Security

expo-secure-store patterns for sensitive data. Use when storing tokens and credentials.

Deploys infrastructure on Oracle Cloud Infrastructure (OCI) with ARM64 instances (Always Free tier eligible).Handles compartments, VCNs, subnets, security lists, and compute instances.Use when: setting up Oracle Cloud infrastructure, deploying ARM64 instances, troubleshooting OUT_OF_HOST_CAPACITY errors, optimizing for Always Free tier.Keywords: oracle cloud, OCI, ARM64, VM.Standard.A1.Flex, Always Free tier, OUT_OF_HOST_CAPACITY, oci compartment, oci vcn

Master containerization and orchestration with security-first approach. Expert in Docker multi-stage builds, Kubernetes zero-trust deployments, security hardening, GitOps workflows, and production-ready patterns for cloud-native applications. Includes 2025 best practices from CNCF and major cloud providers.

GKE security hardening guide with Pulumi. Private clusters, Workload Identity, Binary Authorization, network policies, IAM configuration, and runtime security enforcement.

Manage incoming internet traffic and reverse proxy configuration on the home network gateway. Configure Caddy, OAuth2 authentication, fail2ban security, and traffic routing.

Comprehensive manual for Telegram Mini Apps SDK. Use when developers need guidance on creating web applications inside Telegram, working with WebApp API, managing user data, handling authentication via initData, implementing buttons and events, working with storage, and integrating with Telegram ecosystem features.

Clerk and Supabase integration patterns for user sync, JWT authentication, and RLS policies. Use when integrating Clerk authentication with Supabase, syncing user data between platforms, configuring RLS with Clerk JWT tokens, setting up webhooks for user events, implementing secure database access with Clerk identity, or when user mentions Clerk Supabase sync, user synchronization, JWT RLS, authentication webhooks, or database user management.

Use when initializing a new React frontend with Vite to connect to a Django backend over HTTPS. Sets up routing, CSRF protection, Axios config, and validates the build. Not for existing React projects.

Dokploy 셀프호스팅 PaaS 플랫폼의 전체 관리 스킬. SSH 및 API를 통한 서버 관리,애플리케이션 배포, Docker Compose/Swarm 관리, 데이터베이스(PostgreSQL, MySQL, MongoDB, Redis) 관리,Traefik 리버스 프록시 설정, SSL 인증서(Let's Encrypt, Cloudflare Origin CA), 도메인 설정,볼륨 백업/복원, 컨테이너 모니터링, 서버 문제 해결 및 디버깅을 지원합니다.이 스킬 사용 시점:(1) "Dokploy", "dokploy" 언급 시(2) 애플리케이션 배포/재배포 요청(3) Docker Compose 또는 Swarm 관련 작업(4) 도메인 설정, SSL 인증서, HTTPS 설정(5) Traefik 설정 확인/수정, 502 에러, 도메인 접속 문제(6) 데이터베이스 생성, 백업, 복원(7) 볼륨 백업/복원, S3 연동(8) 컨테이너 로그 확인, 서버 상태 점검(9) 서버 유지보수, Dokploy 업데이트(10) 빌드 타입 선택 (Nixpacks, Dockerfile, Buildpack)

Configure Supabase authentication providers (OAuth, JWT, email). Use when setting up authentication, configuring OAuth providers (Google/GitHub/Discord), implementing auth flows, configuring JWT settings, or when user mentions Supabase auth, social login, authentication setup, or auth configuration.

Production-grade AI architecture patterns for enterprise - security, governance, scalability, and operational excellence

Frontend development guidelines for Quantum Skincare's Next.js 16 App Router application with React 19.2, Tailwind CSS v4, Clerk authentication, and TypeScript. Covers Server/Client Components, React 19.2 features (useEffectEvent, Activity component, cache signals, React Compiler auto-optimization), data fetching patterns, Tailwind styling, route groups, form validation, and performance optimization. Use when creating pages, components, API routes, styling, or working with frontend code.

Qwen CLI delegation workflow with quota tracking, authentication, and usage logging. Utilizes shared shell execution infrastructure for consistent delegation patterns.

Systematic vulnerability finding, threat modeling, and attack surface analysis for AI/LLM security assessments

Creating and managing Supabase PostgreSQL databases for StickerNest. Use when the user asks to create tables, add columns, write migrations, design schemas, implement RLS policies, optimize indexes, partition tables, or scale the database. Covers enterprise-grade security, performance optimization, and social features.

Systematic code review checklist for quality and security

Implements Firebase Authentication with email, OAuth, phone auth, and custom tokens. Use when building apps with Firebase, needing flexible auth methods, or integrating with Firebase ecosystem.

Angular 21+ functional HTTP interceptors for auth, error handling, loading states, retry logic, caching, and security best practices

Creates, analyzes, updates, and improves Claude Code hooks including configuration, scripts, and security validation. Use when user asks how hooks work, explaining hook concepts, understanding hook types and event lifecycle, describing hook configuration, creating new hooks, analyzing existing hooks for improvements, validating hook security, debugging hook activation, updating hook configurations, or when user mentions "hook", "PreToolUse", "PostToolUse", "SessionStart", or other hook event types. Handles both command hooks and prompt-based hooks across all 9 event types.

Comprehensive hardening steps for self-hosted GitHub Actions runners. OS-level security, network isolation, credential protection, and audit logging.