Security

Generates Solidity smart contracts with security best practices (ERC-20, ERC-721, ERC-1155, custom). Use when user asks to "create smart contract", "solidity contract", "erc20 token", "nft contract", or "web3 contract".

Backend services development with Python emphasizing security, performance, and maintainability for JARVIS AI Assistant

Performs systematic code review with universal best practices and repo-specific standards. Auto-activates after significant code changes. Use when reviewing code, auditing files, checking PRs, examining staged changes, or when asked to "review", "check", "audit", or "examine" code. Enforces design principles (SOLID, DRY, KISS), security (OWASP), performance, concurrency safety, cross-platform compatibility, and codebase patterns.

Database schema patterns for InsForge including social graphs, e-commerce, content publishing, and multi-tenancy with RLS policies. Use when designing data models with relationships, foreign keys, or Row Level Security.

Perform thorough code reviews with focus on security, performance, maintainability, and best practices. Use when reviewing code changes, pull requests, entire files, or codebase audits across any programming language.

Expert DevSecOps engineer specializing in secure CI/CD pipelines, shift-left security, security automation, and compliance as code. Use when implementing security gates, container security, infrastructure scanning, secrets management, or building secure supply chains.

Comprehensive API security guidance covering authentication methods, rate limiting, input validation, CORS, security headers, and protection against OWASP API Top 10 vulnerabilities. Use when designing API authentication, implementing rate limiting, configuring CORS, setting security headers, or reviewing API security.

Provides guidance on secure coding practices including OWASP Top 10 2025, CWE Top 25, input validation, output encoding, and language-specific security patterns. Use when reviewing code for security vulnerabilities, implementing security controls, or learning secure development practices.

Vue 3 and Nuxt 3 for JARVIS AI Assistant UI development with security-first patterns

Expert in Windows UI Automation (UIA) and Win32 APIs for desktop automation. Specializes in accessible, secure automation of Windows applications including element discovery, input simulation, and process interaction. HIGH-RISK skill requiring strict security controls for system access.

This skill should be used when reviewing Firebase code against security model and best practices. Triggers on "review firebase", "check firebase", "validate", "audit firebase", "security review", "look at firebase code". Validates configuration, rules, architecture, and security.

Use when configuring CDN for media delivery, implementing cache invalidation, or designing signed URL patterns. Covers CDN configuration, edge caching, origin shielding, and secure media access for headless CMS.

Comprehensive backend development skill for building scalable backend systems using NodeJS, Express, Go, Python, Postgres, GraphQL, REST APIs. Includes API scaffolding, database optimization, security implementation, and performance tuning. Use when designing APIs, optimizing database queries, implementing business logic, handling authentication/authorization, or reviewing backend code.

Application security specialist covering OWASP top 10, secure coding, and vulnerability prevention

Unified system configuration dispatcher for bazzite-ai. Manages services(Docker, Cockpit, SSH), desktop settings (gamemode, Steam), security(passwordless sudo), and development environment (GPU containers). Usewhen users need to enable/disable system features or check configuration status.

Central authority for Claude Code Model Context Protocol (MCP) integration. Covers MCP server installation (HTTP, SSE, stdio transports), server management (add, list, remove), installation scopes (local, project, user), plugin-provided MCP servers, enterprise MCP configuration, MCP resources and @ mentions, MCP prompts as slash commands, OAuth authentication, environment variable expansion, Claude Code as MCP server, output limits, and MCP security. Assists with connecting external tools, configuring MCP servers, managing authentication, and troubleshooting MCP issues. Delegates 100% to docs-management skill for official documentation.

Automated dependency management with security scanning, update orchestration, and compatibility validation

Rails controller patterns and REST conventions. Use when writing controllers, designing endpoints, or handling requests. Covers REST resources, thin controllers, authorization, and error handling.

Elite Talos Linux expert specializing in immutable Kubernetes OS, secure cluster deployment, machine configurations, talosctl CLI operations, upgrades, and production-grade security hardening. Expert in Talos 1.6+, secure boot, disk encryption, and zero-trust infrastructure. Use when deploying Talos clusters, configuring machine configs, troubleshooting node issues, or implementing security best practices.

Create REST or GraphQL API endpoints with proper validation, error handling, authentication, and documentation. Use when building backend APIs or serverless functions.