Security plugins

Supercharge Claude Code with 300+ agents, skills, commands, and hooks to orchestrate autonomous multi-agent coding workflows, enforce TDD, conduct security audits, generate production code across JS/TS/Python/Rust/mobile stacks, optimize performance, and automate deployments/testing.

Reverse engineer binaries, triage and unpack malware, extract and analyze firmware, perform memory forensics, and dissect network protocols using specialized AI agents and skills for authorized security research, CTFs, and incident response.

Empowers Claude with full-stack development expertise across multiple languages, frameworks, and cloud platforms, enabling code generation, debugging, architecture design, DevOps automation, testing, security audits, and project management workflows.

Delegate expert-level code reviews, security audits, penetration tests, QA automation, accessibility compliance checks, performance optimizations, chaos engineering, and compliance validations to specialized sub-agents across codebases, infrastructure, and systems.

Orchestrate multi-dimensional code reviews across architecture, security, performance, and best practices using specialized subagents. Analyze git changes between branches to generate structured reports and comprehensive PR descriptions.

Secure full-stack applications with API design patterns, authentication/authorization systems, backend/frontend coding practices, code review for vulnerabilities, and PCI DSS compliance guidance.

Enables Claude Code to conduct comprehensive security assessments across web applications, cloud infrastructure (AWS, Azure, GCP), and DevSecOps pipelines, including penetration testing, vulnerability scanning, privilege escalation, and audit reviews.

Design, build, and deploy MCP servers for Claude by interrogating your use case to select deployment models like remote HTTP, MCPB, or local stdio, implementing tool patterns with auth, adding interactive UI widgets such as forms, pickers, and dashboards for inline chat rendering, and packaging into standalone Node or Python .mcpb bundles for local distribution without user toolchain.

Enforce custom workflow rules by running a gate script before each file write operation, blocking or modifying writes based on arbitrary shell logic.

Produce academic manuscripts, figures, and presentations that meet Nature-journal standards using guided, rule-based workflows for every stage of the publication process.

Provides 753 structured cybersecurity skills covering web security, penetration testing, digital forensics, incident response, threat intelligence, cloud security, and malware analysis. Each skill includes step-by-step procedures, tool commands, and detection rules for SOC analysts, penetration testers, and incident responders.

Run autonomous Claude-powered iteration loops that modify code, verify against metrics, and refine until success, automating debugging, bug fixes, security audits, documentation generation, task planning, issue prediction, adversarial reasoning, test scenario creation, and multi-phase project shipping.

Run CodeQL and Semgrep to scan multi-language codebases (Python, JavaScript/TS, Go, Java, C#, Ruby, Rust) for security vulnerabilities via taint tracking and pattern matching. Parse, deduplicate, and aggregate SARIF outputs from scans, then integrate findings into CI/CD pipelines using GitHub Actions or bash scripts.

Manage Firebase projects, Firestore databases, authentication, Cloud Functions, hosting deployments, and storage directly from your IDE using local Firebase CLI tools after login.

Implement Trail of Bits handbook security testing workflows: fuzz Rust, Python, C/C++, Ruby code with AFL++, libFuzzer, cargo-fuzz, Atheris; instrument AddressSanitizer; run static analysis via Semgrep, CodeQL; generate coverage reports, dictionaries, and bypass obstacles for vulnerability detection.

Audit smart contracts for vulnerabilities across Cosmos, Solana, Polkadot, TON, Algorand, and StarkNet blockchains using specialized scanners. Assess codebase maturity with scorecards, prepare for professional audits via static analysis and test improvements, analyze token integrations for ERC standards and risks, and apply Trail of Bits guidelines for architecture reviews and secure workflows.

Run cloud security compliance checks and remediate issues across AWS, GCP, and Azure using Prowler's assessment platform. Automates framework selection, provider configuration, and step-by-step compliance checking to make accounts compliant with security/industry frameworks.

Create, validate, and debug Redpanda Connect pipeline configurations and Bloblang transformation scripts from natural language descriptions, with component discovery and error repair for streaming data workflows.

Build multi-language code graphs to map call graphs, attack surfaces, blast radius, taint propagation, privilege boundaries, and complexity hotspots for security audits. Visualize architecture with Mermaid diagrams, compare snapshots across git commits for evolution analysis, triage mutation testing survivors, generate crypto test vectors, diagram protocols, and project SARIF findings onto graphs.

Create and validate custom Semgrep rules for detecting security vulnerabilities, bugs, code patterns, and standards using test-first methodology, conversation context for patterns and languages, plus taint mode support.

Parse Burp Suite .burp project files from the command line to search headers and bodies with regex, extract security findings like audit items, and dump filtered proxy history or sitemap for targeted HTTP security analysis workflows.

Build and optimize Next.js App Router apps: scaffold pages/layouts/components/API routes/server actions, implement authentication with Auth.js/Prisma/middleware, guide server/client components usage, and analyze/generate performance reports with recommendations.

Intercept GitHub URL fetches and curl/wget commands in sessions, redirecting them to your authenticated gh CLI for seamless GitHub API access and operations without manual authentication or tool switching.

Scan codebases for data privacy risks, identifying PII exposures, hardcoded sensitive data, unsafe logging practices, unencrypted storage, insecure transmission, missing consent mechanisms, and retention policy violations to audit and remediate compliance issues.

Automate OWASP Top 10 vulnerability scans and penetration testing on JavaScript, Python, and Java codebases using Semgrep, ESLint-security, Bandit, and dependency audits. Delegate comprehensive security audits to a specialized agent covering injections, XSS, CSRF, authentication flaws, access control, and misconfigurations.

Audit GitHub Actions workflows to detect security vulnerabilities in AI agent integrations like Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Identify prompt injection risks and unsafe input flows in CI/CD pipelines before deployment.

Scan smart contract codebases in Solidity, Vyper, Solana/Rust, Move, TON, or CosmWasm to identify externally callable state-changing functions, categorize them by access levels, and generate structured reports for security audits and access control reviews.

Monitor new token launches on Ethereum, BSC, Polygon, and Arbitrum DEXes to detect rugpulls and security risks. Analyze contracts for honeypots, ownership renouncement, liquidity locks, mint functions, proxies, blacklists, and perform verification plus social legitimacy checks.

Audit web app session management for vulnerabilities like fixation, ID generation flaws, expiration issues, cookie misconfigurations, insecure storage, and poor invalidation in Express, Django, Rails, Python, and Java apps. Check current Claude Code session status, including active state and user details.

Integrate secrets managers like Vault, AWS Secrets Manager, GCP Secret Manager, and Azure Key Vault into applications and infrastructure. Generate policies, auth configs, rotation schedules, Kubernetes manifests, retrieval code, setup scripts, and documentation from simple inputs.

Audit codebases, configurations, and documentation for HIPAA compliance in healthcare applications. Detect PHI protection gaps, access control weaknesses, encryption issues, logging deficiencies, and BAA adherence problems via targeted skills and commands.

Audit codebases with a security agent that scans for vulnerabilities like SQL injection, XSS, CSRF, auth flaws, insecure dependencies, and secrets; generates severity-rated reports including file locations, explanations, compliance checks, and code fixes with examples.

Run interactive penetration tests on web apps and codebases: scan HTTP security headers for CSP/HSTS issues, audit npm/pip dependencies for vulnerabilities, analyze code for secrets/injections with bandit, get severity-prioritized findings, fix suggestions, and JSON reports.

Build complete API authentication and authorization systems supporting JWT, OAuth2, API keys, sessions, MFA, RBAC, token refresh, validation, and brute-force protection. Generates models, middleware, and services for JavaScript/Node.js, Python, and Java backends.

Combine multiple Git repositories into unified archives for AI-powered codebase analysis, with built-in security scanning and file search capabilities.

Scan REST API code and endpoints for OWASP Top 10 vulnerabilities like injection, BOLA, broken auth, mass assignment, and rate limit issues. Run OWASP ZAP scans to detect misconfigurations and attack vectors, generating HTML reports, JSON findings, remediation guides, evidence, and Python regression tests.

Scan your codebase for OWASP Top 10 web security risks including injections, broken authentication, access control flaws, cryptographic failures, and misconfigurations. Generate detailed reports with remediation guidance to audit compliance and strengthen security.

Follow NIST SP 800-61 to handle security incidents: classify breaches, preserve evidence, analyze logs using Bash tools on Linux, contain threats, investigate IOCs, eradicate malware, and recover systems. Invoke playbook with 'sir' shortcut for quick response workflow.

Audit PostgreSQL, MySQL, and MongoDB databases for security risks including misconfigurations, privileges, encryption, network exposure, default credentials, and SQL injection in app code. Run scans for 50+ OWASP vulnerabilities, generate compliance reports, automated remediation scripts, and audit trails from your IDE.

Scan Android APK files or directories for Firebase security misconfigurations like open Realtime Database, Firestore, storage buckets, authentication issues, and exposed Cloud Functions to conduct mobile security audits and authorized pentesting.

Perform security reviews of pull requests, commits, or code diffs using git history for context, blast radius estimation, test coverage checks, and markdown report generation.

Discover, evaluate, install, update, and manage community legal AI skills with a security review gate that checks each skill against a design framework before it runs in your environment.

Design, implement, and deploy secure Firebase apps with Vertex AI Gemini integration in Cloud Functions for authentication, Firestore, storage, and hosting.

Initialize Firestore Admin SDK in Node.js projects with authentication, manage safe CRUD operations batch writes queries schema design data migrations indexes, generate validate production-ready security rules using least privilege and emulator testing, and optimize performance costs.

Scan codebases for SQL injection vulnerabilities by tracing user inputs through code to database queries, identifying unsafe patterns like string concatenation and unparameterized ORM usage in Django, Rails, Express, and Go apps. Get risk reports and mitigation recommendations via skills or direct commands.

Implement, customize, secure, deploy, troubleshoot, and scale Clerk authentication in Next.js apps using 24 skills for SDK installation, sign-up/sign-in UIs, middleware protection, error debugging, webhook handling, performance tuning, cost optimization, RBAC/SSO, GDPR compliance, production checklists, CI/CD pipelines, local dev loops, and migrations from Auth0, Firebase, or Supabase.

Monitor cross-chain bridge activity across protocols like Wormhole, Stargate, Arbitrum, and Optimism. Track transfers, TVL, volume, fees, and transaction status. Analyze security models and validators while detecting exploits and anomalies.

Provision secure GCP infrastructure for Vertex AI ADK and Agent Engine deployments using Terraform. Automate setup of Agent Engine runtime, code execution sandbox, Memory Bank, VPC Service Controls, IAM roles, and networking to enable scalable AI agent workflows.

Scan Python, JavaScript, Ruby, and Docker configurations for insecure defaults like hardcoded secrets, fallback credentials, weak authentication, permissive settings, and dangerous production values. Run during security audits, config reviews, and pre-deployment checks to block fail-open vulnerabilities.

Build production-ready API gateways for microservices, implementing intelligent routing, authentication, rate limiting, load balancing, circuit breakers, health checks, and response transformations. Deploy to Kong, Express Gateway, AWS API Gateway, or custom Node.js/Go/Express servers to proxy and manage backend traffic securely.

Integrate Stripe payment processing, subscription management, and billing queries via an MCP server, with guided API selection, Connect platform setup, and migration support. Debug errors, test with card numbers, and provision API keys through the Stripe CLI.

Generate production-ready webhook endpoints with HMAC signature verification, idempotency checks, payload parsing, async Redis-backed retries, event processors, middleware, routes, schemas, config, and tests for Stripe, GitHub, Twilio in Express.js or FastAPI apps.

Audit Terraform, Kubernetes, and cloud configurations for CIS, SOC2, HIPAA, PCI-DSS compliance using Checkov, tfsec, and OPA. Generate detailed reports, remediation patches, CI/CD gating steps, plus production-ready secure DevOps configurations, setup code, and documentation with security-first best practices.

Scan codebases for input validation weaknesses risking SQL injection, XSS, command injection, path traversal, and buffer overflows, targeting user inputs from HTTP parameters, forms, and APIs during security audits.

Scan Docker images and Dockerfiles for vulnerabilities, misconfigurations, and compliance using Trivy, Grype, Snyk, and Hadolint. Generate remediation reports with CI/CD integration plus production-ready secure container configurations, setup code, and documentation.

Analyze any website's HTTP/HTTPS security headers to detect vulnerabilities, misconfigurations, OWASP compliance gaps, cookie problems, and info leaks. Receive overall grades plus targeted configuration fixes for Nginx, Apache, or Cloudflare servers.

Automate SOC 2 audit preparation by assessing Trust Service Criteria controls (CC1-CC9), gathering evidence from documents, logs, and IaC, identifying gaps, and generating readiness reports across AWS, GCP, and Azure environments.

Conduct professional security audits on code, infrastructure, and configurations. Identify OWASP Top 10 vulnerabilities, verify compliance with HIPAA, PCI-DSS, GDPR, and SOC 2 standards, and perform cryptography reviews to evaluate and strengthen your security posture.

Monitor SSL/TLS certificate expiry dates, automate renewals, list installed certificates, diagnose chain issues, and manage project configurations including setup, renewal, and verification tasks.

Scan codebases for reflected, stored, and DOM-based XSS vulnerabilities across HTML, JavaScript, CSS, and URLs. Test WAF bypass techniques and CSP protections, then receive reports on risks with remediation suggestions via commands or natural language triggers.

Validate Vertex AI Agent Engine deployments for production readiness, generating weighted scores across security, monitoring, performance, compliance, and best practices, plus actionable remediation plans.

Scan your codebase and Git history for exposed secrets like API keys, passwords, tokens, and credentials using pattern matching and entropy analysis. Receive detailed reports pinpointing file locations, secret types, severity ratings, and step-by-step remediation guidance to secure your project fast.

Validate CSRF protections in Express, Django, Rails, and Laravel web apps by inventorying state-changing endpoints and auditing synchronizer tokens, double-submit cookies, SameSite attributes, and Origin/Referer headers to uncover compliance gaps and security issues.

Scan your codebase and configurations to generate audit-ready Markdown compliance reports for PCI DSS, HIPAA, SOC 2, GDPR, and ISO 27001. Assess security controls, identify gaps, and produce project documentation using the 'crg' shortcut or embedded playbook.

Scan your current codebase for security vulnerabilities using SAST on code, CVE detection in npm, pip, and composer dependencies, plus configuration issues. Receive a structured report with severity ratings, detailed findings, and remediation steps to fix them quickly.

Audit access controls including IAM policies, RBAC, ACLs, file permissions, and API authorizations in AWS, GCP, Azure, and local projects to detect vulnerabilities, privilege escalation paths, and least privilege violations, generating detailed compliance reports.

Audit dependencies across Node.js, Python, PHP, Ruby, Go, and Rust projects for vulnerabilities, outdated versions, transitive issues, and license compliance. Generate detailed reports with CVE information, upgrade recommendations, and fix commands using tools like npm audit and pip-audit.

Validate PCI-DSS compliance in payment systems by scanning codebases, configurations, and infrastructure for cardholder data security issues, generating status reports or detailed audits.

Generate comprehensive security audit reports from vulnerability scans, configs, and compliance data, featuring CVSS scoring, findings tables, remediation plans, status matrices, and exports in PDF, HTML, JSON, or Markdown formats.

Audit EVM wallet security by scanning ERC20 approvals, transaction patterns, and contract interactions to compute risk scores and generate revoke lists via Python scripts.

Audit IaC templates like Terraform and CloudFormation, Docker and Kubernetes manifests, nginx configs, and app settings for security misconfigurations against OWASP and CIS benchmarks. Scan current projects for issues in code and settings, reporting problems with potential fixes.

Generate Kubernetes NetworkPolicy manifests enforcing zero-trust networking via ingress/egress rules with pod labels, namespaces, CIDRs, and ports. Create production-ready configurations, setup code, and documentation matching your infrastructure and security requirements.

Validate CORS configurations in Express, Django, Flask, Nginx, and Python web apps/APIs to detect security misconfigurations like wildcard origins, origin reflection, permissive methods/headers, and ensure compliance with origins, methods, credentials.

Encrypt and decrypt data with various algorithms using the /encrypt command and shortcut. Audit encryption implementations, validate crypto algorithms, and verify key management in codebases and configs during security reviews.

Fuzz test REST and GraphQL APIs using OpenAPI specs to detect crashes, vulnerabilities, edge cases, and unexpected behaviors with tools like Schemathesis, RESTler, OWASP ZAP. Generate test suites, security reports, and reproducible payloads for input validation and security auditing.

Audit authentication in JavaScript, Python, and Java web apps/APIs against OWASP/NIST standards—covering password hashing, JWT handling, sessions, OAuth flows, MFA, and account controls. Validate project setups by checking credentials, tokens, and config files for errors and compliance status.

Scan codebases and projects for GDPR compliance issues including consent flows, data erasure rights, transfers, processing agreements, and privacy risks. Generate detailed reports with identified gaps and remediation recommendations.

Generate automated backup scripts, cron schedules, restore procedures, monitoring setups, and recovery plans for PostgreSQL, MySQL, MongoDB, and SQLite databases, including compression, encryption, and retention policies with AWS support.

Delegate complex coding tasks to specialized GPT subagents (Architect, Plan Reviewer, Scope Analyst, Code Reviewer, Security Analyst) within Claude Code workflows using Codex CLI orchestration rules.

Systematically verify suspected security bugs by analyzing data flows, exploitability, and mitigations, then classify them as TRUE POSITIVE or FALSE POSITIVE with evidence, optionally generating proof-of-concept code for confirmed vulnerabilities.

Detect error-prone APIs, dangerous configurations, and security footguns in your codebase. Review API designs, config schemas, and crypto ergonomics to build secure-by-default software, preventing common security mistakes during development.

Bootstrap production-ready fullstack MVPs with React+Vite+Tailwind frontend, Express/FastAPI backend, PostgreSQL+Prisma database, JWT/OAuth authentication, tests, Docker containers, and GitHub Actions CI/CD pipelines from a single command. Delegate to AI agents for designing APIs, database schemas, scalable architectures, UI/UX improvements, and deployment strategies.

Author, review, and optimize YARA-X detection rules for malware analysis using guided best practices for naming conventions, string selection, performance tuning, legacy rule migration, and false positive mitigation, with built-in linting and quality analysis.

Authenticate Claude Code with Composio API key to connect to 500+ apps like Gmail, Slack, and GitHub. Validate setup via script, configure MCP, and perform real actions such as sending emails, creating issues, posting messages directly in your workflow.

Accelerate AI-assisted development with 108 battle-tested Claude Code configs for coding standards, testing, security, deployment, and automation across Python, TypeScript, Go, Java, Swift, and more. Includes skills, commands, agents, and hooks for TDD, code review, API design, database migrations, and workflow orchestration.

Classify issues, bugs, and security findings into S1-Critical to S4-Low severity levels with rationale, impact assessment, workarounds, and action recommendations. Score and rewrite marketplace plugin prompts, skills, and commands for improved clarity, safety, effectiveness, completeness, and conciseness.

Manage the full Datadog observability platform from a CLI: query APM traces, logs, and metrics; configure monitors, dashboards, SLOs, and alerting; handle cloud integrations (AWS, Azure, GCP), security scanning, incident response, RUM analytics, and user management without leaving the terminal.

Enforces secure GitHub Actions CI/CD workflows for Google Cloud and Vertex AI deployments using Workload Identity Federation, OIDC, and least-privilege IAM. Generates deployment workflows, setup scripts, and security configurations.

Design scalable backend architectures including REST/GraphQL/OpenAPI APIs, server-side logic, database schemas with indexing and Redis caching, OAuth authentication/security, and microservices.

Delegate specialized AI agents to automate code reviews on git diffs, security audits for APIs and auth per OWASP, debugging of errors and incidents, test generation with Jest/pytest, performance profiling, and quality assurance across dev workflows.

Author, update, and validate markdown-based SOPs that guide AI agents through multi-step tasks using natural language workflows and RFC 2119 constraints like MUST, SHOULD, MAY for reliable code assistance, analysis, and evaluation.

Scan your codebase for security vulnerabilities across authentication, data handling, dependencies, and configurations, generating reports with CVSS severity counts. Automatically remediate specific issues using proven libraries, verify fixes, add tests, check for similar problems, and document changes in standard format.

Conduct business logic vulnerability testing for web apps and APIs using WooYun methodology from 22,132 real cases across authentication bypass, authorization flaws, payment security, info leaks, logic errors, and misconfigurations.

After code changes like new features, refactors, or bug fixes, delegate to this agent to write missing tests, run existing ones, analyze failures, and fix them to maintain test coverage and suite health.

Administer Keycloak IAM systems by managing realms, users, clients, OIDC/SAML authentication flows, RBAC policies, and security hardening. Integrate Keycloak.AuthServices into .NET applications for JWT Bearer/OIDC authentication, resource authorization, Admin API access, and multi-tenancy support.

Orchestrate IaC workflows with Atmos CLI across Terraform, Helmfile, Ansible, and Packer stacks: configure components/stacks with inheritance and YAML functions, manage multi-cloud auth/stores, validate schemas/policies, vendor modules, introspect changes, execute GitOps CI/CD, and run multi-step automation.