Security

This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, asks for a code review with a focus on security, or mentions security concerns related to code. The security-agent plugin then provides structured security findings with severity ratings, code locations, impact assessments, and remediation guidance.

Generate enterprise cybersecurity policies from 51 professional templates (SANS, CIS Controls) for ISO 27001, SOC 2, NIST, and CIS Controls compliance in Markdown, Word, HTML, and PDF formats

This skill enables Claude to validate Cross-Origin Resource Sharing (CORS) policies. It uses the cors-policy-validator plugin to analyze CORS configurations and identify potential security vulnerabilities. Use this skill when the user requests to "validate CORS policy", "check CORS configuration", "analyze CORS headers", or asks about "CORS security". It helps ensure that CORS policies are correctly implemented, preventing unauthorized cross-origin requests and protecting sensitive data.

This skill allows Claude to check infrastructure compliance against industry standards such as SOC2, HIPAA, and PCI-DSS. It analyzes existing infrastructure configurations and reports on potential compliance violations. Use this skill when the user asks to assess compliance, identify security risks related to compliance, or generate reports on compliance status for SOC2, HIPAA, or PCI-DSS. Trigger terms include: "compliance check", "SOC2 compliance", "HIPAA compliance", "PCI-DSS compliance", "compliance report", "infrastructure compliance", "security audit", "assess compliance".

This skill enables Claude to validate authentication implementations against security best practices and industry standards. It analyzes various authentication methods, including JWT, OAuth, session-based authentication, and API keys. Use this skill when you need to perform an authentication security check, assess password policies, evaluate MFA implementation, or analyze session security. Trigger this skill with phrases like "validate authentication," "authentication check," or "authcheck."

Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".

Produces build artifacts with Software Bill of Materials (SBOM) and supply chain metadata for security and compliance. Use for "artifact publishing", "SBOM generation", "supply chain security", or "build provenance".

Generate pivot tables and charts from raw data using natural language - analyze sales by region, summarize data by category, and create visualizations effortlessly

This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, asks for a code review with a focus on security, or mentions security concerns related to code. The security-agent plugin then provides structured security findings with severity ratings, code locations, impact assessments, and remediation guidance.

Quick routine security checks for secrets, dependencies, and common vulnerabilities. Run frequently during development. Triggers: security scan, quick scan, secrets check, vulnerability check, security check, pre-commit security, routine security.

This skill uses the owasp-compliance-checker plugin to automatically identify potential security vulnerabilities based on the OWASP Top 10 (2021) list. It helps ensure your application adheres to industry-standard security practices by providing a detailed analysis of compliance gaps and offering remediation guidance. Use this skill when you need to audit your code for OWASP compliance, identify and fix vulnerabilities, or generate a compliance report. Trigger this skill by asking to "check OWASP compliance", "scan for OWASP vulnerabilities", or using the `/owasp` shortcut.

This skill allows Claude to check infrastructure compliance against industry standards such as SOC2, HIPAA, and PCI-DSS. It analyzes existing infrastructure configurations and reports on potential compliance violations. Use this skill when the user asks to assess compliance, identify security risks related to compliance, or generate reports on compliance status for SOC2, HIPAA, or PCI-DSS. Trigger terms include: "compliance check", "SOC2 compliance", "HIPAA compliance", "PCI-DSS compliance", "compliance report", "infrastructure compliance", "security audit", "assess compliance".

This skill enables Claude to check session security implementations within a codebase. It analyzes session management practices to identify potential vulnerabilities. Use this skill when a user requests to "check session security", "audit session handling", "review session implementation", or asks about "session security best practices" in their code. It helps identify issues like insecure session IDs, lack of proper session expiration, or insufficient protection against session fixation attacks. This skill leverages the session-security-checker plugin. Activates when you request "checking session security" functionality.

This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.

This skill analyzes HTTP security headers of a given domain to identify potential vulnerabilities and misconfigurations. It provides a detailed report with a grade, score, and recommendations for improvement. Use this skill when the user asks to "analyze security headers", "check HTTP security", "scan for security vulnerabilities", or requests a "security audit" of a website. It will automatically activate when security-related keywords are used in conjunction with domain names or URLs.

This skill enables Claude to construct GitOps workflows using ArgoCD and Flux. It is designed to generate production-ready configurations, implement best practices, and ensure a security-first approach for Kubernetes deployments. Use this skill when the user explicitly requests "GitOps workflow", "ArgoCD", "Flux", or asks for help with setting up a continuous delivery pipeline using GitOps principles. The skill will generate the necessary configuration files and setup code based on the user's specific requirements and infrastructure.

Creates comprehensive threat models using STRIDE methodology with asset identification, threat enumeration, mitigation strategies, and residual risk assessment. Use for "threat modeling", "security analysis", "STRIDE", or "risk assessment".

Security patterns for web forms including autocomplete attributes for password managers, CSRF protection, XSS prevention, and input sanitization. Use when implementing authentication forms, payment forms, or any form handling sensitive data.

This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerabilities in a container, or wants to improve the security posture of their containerized applications. Trigger terms include "scan container," "container security," "vulnerability assessment," "Trivy scan," or "Snyk scan."

Create investigation timelines from security events, detections, or LCQL queries. Performs HOLISTIC investigations - not just process trees, but initial access hunting, org-wide scope assessment, lateral movement detection, and full host context. Builds Timeline Hive records documenting findings with events, detections, entities, and analyst notes. Use for incident investigation, threat hunting, alert triage, or building SOC working reports.