mdskills
← All tags

Security AI Agent Skills

AI agent skills for application security. Vulnerability scanning, secure coding patterns, authentication, and audit workflows.

197 listings

Ethical Hacking Methodology

This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.

7.0sickn33/antigravity-awesome-skills

FFUF Skill for Claude Code

A Claude Code skill that integrates the powerful web fuzzer ffuf (Fuzz Faster U Fool) for web security testing and reconnaissance tasks. This skill enables Claude Code to perform intelligent web fuzzing operations using ffuf, making it easier to discover hidden directories, files, subdomains, and API endpoints. - ffuf must be installed on your system - Claude Desktop application - Appropriate auth

2.0jthack/ffuf_claude_skill

Deployment Engineer

Expert deployment engineer specializing in modern CI/CD pipelines,

6.0sickn33/antigravity-awesome-skills

Security Scanning Security Dependencies

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

5.0sickn33/antigravity-awesome-skills

AWS Penetration Testing

This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessment.

8.0sickn33/antigravity-awesome-skills

Gridinsoft/mcp Inspector

MCP Server

MCP (Model Context Protocol) server for domain and URL security analysis powered by GridinSoft Inspector. This MCP server allows your AI agent (Claude, Cursor, etc.) to verify any website or link. It helps answer the critical question: "Can I trust this site?" - Domain Reputation - Check if a site is well-known, safe, or suspicious. - Phishing Detection - Identify fraudulent pages designed to stea

8.0gridinsoft/mcp-inspector

TypeScript Expo Jest Detox

Rules

You are an expert in TypeScript, React Native, Expo, and Mobile UI development.

2.0PatrickJS/awesome-cursorrules

API Authentication

Plugin

API authentication patterns including JWT, OAuth 2.0, API keys, and session-based auth. Covers token generation, validation, refresh strategies, security best practices, and when to use each pattern. Use when implementing API authentication, choosing auth strategy, securing endpoints, or debugging auth issues. Prevents common vulnerabilities like token theft, replay attacks, and insecure storage.

8.0applied-artificial-intelligence/claude-code-toolkit

Azure Security Keyvault Keys Dotnet

|

8.0sickn33/antigravity-awesome-skills

Codebase Cleanup Deps Audit

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

7.0sickn33/antigravity-awesome-skills

Terraform Specialist

Expert Terraform/OpenTofu specialist mastering advanced IaC

8.0sickn33/antigravity-awesome-skills

API Fuzzing for Bug Bounty

This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.

8.0sickn33/antigravity-awesome-skills

Solidity Foundry

Rules

You are an expert in Solidity and smart contract security.

7.0PatrickJS/awesome-cursorrules

Kubernetes Architect

Expert Kubernetes architect specializing in cloud-native

6.0sickn33/antigravity-awesome-skills

K8s Manifest Generator

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

5.0sickn33/antigravity-awesome-skills

Security Bluebook Builder

Build security Blue Books for sensitive apps

2.0sickn33/antigravity-awesome-skills

Attack Tree Construction

Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.

7.0sickn33/antigravity-awesome-skills

Security Requirement Extraction

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

5.0sickn33/antigravity-awesome-skills

Linkerd Patterns

Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing zero-trust networking with minimal overhead.

8.0sickn33/antigravity-awesome-skills

Azure Security Keyvault Secrets Java

Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.

6.0sickn33/antigravity-awesome-skills

Claw Release

Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification.

8.0prompt-security/clawsec

Azure Security Keyvault Keys Java

Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working with HSM-backed keys.

7.0sickn33/antigravity-awesome-skills

Burp Suite Web Application Testing

This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.

8.0sickn33/antigravity-awesome-skills

File Uploads

Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: file upload, S3, R2, presigned URL, multipart.

4.0sickn33/antigravity-awesome-skills