Security

Comprehensive code review knowledge including security, performance, accessibility, and quality standards across multiple languages and frameworks

Design and build scalable backend systems, master database technologies, design APIs, implement authentication, and optimize performance. Use for backend design, database selection, API development, and scaling strategies.

Implement authentication and authorization with Better Auth - a framework-agnostic TypeScript authentication framework. Features include email/password authentication with verification, OAuth providers (Google, GitHub, Discord, etc.), two-factor authentication (TOTP, SMS), passkeys/WebAuthn support, session management, role-based access control (RBAC), rate limiting, and database adapters. Use when adding authentication to applications, implementing OAuth flows, setting up 2FA/MFA, managing user sessions, configuring authorization rules, or building secure authentication systems for web applications.

This skill should be used when building backend applications with Encore.ts, a TypeScript backend framework. Use this skill for creating APIs, managing databases, implementing authentication, handling async messaging (Pub/Sub), managing storage, scheduling tasks (cron jobs), implementing middleware, configuring CORS, managing secrets, and structuring backend services. This skill is triggered when users need to create or modify backend services, endpoints, databases, authentication systems, or any other backend infrastructure using Encore.ts.

Generate Python code to call undocumented AWS APIs using SigV4 authentication from cURL requests captured in browser dev tools. This skill should be used when users need to create Python functions that call AWS internal or undocumented APIs with proper AWS Signature Version 4 authentication.

Analyze, review, and provide recommendations for distributed system designs. Use when: (1) Reviewing existing system architectures for gaps or improvements, (2) Analyzing system designs for scalability, reliability, or performance issues, (3) Providing recommendations on load balancing, caching, databases, sharding, replication, messaging, rate limiting, authentication, resilience, or monitoring, (4) Assessing trade-offs in system design decisions, (5) Creating system design review documents with gaps and recommendations. Triggers: "review my system design", "analyze this architecture", "what are the gaps", "system design recommendations", "scalability review", "reliability analysis".

Template for creating new cybersecurity skills. Provides structure and examples for skill development.

Analyze code changes for security vulnerabilities using LLM reasoning and threat model patterns. Use for PR reviews, pre-commit checks, or branch comparisons.

D1 adapter & error prevention guide for better-auth v1.4+. Use when implementing authentication with D1 databases, troubleshooting auth issues, or working with better-auth in TanStack Start or Cloudflare Workers environments.

Design, deploy, upgrade, and operate the InsightPulseAI Superset-based BI platform on the user's infrastructure with secure, stable, scalable configs.

Interactive question workflow for clarifying unclear or ambiguous tasks. Use when user requests are vague, lack specifications, have multiple valid implementation approaches, or require architectural decisions. Triggers on requests like "add authentication", "build a dashboard", "optimize the database", or any task where requirements are incomplete or implementation details are missing.

Create and optimize Dockerfiles with BuildKit, multi-stage builds, advanced caching, and security. Use when: (1) Creating new Dockerfile, (2) Optimizing existing Dockerfile, (3) Reducing image size, (4) Improving security, (5) Using Python with uv, (6) Resolving cache or slow build issues, (7) Setting up CI/CD builds

Review Dockerfiles for best practices, security, and optimization. Use when the user says "review Dockerfile", "optimize image", "Dockerfile best practices", "reduce image size", or asks to audit a container build.

Analyzes network protocol implementations to identify parsing vulnerabilities, state machine issues, and protocol-level security problems. Use when analyzing network servers, protocol handlers, or investigating protocol implementation bugs.

Configuring MCP Servers & Plugins for Claude Code. Set up Model Context Protocol servers (GitHub, Filesystem, Brave Search, SQLite). Configure OAuth, manage permissions, validate MCP structure. Use when integrating external tools, APIs, or expanding Claude Code capabilities.

Use when adding packages, bumping versions, or responding to security alerts. Enforces supply chain security and vulnerability remediation.

Android動的解析（DAST）。Frida、Objection、Drozerによるランタイム分析、SSL Pinningバイパス、通信傍受、メモリ解析。root端末またはエミュレータが必要。Triggers on: Frida, Objection, Drozer, dynamic analysis, runtime analysis, SSL pinning bypass, hook, instrumentation, memory dump, traffic interception.

This skill provides comprehensive knowledge for building applications with Cloudflare Sandboxes SDK, which enables secure, isolated code execution in full Linux containers at the edge. It should be used when executing untrusted code, running Python/Node.js scripts, performing git operations, building AI code execution systems, creating interactive development environments, or implementing CI/CD workflows that require full OS capabilities. Use when: Setting up Cloudflare Sandboxes, executing Python/Node.js code safely, managing stateful development environments, implementing AI code interpreters, running shell commands in isolation, handling git repositories programmatically, building chat-based coding agents, creating temporary build environments, processing files with system tools (ffmpeg, imagemagick, etc.), or when encountering issues with container lifecycle, session management, or state persistence. Keywords: cloudflare sandbox, container execution, code execution, isolated environment, durable objects, linux container, python execution, node execution, git operations, code interpreter, AI agents, session management, ephemeral container, workspace, sandbox SDK, @cloudflare/sandbox, exec(), getSandbox(), runCode(), gitCheckout(), ubuntu container

Run SonarQube/SonarCloud static code analysis to check code quality, detect security vulnerabilities, code smells, and bugs. Use when the user mentions SonarQube, code quality analysis, security scanning, static analysis, or wants to check for vulnerabilities.

보안 리뷰 수행. 취약점 점검, OWASP Top 10, 시크릿 노출, 의존성 보안 검토