolagents framework). It is a custom Python runtime that provides basic isolation/security when running Python code generated by LLMs locally. It does not require Docker or VM. This package allows to expose the Python executor via MCP (Model Context Protocol) as a tool for LLM apps like Claude Desktop, Cursor

A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with comprehensive security features. 1. Overview 2. Features 3. Configuration 4. Available Tools - runcommand - showsecurityrules 5. Usage with Claude Desktop - Development/Unpublished Servers Configuration - Published Servers Configuration 6. Security Features 7. Error Handling 8. Develop

This skill should be used when the user asks to "perform vulnerability scanning", "scan networks for open ports", "assess web application security", "scan wireless networks", "detect malware", "check cloud security", or "evaluate system compliance". It provides comprehensive guidance on security scanning tools and methodologies.