Security

Reviews system designs and generates comprehensive text diagrams with architecture, security, performance, and cost analysis

Use this skill when building MCP (Model Context Protocol) servers with TypeScript on Cloudflare Workers. This skill provides production-tested patterns for implementing tools, resources, and prompts using the official @modelcontextprotocol/sdk. It prevents 10+ common errors including export syntax issues, schema validation failures, memory leaks from unclosed transports, CORS misconfigurations, and authentication vulnerabilities. This skill should be used when developers need stateless MCP servers for API integrations, external tool exposure, or serverless edge deployments. For stateful agents with WebSockets and persistent storage, consider the Cloudflare Agents SDK instead. Supports multiple authentication methods (API keys, OAuth, Zero Trust), Cloudflare service integrations (D1, KV, R2, Vectorize), and comprehensive testing strategies. Production tested with token savings of ~70% vs manual implementation.Keywords: mcp, model context protocol, typescript mcp, cloudflare workers mcp, mcp server, mcp tools

Comprehensive branch protection configuration patterns with enforcement automation. Security tiers, IaC at scale, GitHub App enforcement, audit reporting, and bypass controls.

Write secure, performant, and optimized database queries using parameterized queries, eager loading, proper indexing, and transaction management. Use this skill when writing database queries in controllers, repositories, services, or model methods, when using query builders or ORM methods, when implementing filtering/sorting/pagination logic, when optimizing N+1 query problems with eager loading, when working with joins and complex queries, when implementing query caching, or when wrapping related operations in database transactions.

Comprehensive Flow Nexus platform management - authentication, sandboxes, app deployment, payments, and challenges

Documentation for Kubernetes Agent Sandbox - a CRD-based system for managing isolated AI agent execution environments. Use for queries about Sandbox CRDs (Sandbox, SandboxTemplate, SandboxClaim, SandboxWarmPool), Python SDK (SandboxClient, SandboxRouter, ComputerUseExtension), network policies, security configurations, and implementation examples. Keywords kubernetes sandbox, agent sandbox, CRD, python sdk, agentic-sandbox-client, isolated environment, gvisor, network policy.

Expert knowledge of Docker containerization including Dockerfile best practices, docker-compose configuration, Alpine Linux specifics, multi-stage builds, security, health checks, and container optimization. Use when working with Dockerfile, docker-compose.yml, container builds, debugging container issues, or deploying to container platforms.

Skill cho việc lập kế hoạch technical solutions có tính scalable, secure, và maintainable.

Authentication and security patterns for EFT-Tracker using NextAuth. Covers password reset, session management, CSRF protection, and security reviews. Activates when user mentions: auth, authentication, password, NextAuth, session, security, login, logout, CSRF, rate limit, token, JWT.

Master API design and development. Learn REST, GraphQL, authentication, rate limiting, versioning, and building scalable APIs.

Authentication and access control skill for Next.js 15 + Supabase applications. Use when implementing user authentication, protecting routes, managing user sessions, enforcing role-based access control (admin/member), or working with multi-tenant family-based data isolation. Covers login/logout, registration with email verification, OAuth (GitHub), route protection for Server Components and Server Actions, admin-only features, and multi-tenant data access patterns.

Эксперт по API аутентификации. Используй для OAuth 2.0, JWT, API keys, сессий, безопасности токенов и best practices.

OAuth 2.1 Bearer Token usage guide. Use when implementing access token transmission, Authorization header support, resource server validation, and security requirements. Covers query parameter prohibition and token protection. Based on OAuth 2.1 Section 5 requirements.

B1_02 phase workspace setup protocol including npm outdated, npm audit, TypeScript version validation, quality gates enforcement. Ensures dependencies current, security patches applied, and workspace ready for implementation.

Senior code reviewer for quality and security. Use when reviewing PRs, checking code changes, or auditing code quality.

V1.0 - Supabase database management, security fixes, and advisor issue resolution for the Dashboard project.

Identifies code smells, applies design patterns, guides migrations, and performs security/performance/accessibility refactoring. Use when improving code quality, modernizing codebases, applying design patterns, migrating to TypeScript, or extracting microservices.

Translation Manager for this repo: Supabase-backed translations, admin UI under /admin/translation-manager with Home live preview and click-to-select translation, Edge Functions (translations-get/admin/suggest), build-time translation pipeline, and security hardening. Use when planning or editing translation manager UI, Supabase schema/migrations, translation scripts (seed/pull), Edge Functions, translation auth, or troubleshooting translation data/AI suggestions.

API security checklist for reviewing endpoints before deployment. Use when creating or modifying API routes to ensure proper authentication, authorization, and input validation.

Find and fix security issues before they become incidents. Vulnerability scanning, SBOM generation, supply chain security, and secure authentication workflows.