By sickn33
Guides secure development across the full stack: implementing secure APIs (REST, GraphQL, WebSocket), authentication/authorization (OAuth2, JWT), code review for vulnerabilities, dependency auditing, XSS prevention, and PCI DSS compliance.
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities
Build secure, scalable authentication and authorization systems using industry-standard patterns and modern best practices.
Expert in secure backend coding practices specializing in input validation, authentication, and API security. Use PROACTIVELY for backend security implementations or security code reviews.
This skill ensures all code follows security best practices and identifies potential vulnerabilities. Use when implementing authentication or authorization, handling user input or file uploads, or creating new API endpoints.
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimnpx claudepluginhub sickn33/agentic-awesome-skills --plugin agentic-bundle-security-developerBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Local, deterministic skill-stack composition for coding agents—from an explicit project profile to a reviewable plan before any target change.
Current release: V15.0.0. This release includes AAS Core under the Agent-First Preview claim for local search, inspection, recommendation, manifest validation, planning, and diagnosis. Apply and recovery remain experimental and outside the supported preview path.
Codex or Claude inspects your project using its own capabilities; AAS does not scan it. The agent sends the local, read-only AAS MCP an explicit project profile. AAS Core evaluates that profile and your policy against a verified local catalog, returns an explainable recommendation, and lets the agent propose aas-stack.json. The aas CLI validates that desired state and creates an immutable per-target plan before any skill changes are made.
Read the AAS Core preview guide →
Project
-> inspected by Codex or Claude (not by AAS)
-> explicit, allowlisted project profile
-> AAS MCP (local stdio, read-only)
-> deterministic AAS Core + verified local catalog
-> recommendation with evidence, exclusions, coverage, and unknowns
-> agent proposes aas-stack.json
-> AAS CLI validate + immutable plan preview
-> human review (optionally in Workbench)
The 1,967+ reusable SKILL.md playbooks, specialized plugins, bundles, workflows, and direct installers remain important. They are the content, curation, distribution, and compatibility layers around AAS Core—not competing primary products.
This is an independent community project. It is not affiliated with, sponsored by, endorsed by, or authorized by Google. Google, Antigravity, Gemini, and related product names are referenced only to describe compatibility and install targets. The GitHub repository is canonical; the hosted catalog and browser-local Workbench are companion discovery and review surfaces, not a hosted control plane.
The agent composes. You control. AAS keeps the stack reproducible.
AAS Core gives the repository one product model:
search_skills, get_skill, recommend_stack, inspect_stack, and diff_stack; it does not install skills, scan source files, call a remote model, or write to the project.aas-stack.json. The manifest pins catalog identity, targets, goals, policy, and exact skill IDs without storing repository source or model reasoning.aas stack validate checks the proposal, while aas stack plan produces an immutable, per-target plan without applying it.Editorial "AAS API Platform Builder" bundle for Claude Code from Agentic Awesome Skills.
Editorial "Mobile Developer" bundle for Claude Code from Agentic Awesome Skills.
Editorial "AAS Agent & MCP Builder" bundle for Claude Code from Agentic Awesome Skills.
Editorial "DDD & Evented Architecture" bundle for Claude Code from Agentic Awesome Skills.
Editorial "Web Designer" bundle for Claude Code from Agentic Awesome Skills.
Editorial "Security Developer" bundle for Claude Code from Antigravity Awesome Skills.
Backend development with security-first approach. Master REST/GraphQL APIs, OWASP security, LLM integration, authentication systems, and secure coding practices.
Secure coding, OWASP guidance, input validation, cryptography, authentication, and secrets management for secure application development.
Specialized security review subagent
Hardens code against vulnerabilities. Use when handling user input, authentication, data storage, or external integrations, or building any feature that accepts untrusted data, manages sessions, or calls third-party services.
Commands for security auditing and vulnerability scanning