Security

Complete ArgoCD API and CLI skill for GitOps automation. Use when working with ArgoCD for: (1) Managing Applications - create, sync, delete, rollback, get status, (2) ApplicationSets - templated multi-cluster deployments, (3) Projects - RBAC, source/destination restrictions, sync windows, (4) Repositories - add/remove Git repos, Helm charts, OCI registries, (5) Clusters - register, rotate credentials, manage multi-cluster, (6) Accounts - generate tokens, manage users, check permissions, (7) Any ArgoCD REST API calls or argocd CLI commands. Supports both REST API (curl/HTTP) and CLI wrapper approaches with bearer token authentication.

This skill should be used when setting up production-ready multi-tenant support with Organizations, Memberships, Invitations, and Superadmin role in a Next.js App Router application. Use this skill when implementing tenant isolation, role-based permissions, invitation flows, or converting a single-tenant app to multi-tenant. Includes complete schema, API routes, helpers, security guardrails, and UI patterns for reusable multi-tenant architecture.

Code review framework and criteria. References security-sentinel for security checks. Use when performing code reviews or defining review standards.

Guide for Next.js 16 proxy patterns, replacing the deprecated middleware functionality. Covers the new proxy.ts file convention, async request APIs, and proper request interception. Use when implementing authentication, redirects, headers modification, or request processing at the network boundary level.

Production-ready authentication framework for TypeScript with Cloudflare D1 support via Drizzle ORM or Kysely. Use this skill when building auth systems as a self-hosted alternative to Clerk or Auth.js, particularly for Cloudflare Workers projects. CRITICAL: better-auth requires Drizzle ORM or Kysely as database adapters - there is NO direct D1 adapter. Supports social providers (Google, GitHub, Microsoft, Apple), email/password, magic links, 2FA, passkeys, organizations, and RBAC. Prevents 12+ common authentication errors including D1 adapter misconfiguration, schema generation issues, session serialization, CORS, OAuth flows, and JWT token handling.Keywords: better-auth, authentication, cloudflare d1 auth, drizzle orm auth, kysely auth, self-hosted auth, typescript auth, clerk alternative, auth.js alternative, social login, oauth providers, session management, jwt tokens, 2fa, two-factor, passkeys, webauthn, multi-tenant auth, organizations, teams, rbac, role-based access, google auth, github auth, micros

Explore advanced CS topics including advanced data structures, parallel computing, security, functional programming, and quantum computing.

Security-focused code review guidelines

Expert assistant for creating and maintaining Supabase Edge Functions for the KR92 Bible Voice project. Use when creating Edge Functions, setting up CORS, integrating shared modules, adding JWT validation, or configuring environment variables.

Design system architectures with focus on scalability, maintainability, and user value. Create comprehensive architectural documentation including technology decisions, API design, data architecture, and security. Use when designing new systems, making technology choices, or planning system migrations.

Master backend API development with Node.js, Python, PHP, Java, C#, GraphQL, REST APIs, databases, and microservices. Learn server-side architecture, authentication, scalability, and production deployment.

Use when you need to plan technical solutions that are scalable, secure, and maintainable.

Modern authentication and security patterns for web applications. Expert in JWT tokens, OAuth2 flows, session management, RBAC, MFA, API security, and zero-trust architectures. Framework-agnostic patterns that work with any tech stack.

OWASP Top 10, authentication, and secure coding practices

MANDATORY adversarial code review. Use before ANY commit to find security vulnerabilities, logic flaws, and edge cases. Actively tries to break the code.

Designs comprehensive Zod schemas for MCP tool inputs and API responses,ensuring type safety, clear validation error messages, and securitythrough input sanitization patterns.

WHEN: Performance analysis, bundle size optimization, rendering, Core Web Vitals, code splittingWHAT: Bundle analysis + large dependency detection + re-render issues + useMemo/useCallback suggestions + LCP/FID/CLS improvementsWHEN NOT: Code quality → code-reviewer, Security → security-scanner

30 pragmatic rules for production HTML covering semantic markup, accessibility (WCAG 2.1 AA), performance optimization, forms, and security. Use when writing HTML, building page structures, creating forms, implementing accessibility, or optimizing for SEO and Core Web Vitals.

Implement secure authentication with JWT, sessions, OAuth, and password hashing. Use when adding login/logout, token auth, or integrating OAuth providers.

Level 2 patterns - vulns, lic, sbom, doctor (security, compliance, environment health)

Activates when reviewing code to identify quality issues, security vulnerabilities, and suggest improvements