Penetration Testing

Master Angular's dependency injection system, services, providers, and RxJS observable patterns.

Inject axioms into operational context using structured methodology.

Enforces service layer architecture in Django/DRF applications. This skill should be used when working with ViewSets, serializers, or services to prevent business logic in views, validate dependency injection patterns, and ensure three-layer architecture (Views → Services → Models).

Python security best practices, OWASP, and vulnerability prevention

Dependency Injection (DI) skill for the ikigai project

Refactor and review SwiftUI view files for consistent structure, dependency injection, and Observation usage. Use when asked to clean up a SwiftUI view's layout/ordering, handle view models safely (non-optional when possible), or standardize how dependencies and @Observable state are initialized and passed.

Detect OWASP Top 10 vulnerabilities via static analysis. Calculate security score (0.00-1.00) for code quality. Auto-generate remediation suggestions with implementation examples. Integrate with Serena for vulnerability tracking and SLA compliance. Use when: securing code, detecting vulnerabilities, improving security posture, validating fixes, enforcing security standards.

Mount routes in app.ts with dependency injection. Use after creating routes to wire them into the application. Triggers on "mount routes", "add to app", "wire routes", "integrate routes".

Provides deep-dive analysis of specific vulnerabilities including EPSS/KEV data, exploit details, prioritization rationale, and remediation guidance. Activates when user asks to explain a CVE, understand prioritization, or get exploit details.

Security auditing and vulnerability assessment specialist. Use when conducting security reviews, analyzing code for vulnerabilities, performing OWASP assessments, or creating security audit reports.

This skill should be used for OWASP, security review, authentication, XSS, SQL injection prevention, CSRF, input validation, secure coding, vulnerability scanning

Production-grade security testing skill with OWASP Top 10, vulnerability scanning, penetration testing guidance, and compliance validation

Universal vulnerability detection patterns applicable across all programming languages. Includes hardcoded secrets, SQL/command injection, path traversal, and configuration file patterns.

Build secure WordPress plugins with core patterns for hooks, database interactions, Settings API, custom post types, REST API, and AJAX. Covers three architecture patterns (Simple, OOP, PSR-4) and the Security Trinity.Use when creating plugins, implementing nonces/sanitization/escaping, working with $wpdb prepared statements, or troubleshooting SQL injection, XSS, CSRF vulnerabilities, or plugin activation errors.

Kotlin/Spring Boot 3.x patterns - use for backend services, REST APIs, dependency injection, controllers, and service layers

Design and implement database schemas using SQLModel with sync and async patterns. Use this skill when creating database models, setting up Neon PostgreSQL connections, defining relationships (one-to-many, many-to-many), implementing FastAPI dependency injection, or migrating schemas. Covers both sync Session and async AsyncSession patterns.

Build enterprise-grade Node.js applications with NestJS framework, TypeScript, dependency injection, and modular architecture

Master ASP.NET Core with minimal APIs, MVC, middleware, dependency injection, and production-ready web applications.

Detect common security vulnerabilities in code. Covers OWASP patterns, SQL injection, bare excepts, shell injection. Framework-agnostic.

This skill should be used for Java/Spring patterns, dependency injection, streams, Optional, Kotlin, Spring Boot, Maven, Gradle, JVM backend