Security

Guide for implementing MongoDB - a document database platform with CRUD operations, aggregation pipelines, indexing, replication, sharding, search capabilities, and comprehensive security. Use when working with MongoDB databases, designing schemas, writing queries, optimizing performance, configuring deployments (Atlas/self-managed/Kubernetes), implementing security, or integrating with applications through 15+ official drivers. (project)

Code review mode - comprehensive review with security, performance, and maintainability focus

Package entire code repositories into single AI-friendly files using Repomix. Capabilities include pack codebases with customizable include/exclude patterns, generate multiple output formats (XML, Markdown, plain text), preserve file structure and context, optimize for AI consumption with token counting, filter by file types and directories, add custom headers and summaries. Use when packaging codebases for AI analysis, creating repository snapshots for LLM context, analyzing third-party libraries, preparing for security audits, generating documentation context, or evaluating unfamiliar codebases.

Multi-agent orchestration system sử dụng Claude subagents thực tế từ thư mục agents/ cho security reviews, code quality analysis, deployment validation, infrastructure checks. Auto-activates với orchestrator-worker pattern và extended thinking mode.

Scaffold a native-looking, effective Electron app with best practices baked in. Creates a production-ready Electron application with security hardening, modern tooling, proper IPC patterns, auto-updates, native UI elements, and optimal build configuration. Use this skill when users want to start a new Electron project or modernize an existing one.

Use when you need to plan technical solutions that are scalable, secure, and maintainable.

Create and manage OSCAL component definitions for reusable security control implementations. Inspired by CivicActions components and community patterns. Use for building component libraries and shared control implementations.

Expert skill for implementing JWT-based authentication in FastAPI applications. Handles token generation, verification, user authentication, protected routes, and security best practices. Includes setup for password hashing, OAuth2 schemes, and user data isolation. Use when implementing JWT authentication in FastAPI applications, securing API endpoints with token-based authentication, or implementing user registration and login functionality.

Scans code for security vulnerabilities and suggests fixes. Use when checking for security issues, validating input handling, or performing security audits.

Expert Node.js guidance for fetching and integrating RSS feeds and REST APIs. Use when requests mention Fetch, RSS, API, REST endpoints, Atom feeds, pagination, authentication, rate limits, webhooks, or when building API clients that ingest feed data.

Auth0 security specialist covering attack protection, multi-factor authentication, token security, sender constraining, and compliance. Use when implementing Auth0 security features, configuring attack defenses, setting up MFA, or meeting regulatory requirements.

Orchestrates comprehensive GitHub API access across all services. Intelligently routes API operations to specialized resource files covering authentication, repositories, issues/PRs, workflows, security, and more. Use when implementing GitHub integrations, automating operations, or building applications that interact with GitHub.

Implements Passport.js authentication middleware with local, OAuth, and JWT strategies for Express/Node.js. Use when building Node.js APIs, implementing custom auth flows, or needing flexible authentication strategies.

Validate Kubernetes manifests, Helm charts, and Dapr configs against security and governance rules. Use when: (1) Generating K8s manifests, (2) Creating Helm charts, (3) Building Docker configurations, (4) Reviewing Dapr components, (5) After any infrastructure code generation, (6) Before deployment reviews. Validates container security, RBAC policies, resource limits, Dapr standards, and network policies.

Pod Security Standards and admission controllers for GKE. Runtime monitoring with Falco and behavioral analysis to detect anomalous workload activity.

Face recognition system patterns for attendance. Use when working with face detection, verification, enrollment, liveness detection, or any biometric authentication features.

Access Jira issues and Confluence pages via Python scripts with OAuth 2.0 authentication. Use when user asks about Jira tickets, issues, bugs, stories, epics, sprints, or Confluence pages, wiki, documentation. Contains instructions to cleanup existing tickets, do status update of the tickets.

Create encrypted, verifiable backups with proof receipts (BLAKE3 + ROOT.txt) and mandatory restore drill. Uses age encryption for modern, simple UX. Designed for sovereign EU infrastructure. Use after node-hardening completes. Triggers: 'backup node', 'encrypted backup', 'create backup', 'restore drill', 'generate proof receipts', 'verify backup', 'backup with proof'.

Manage Eufy Security (HomeBase S380 + SoloCam S340/E340) from the `eufy` CLI—capture snapshots, forward alarms to the Tuya hub, and change guard/alarm modes through eufy-security-ws.

Comprehensive API design patterns covering REST, GraphQL, gRPC, versioning, authentication, and modern API best practices