Security skills
Top maintainers
- openclaw · 2.4K skills
- trailofbits · 41 skills
- williamzujkowski · 40 skills
- simota · 37 skills
- martinholovsky · 32 skills
Languages in this topic
3658 skills
This skill helps identify timing side-channel vulnerabilities in cryptographic code by flagging secret-dependent timing and branch behavior.
This skill detects fail-open insecure defaults such as weak secrets and permissive config to help audit production readiness and secure deployments.
This skill guides authoring of high quality YARA-X rules for malware detection, focusing on performance, accuracy, and safe migration.
This skill runs CodeQL analysis to detect security vulnerabilities across languages using interprocedural taint tracking and data flow insights.
This skill helps identify timing side-channel leaks in cryptographic code by guiding statistical, dynamic, and formal analyses.
This skill analyzes code maturity using Trail of Bits framework to produce evidence-based ratings and actionable improvement recommendations.
This skill provides an independent code review by integrating Codex and Gemini CLIs for uncommitted changes, diffs, or specific commits.
This skill analyzes local git branches and worktrees, groups related work, and guides safe cleanup with user approval.
This skill guides designing workflow-based Claude Code skills with multi-step phases, decision trees, and progressive disclosure to ensure robust routing and
This skill helps you craft production-quality Semgrep rules with tests, taint mode, and validation to detect vulnerabilities and enforce standards.
This skill helps you fuzz Rust projects quickly with cargo-fuzz, enabling libFuzzer-backed testing and sanitizer integration for robust code.
This skill helps you interact with GitHub resources using the gh CLI, replacing curl or WebFetch for repos, PRs, issues, and API data.
This skill scans APKs for Firebase misconfigurations and surfaces exposed databases, auth gaps, and cloud functions risks to guide mobile security audits.
This skill detects missing zeroization of sensitive data in C/C++/Rust code and verifies compiler-induced zeroize removals with assembly evidence.
This skill helps fuzzers detect memory errors in C/C++ code using AddressSanitizer to find overflows and use-after-free issues.
This skill verifies code matches documentation and identifies gaps between spec and implementation in blockchain audits.
This skill helps identify API misuses and dangerous defaults to ensure secure-by-default design and resist footgun configurations.
This skill iteratively reviews and fixes Claude Code skills using the skill-reviewer agent to meet quality standards and improve descriptions.
This skill analyzes smart contract codebases using Trail of Bits guidelines to generate docs, assess architecture, upgradeability, testing, and provide
This skill helps you fuzz C/C++ code quickly using libFuzzer with Clang integration, enabling fast, single-project coverage exploration.
This skill generates minimal macOS Seatbelt sandbox configurations to isolate applications with allowlist-based profiles for secure, confined execution.