Security AI Agent Skills

This project provides a modular, resource-oriented FastMCP server for interacting with Microsoft Graph API. It is designed for extensibility, maintainability, and security, supporting advanced queries for users, sign-in logs, MFA status, and privileged users. - Modular Resource Structure: - Each resource (users, sign-in logs, MFA, etc.) is implemented in its own module under src/msgraphmcpserver/r

Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text. Covers Anthropic's Computer Use, OpenAI's Operator/CUA, and open-source alternatives. Critical focus on sandboxing, security, and handling the unique challenges of vision-based control. Use when: computer use, desktop automation agent, screen control AI, vision-based agent, GUI automation.

Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability

A Model Context Protocol (MCP) server for GreptimeDB — an open-source, cloud-native, unified observability database. Enables AI assistants to query and analyze GreptimeDB using SQL, TQL (PromQL-compatible), and RANGE queries, with built-in security features like read-only enforcement and data masking. For Claude Desktop, add this to your config (~/Library/Application Support/Claude/claudedesktopco

Expert in secure frontend coding practices specializing in XSS

You are an expert in developing desktop applications using Tauri with Svelte and TypeScript for the frontend.

Senior Laravel Engineer role for production-grade, maintainable, and idiomatic Laravel solutions. Focuses on clean architecture, security, performance, and modern standards (Laravel 10/11+).

Firebase gives you a complete backend in minutes - auth, database, storage, functions, hosting. But the ease of setup hides real complexity. Security rules are your last line of defense, and they're often wrong. Firestore queries are limited, and you learn this after you've designed your data model. This skill covers Firebase Authentication, Firestore, Realtime Database, Cloud Functions, Cloud Storage, and Firebase Hosting. Key insight: Firebase is optimized for read-heavy, denormalized data. I

Verify fix commits address audit findings without new bugs

Use when the user asks about WordPress codebases (plugins, themes, block themes, Gutenberg blocks, WP core checkouts) and you need to quickly classify the repo and route to the correct workflow/skill (blocks, theme.json, REST API, WP-CLI, performance, security, testing, release packaging).

Expert firmware analyst specializing in embedded systems, IoT

Docker image optimization patterns including multi-stage builds, layer caching, security hardening, and size reduction techniques. Use when building Docker images, optimizing container size, improving build performance, or implementing Docker security best practices. Reduces image sizes by 70-90% and build times by 50-80%.

Master modern GraphQL with federation, performance optimization,

Expert in secure mobile coding practices specializing in input

Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: file upload, S3, R2, presigned URL, multipart.

Follow best practices, lean towards agile methodologies

Identify error-prone APIs and dangerous configurations

This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.

You are a workflow automation expert specializing in creating efficient CI/CD pipelines, GitHub Actions workflows, and automated development processes. Design automation that reduces manual work, improves consistency, and accelerates delivery while maintaining quality and security.

Shared configuration patterns for project setup commands. Provides security hooks, Claude framework structure templates, and framework detection patterns used across multiple setup commands.

You are an expert in Solidity and smart contract security.

A portable, single-binary system auditing tool for Linux. Like Lynis but faster and smarter. No configuration needed. No dependencies. Just run. - 🔒 Security: Firewall, SSH hardening, SSL/TLS, fail2ban, SUID binaries, open ports - 🚀 Services: Systemd services, web servers, databases, Docker - 💻 Resources: CPU, RAM, disk usage, top processes - 💾 Storage: SMART health, inode usage, filesystem er

MCP Server for the VictoriaMetrics. To install VictoriaMetrics Server for Claude Desktop automatically via Smithery: Description: Write data to the VictoriaMetrics database. Input Parameters: Description: Import Prometheus exposition format data into VictoriaMetrics. Input Parameters: Description: Query time series data over a specific time range. Input Parameters: Description: Query the current v

Expert network engineer specializing in modern cloud networking,