Security

Verify security considerations were addressed before shipping. Issues result in WARNINGS that strongly recommend fixing.

Documentation organization, maintenance, and cleanup. USE WHEN: organizing docs, cleaning project root, updating documentation, checking for redundancy, maintaining docs structure. NOT FOR: technical implementation (use relevant technical skill). Examples: <example> Context: User added documentation to wrong location. user: "I added a new API doc file to the root directory" assistant: "I'll use docs-keeper to organize it in the proper docs/ location." <commentary>File organization is docs-keeper responsibility.</commentary> </example> <example> Context: User needs to update docs after code changes. user: "I modified the auth system and need to update the docs" assistant: "I'll use docs-keeper to update the authentication documentation." <commentary>Documentation updates are docs-keeper responsibility.</commentary> </example>

Trusted domains, security assessment patterns, and domain research standards for WebFetch permissions

Expert guidance for designing, integrating, and maintaining third-party APIs with best practices for authentication, error handling, rate limiting, security, and data transformation. Use when integrating external APIs, troubleshooting API issues, implementing OAuth flows, handling webhooks, or building API wrappers and clients.

Comprehensive code review with security, performance, and quality analysis

Create, configure, and manage Claude Code hooks for workflow automation, validation, and security. Guides hook implementation, configuration patterns, and best practices.

Automatically applies when managing Python dependencies. Ensures proper use of uv/Poetry, lock files, version constraints, conflict resolution, and dependency security.

Full 9-phase workflow for complex features, epics, and security-critical changes (2-4 hours)

Generate Docker and Traefik deployment configurations for any application (Node.js, Python, Go, Rust, Java). Creates Dockerfile, docker-compose.yml, docker-compose.for-traefik.yml overlay, and .env.sample with production best practices. Use when: dockerize app, containerize, add Docker, deploy with Traefik, reverse proxy setup, HTTPS/SSL, Let's Encrypt certificates, production deployment, docker-compose setup. Requires: Docker, docker-compose.

iOSアプリのセキュリティレビュー。OWASP Mobile Top 10、App Transport Security、Keychain使用をチェック。Use when: セキュリティ、脆弱性、認証、Keychain、ATS を依頼された時。

Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

Infrastructure security, CIS benchmarks, and vulnerability scanning.

Implement authentication using better-auth library in web applications. Use this skill when users need to add signup, signin, signout, session management, or user profile features. Triggers on requests for authentication, login systems, user registration, OAuth integration, or protecting routes with auth.

Automatic OWASP security checks on generated code. Use when: any code is generated in the pipeline. Triggers: internal use only.

Analyzes vendor security questionnaire responses. Identifies red flags, gaps, and areas requiring follow-up. Supports SIG, CAIQ, and custom questionnaires.

Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.

Expert at handling Supabase database migrations, creating RPC functions, managing RLS policies, and updating database schemas. Use when working with migrations, database schema changes, SQL functions, or Row Level Security policies.

Calculate Monaco payslips (bulletin de salaire) with social security contributions, taxes, and net salary. Use when user requests Monaco payslip calculations, salary breakdowns for Monaco employees, or needs to compute Monegasque employer/employee contributions.

Kyverno network security policies that enforce NetworkPolicy requirements, Ingress rules, and Service restrictions in Kubernetes.

Assess and enhance software projects for enterprise-grade security, quality, and automation. Use when evaluating projects for production readiness, implementing supply chain security (SLSA, signing, SBOMs), hardening CI/CD pipelines, or establishing quality gates. Aligned with OpenSSF Scorecard, Best Practices Badge (all levels), SLSA, and S2C2F. By Netresearch.