Complete application security toolkit: OWASP Top 10 protection, secure code review, vulnerability detection, secrets scanning, and security best practices for modern applications.
npx claudepluginhub latestaiagents/agent-skills --plugin security-guardianComprehensive API security for REST and GraphQL APIs. Use this skill when building or reviewing API endpoints, implementing authentication, or securing data transfer. Activate when: API security, REST security, GraphQL security, API authentication, API rate limiting, API versioning, secure endpoint, API design.
OWASP A09 - Using Components with Known Vulnerabilities. Use this skill when auditing dependencies, updating packages, or reviewing security advisories. Activate when: npm audit, dependency check, vulnerable package, CVE, security advisory, outdated packages, supply chain, package vulnerability, Dependabot, Snyk.
JSON Web Token security best practices. Use this skill when implementing JWT authentication, validating tokens, or reviewing JWT usage. Activate when: JWT, JSON Web Token, token authentication, bearer token, refresh token, token validation, JWT secret, token expiry.
Find and prevent leaked secrets, API keys, and credentials in code. Use this skill when reviewing code for exposed secrets, setting up pre-commit hooks, or auditing repositories. Activate when: leaked secret, API key exposed, credentials in code, hardcoded password, secret scanning, git secrets, pre-commit hook.
Systematic security code review methodology. Use this skill when reviewing pull requests for security issues, auditing critical code paths, or performing security assessments. Activate when: security review, code audit, secure code, review PR for security, find vulnerabilities, security assessment.
OWASP A05 - Broken Access Control Detection. Use this skill when implementing authorization, checking permissions, or auditing who can access what resources. Activate when: authorization, permissions, access control, RBAC, ABAC, admin access, privilege escalation, IDOR, direct object reference, role check, can user access.
OWASP A02 - Broken Authentication Detection. Use this skill when reviewing login systems, session management, password handling, or authentication flows. Activate when: login, authentication, password, session, token, JWT, OAuth, credentials, sign in, logout, remember me, forgot password, password reset, MFA, 2FA.
OWASP A01 - Injection Prevention. Use this skill when reviewing code for SQL injection, NoSQL injection, command injection, LDAP injection, or any user input that reaches databases, shells, or interpreters. Activate when: SQL query, database query, user input, command execution, shell command, exec, eval, system call, parameterized query.
OWASP A06 - Security Misconfiguration Detection. Use this skill when configuring servers, frameworks, cloud services, or deploying applications. Activate when: server config, nginx config, apache config, CORS, headers, debug mode, default credentials, error messages, directory listing, cloud security, S3 bucket, environment variables.
OWASP A07 - Cross-Site Scripting (XSS) Prevention. Use this skill when rendering user input in HTML, handling DOM manipulation, or building frontend components. Activate when: XSS, cross-site scripting, user input display, innerHTML, dangerouslySetInnerHTML, template injection, script injection, sanitize HTML, escape output.
Specialized security review subagent
Security best practices advisor with vulnerability detection and fixes
Security code review skill based on Project CodeGuard's comprehensive security rules. Helps AI coding agents write secure code and prevent common vulnerabilities.
Editorial "Security Developer" bundle for Claude Code from Antigravity Awesome Skills.
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks. Originally from OpenAI's curated skills catalog.
Requires secrets
Needs API keys or credentials to function
Share bugs, ideas, or general feedback.
Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge.
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge.
Sign in to claim