Security AI Agent Skills

kubectl-mcp-server Control your entire Kubernetes infrastructure through natural language conversations with AI. Talk to your clusters like you talk to a DevOps expert. Debug crashed pods, optimize costs, deploy applications, audit security, manage Helm charts, and visualize dashboards—all through natural language. - What Can You Do? - Why kubectl-mcp-server? - Live Demos - Installation - Quick St

This project provides a modular, resource-oriented FastMCP server for interacting with Microsoft Graph API. It is designed for extensibility, maintainability, and security, supporting advanced queries for users, sign-in logs, MFA status, and privileged users. - Modular Resource Structure: - Each resource (users, sign-in logs, MFA, etc.) is implemented in its own module under src/msgraphmcpserver/r

MCP (Model Context Protocol) server for Biothings.io This server implements the Model Context Protocol (MCP) for BioThings, providing a standardized interface for accessing and manipulating biomedical data. MCP enables AI assistants and agents to access specialized biomedical knowledge through structured interfaces to authoritative data sources. Supported BioThings data sources include: - mygene.i

An MCP server that provides safe, read-only access to SQLite databases through Model Context Protocol (MCP). This server is built with the FastMCP framework, which enables LLMs to explore and query SQLite databases with built-in safety features and query validation. - Python 3.6+ - SQLite database file (path specified via environment variable) Install all required dependencies: - fastmcp: Framewor

This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability defin

A Model Context Protocol (MCP) server for Database EKM/TDE operations using CipherTrust Application Key Management (CAKM). - Resource-Based Management: Tools are organized by the database objects they manage (e.g., keys, encryption, wallets), not just by actions. - Operational Grouping: Each tool exposes multiple operations (e.g., create, list, rotate) for comprehensive lifecycle management. - Uni

A Model Context Protocol (MCP) server for GreptimeDB — an open-source, cloud-native, unified observability database. Enables AI assistants to query and analyze GreptimeDB using SQL, TQL (PromQL-compatible), and RANGE queries, with built-in security features like read-only enforcement and data masking. For Claude Desktop, add this to your config (~/Library/Application Support/Claude/claudedesktopco

mcpmysqlserverpro is not just about MySQL CRUD operations, but also includes database anomaly analysis capabilities and makes it easy for developers to extend with custom tools. - Supports all Model Context Protocol (MCP) transfer modes (STDIO, SSE, Streamable Http) - Supports OAuth2.0 - Supports multiple SQL execution, separated by ";" - Supports querying database table names and fields based on

SmartDB is a universal database gateway that implements the Model Context Protocol (MCP) server interface. This gateway allows MCP-compatible clients to connect and explore different databases. Compared to similar products, SmartDB not only provides basic database connection and exploration capabilities but also adds advanced features such as OAuth 2.0 authentication , health checks, SQL optimizat

Firebase gives you a complete backend in minutes - auth, database, storage, functions, hosting. But the ease of setup hides real complexity. Security rules are your last line of defense, and they're often wrong. Firestore queries are limited, and you learn this after you've designed your data model. This skill covers Firebase Authentication, Firestore, Realtime Database, Cloud Functions, Cloud Storage, and Firebase Hosting. Key insight: Firebase is optimized for read-heavy, denormalized data. I

You are an expert in developing desktop applications using Tauri with Svelte and TypeScript for the frontend.

Verify fix commits address audit findings without new bugs

API authentication patterns including JWT, OAuth 2.0, API keys, and session-based auth. Covers token generation, validation, refresh strategies, security best practices, and when to use each pattern. Use when implementing API authentication, choosing auth strategy, securing endpoints, or debugging auth issues. Prevents common vulnerabilities like token theft, replay attacks, and insecure storage.

Expert firmware analyst specializing in embedded systems, IoT

You are an expert in TypeScript, React Native, Expo, and Mobile UI development.

Build security Blue Books for sensitive apps

Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: file upload, S3, R2, presigned URL, multipart.

This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.

You are an expert in Solidity and smart contract security.

You are an expert in Solidity and smart contract security.

MCP-Dandan is an integrated monitoring service that observes MCP (Model Context Protocol) communications and detects security threats in real time. It features a modern desktop UI built with Electron for easy monitoring and management. Currently, MCP-Dandan is listed in well-known MCP-related open-source collections and can be found in the following repositories: - Awesome MCP Servers – Security -

An MCP (Model Context Protocol) server that enables running Bruno collections. This server allows LLMs to execute API tests using Bruno and get detailed results through a standardized interface. Run Bruno collections using the Bruno CLI Support for environment files Support for environment variables Detailed test results including: Overall success/failure status Test summary (total, passed, failed

This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use for security architecture reviews, threat identification, and secure-by-design planning.