Security plugins

Reverse engineer binaries, triage and unpack malware, extract and analyze firmware, perform memory forensics, and dissect network protocols using specialized AI agents and skills for authorized security research, CTFs, and incident response.

Delegate expert-level code reviews, security audits, penetration tests, QA automation, accessibility compliance checks, performance optimizations, chaos engineering, and compliance validations to specialized sub-agents across codebases, infrastructure, and systems.

Automates end-to-end feature development: explores codebase to map dependencies, patterns, and execution paths; designs architectures with blueprints, data flows, and build sequences; implements code changes; reviews for bugs, security vulnerabilities, and quality issues using high-confidence filtering.

Enforce automated linting (ESLint, Ruff), type checking (tsc, mypy), and security audits (npm audit, bandit) after code changes in Node.js/TypeScript/Python projects; debug systematically in four phases; generate atomic task checklists; refactor incrementally with Kaizen principles; auto-stage, commit conventionally, and push to GitHub.

Implement secure coding practices and conduct vulnerability reviews for frontend (XSS, CSP), backend (injections, headers), authentication (JWT, OAuth), APIs (rate limiting, GraphQL/REST/WebSocket), and PCI DSS payment compliance directly in Claude Code workflows.

Design, deploy, manage, and optimize production infrastructure across AWS, Azure, GCP using Terraform and Kubernetes; build CI/CD pipelines; operate databases like PostgreSQL/MySQL/MongoDB/Redis; harden security; handle incidents and SRE tasks with specialized DevOps agents.

Conduct DevSecOps security audits on CI/CD pipelines, SDLC controls, and threat models; execute authorized penetration tests on web apps with Burp Suite, cloud infrastructure across AWS/Azure/GCP, and Linux systems via reconnaissance, enumeration, privilege escalation; scan projects for OWASP Top 10 vulnerabilities and reference 100 critical web exploits with mitigations.

Receive inline warnings for security risks like command injection, XSS, and unsafe patterns before executing file edits, writes, multi-edits, notebook edits, or agent/skill tools, promoting secure coding practices during development workflows.

Bridge Claude Code to Telegram channels with secure messaging and access control. Set up bot tokens securely, manage allowlists and policies via commands, approve/deny user pairings with codes, and run a local Bun-based multiplexing server for channel handling.

Configure and debug Payload CMS backends in payload.config.ts by defining collections, fields, hooks, access control, and APIs. Troubleshoot validation errors, security issues, relationships, queries, transactions, and hook behaviors to build robust headless CMS applications.

Bridge Claude Code to a Discord channel for secure team messaging. Configure bot token and lockdown securely, approve/deny pairings via access codes, manage allowlists and DM/group policies, and monitor status from JSON state.

Access 754 cybersecurity skills to analyze malware samples, audit cloud and Kubernetes configs, detect threats in logs and traffic, perform authorized pentests and red team simulations, harden endpoints and infrastructure, build detection rules, and conduct incident response across web, network, endpoint, cloud, mobile, and OT environments.

Chat with Claude Code directly via iMessage on macOS by reading chat.db and sending through AppleScript. Securely manage access with pairing approvals, sender allowlists, DM/group policies, and status checks using /imessage:access commands. Includes setup verification for Full Disk Access and local Bun multiplexing server.

Automate finance and accounting workflows by generating journal entries, reconciliations, financial statements, variance analyses, SOX compliance docs, and month-end checklists. Query BigQuery datasets, access company knowledge bases, and integrate with Gmail, Slack, Microsoft 365, and Google Calendar for seamless data retrieval and collaboration.

Automate in-house legal workflows by triaging NDAs into approval tiers, reviewing contracts against playbooks with redlines, running compliance and risk assessments, generating briefings and templated responses from integrated email, calendars, Slack, file storage, and preparing e-signature envelopes via DocuSign.

Decompile Android APKs, XAPKs, JARs, and AARs using jadx or Fernflower to inspect app structure including AndroidManifest.xml, extract API endpoints from Retrofit, OkHttp, and Volley, and trace call flows from UI to network layers.

Streamline business and devops operations by generating SOPs with RACI matrices and flowcharts, leadership reports, risk assessments, vendor evaluations, compliance trackers, capacity forecasts, process optimizations, runbooks, and change requests. Connect to Jira, Slack, Notion, ServiceNow, Asana, and more for integrated workflow management, ticketing, and collaboration.

Run autonomous Claude-powered iteration loops that modify code, verify against metrics, and refine until success, automating debugging, bug fixes, security audits, documentation generation, task planning, issue prediction, adversarial reasoning, test scenario creation, and multi-phase project shipping.

Run CodeQL and Semgrep to scan multi-language codebases (Python, JavaScript/TS, Go, Java, C#, Ruby, Rust) for security vulnerabilities via taint tracking and pattern matching. Parse, deduplicate, and aggregate SARIF outputs from scans, then integrate findings into CI/CD pipelines using GitHub Actions or bash scripts.

Run AI-powered security reviews on pending git branch changes via /security-review command, detecting high-confidence vulnerabilities like XSS, SQL injection, command injection, and auth bypasses.

Implement Trail of Bits handbook security testing workflows: fuzz Rust, Python, C/C++, Ruby code with AFL++, libFuzzer, cargo-fuzz, Atheris; instrument AddressSanitizer; run static analysis via Semgrep, CodeQL; generate coverage reports, dictionaries, and bypass obstacles for vulnerability detection.

Create and validate custom Semgrep rules for detecting security vulnerabilities, bugs, code patterns, and standards using test-first methodology, conversation context for patterns and languages, plus taint mode support.

Build multi-language code graphs to map call graphs, attack surfaces, blast radius, taint propagation, privilege boundaries, and complexity hotspots for security audits. Visualize architecture with Mermaid diagrams, compare snapshots across git commits for evolution analysis, triage mutation testing survivors, generate crypto test vectors, diagram protocols, and project SARIF findings onto graphs.

Annotate codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Automatically scan for arithmetic patterns, discover project-specific units, propagate annotations through expressions and functions, and validate consistency to detect mismatches and bugs in DeFi protocols or numerical code.

Parse Burp Suite .burp project files from the command line to search headers and bodies with regex, extract security findings like audit items, and dump filtered proxy history or sitemap for targeted HTTP security analysis workflows.

Audit smart contracts for vulnerabilities across Cosmos, Solana, Polkadot, TON, Algorand, and StarkNet blockchains using specialized scanners. Assess codebase maturity with scorecards, prepare for professional audits via static analysis and test improvements, analyze token integrations for ERC standards and risks, and apply Trail of Bits guidelines for architecture reviews and secure workflows.

Scan codebases for data privacy risks, identifying PII exposures, hardcoded sensitive data, unsafe logging practices, unencrypted storage, insecure transmission, missing consent mechanisms, and retention policy violations to audit and remediate compliance issues.

Automate OWASP Top 10 vulnerability scans and penetration testing on JavaScript, Python, and Java codebases using Semgrep, ESLint-security, Bandit, and dependency audits. Delegate comprehensive security audits to a specialized agent covering injections, XSS, CSRF, authentication flaws, access control, and misconfigurations.

Scan smart contract codebases in Solidity, Vyper, Solana/Rust, Move, TON, or CosmWasm to identify externally callable state-changing functions, categorize them by access levels, and generate structured reports for security audits and access control reviews.

Scan cryptographic code for timing side-channel vulnerabilities like secret-dependent branches and divisions across Go, Rust, Java, Kotlin, C#, PHP, JS/TS, Python, and Ruby. Run constant-time analysis via skills or commands to get violation reports in JSON, with filters for warnings, architecture, and functions.

Integrate secrets managers like Vault, AWS Secrets Manager, GCP Secret Manager, and Azure Key Vault into applications and infrastructure. Generate policies, auth configs, rotation schedules, Kubernetes manifests, retrieval code, setup scripts, and documentation from simple inputs.

Audit web app session management for vulnerabilities like fixation, ID generation flaws, expiration issues, cookie misconfigurations, insecure storage, and poor invalidation in Express, Django, Rails, Python, and Java apps. Check current Claude Code session status, including active state and user details.

Build deep architectural context through line-by-line and per-function code analysis using First Principles and 5 Whys, enabling precise vulnerability hunting and bug detection in security audits. Target entire codebases, specific modules, or dense functions to map dependencies, data flows, assumptions, and effects.

Verify blockchain smart contracts match specifications from whitepapers, PDFs, Markdown, or URLs, detecting implementation gaps, undocumented behaviors, logic discrepancies, and security issues via structured audits and generating compliance reports.

Scan Python, JavaScript, Ruby, and Docker configurations for insecure defaults like hardcoded secrets, fallback credentials, weak authentication, permissive settings, and dangerous production values. Run during security audits, config reviews, and pre-deployment checks to block fail-open vulnerabilities.

Configure, troubleshoot, and optimize Sentry error tracking and performance monitoring across Node.js, Python, React/Next.js apps, CI/CD pipelines, and enterprise setups, including SDK installs, source maps, sampling, PII scrubbing, and incident response.

Scan your codebase for OWASP Top 10 web security risks including injections, broken authentication, access control flaws, cryptographic failures, and misconfigurations. Generate detailed reports with remediation guidance to audit compliance and strengthen security.

Follow NIST SP 800-61 to handle security incidents: classify breaches, preserve evidence, analyze logs using Bash tools on Linux, contain threats, investigate IOCs, eradicate malware, and recover systems. Invoke playbook with 'sir' shortcut for quick response workflow.

Scan REST API code and endpoints for OWASP Top 10 vulnerabilities like injection, BOLA, broken auth, mass assignment, and rate limit issues. Run OWASP ZAP scans to detect misconfigurations and attack vectors, generating HTML reports, JSON findings, remediation guides, evidence, and Python regression tests.

Audit codebases, configurations, and documentation for HIPAA compliance in healthcare applications. Detect PHI protection gaps, access control weaknesses, encryption issues, logging deficiencies, and BAA adherence problems via targeted skills and commands.

Run interactive penetration tests on web apps and codebases: scan HTTP security headers for CSP/HSTS issues, audit npm/pip dependencies for vulnerabilities, analyze code for secrets/injections with bandit, get severity-prioritized findings, fix suggestions, and JSON reports.

Audit project dependencies for supply chain risks by scanning for single maintainers, unmaintained repositories, low popularity, risky features, and CVEs, enabling focused security audits and threat scoping workflows.

Audit and optimize web projects for Lighthouse scores, Core Web Vitals, WCAG 2.2 accessibility, technical SEO, performance bottlenecks, security best practices, and code quality using specialized agent skills that apply fixes with code examples.

Scan codebases for SQL injection vulnerabilities by tracing user inputs through code to database queries, identifying unsafe patterns like string concatenation and unparameterized ORM usage in Django, Rails, Express, and Go apps. Get risk reports and mitigation recommendations via skills or direct commands.

Monitor new token launches on Ethereum, BSC, Polygon, and Arbitrum DEXes to detect rugpulls and security risks. Analyze contracts for honeypots, ownership renouncement, liquidity locks, mint functions, proxies, blacklists, and perform verification plus social legitimacy checks.

Use Claude to manage Granola AI meeting notes workflows end-to-end: automate installations and upgrades, integrate with GitHub/Linear/Slack via Zapier for action items, optimize costs/performance/security, export data, troubleshoot issues, and deploy enterprise setups with RBAC/observability.

Master Cursor IDE AI workflows using 30 guided skills: install and authenticate, configure custom models and rules, optimize indexing and performance, automate Composer for multi-file refactoring and scaffolding, troubleshoot errors, manage teams with SSO, and audit compliance.

Implement, customize, secure, deploy, troubleshoot, and scale Clerk authentication in Next.js apps using 24 skills for SDK installation, sign-up/sign-in UIs, middleware protection, error debugging, webhook handling, performance tuning, cost optimization, RBAC/SSO, GDPR compliance, production checklists, CI/CD pipelines, local dev loops, and migrations from Auth0, Firebase, or Supabase.

Monitor Ethereum and L2 mempools like BSC, Polygon, Arbitrum in real-time to detect MEV opportunities including sandwich attacks, arbitrage, liquidations; analyze pending transactions, DEX swaps; optimize gas prices via Python scripts and specialized agents.

Simulate flash loan strategies on Aave, dYdX, Uniswap V3, and Balancer to analyze DeFi arbitrage, liquidations, and collateral swaps. Compute profitability with gas estimation, slippage and fee modeling, plus risk assessments for MEV and front-running.

Monitor cross-chain bridge activity across protocols like Wormhole, Stargate, Arbitrum, and Optimism. Track transfers, TVL, volume, fees, and transaction status. Analyze security models and validators while detecting exploits and anomalies.

Scaffold production-grade Claude Code plugins with marketplace integration, validate structure and schemas, audit for security vulnerabilities and best practices, and automate semantic version bumps across manifests and catalogs using auto-invoked skills and interactive commands.

Discover similar bugs and vulnerabilities across your codebase by generalizing patterns from an initial issue using ripgrep, Semgrep, and CodeQL for iterative, pattern-based analysis via skills or commands.

Generate tailored legal documents like NDAs, freelancer agreements, privacy policies, and terms of service by scanning websites or apps for data practices. Review contracts via multi-agent analysis for risks, compliance gaps (GDPR/CCPA), missing protections, plain-English summaries, and negotiation proposals. Audit sites for regulatory adherence with scored reports and remediation roadmaps.

Run institutional-grade stock analysis on A-share, HK, and US equities with 22 financial dimensions, simulated investor panels, DCF/LBO valuation models, and pig-butchering scam detection, all output as Bloomberg-style HTML reports.

Scan Android APK files or directories for Firebase security misconfigurations like open Realtime Database, Firestore, storage buckets, authentication issues, and exposed Cloud Functions to conduct mobile security audits and authorized pentesting.

Inspect Vertex AI Agent Engine deployments on Google Cloud to validate runtime configuration, agent health, security posture, performance, A2A compliance, and best practices. Generate readiness scores and detailed reports for production validation and monitoring.

Initialize Firestore Admin SDK in Node.js projects with authentication, manage safe CRUD operations batch writes queries schema design data migrations indexes, generate validate production-ready security rules using least privilege and emulator testing, and optimize performance costs.

Scan your codebase and configurations to generate audit-ready Markdown compliance reports for PCI DSS, HIPAA, SOC 2, GDPR, and ISO 27001. Assess security controls, identify gaps, and produce project documentation using the 'crg' shortcut or embedded playbook.

Scan codebases for reflected, stored, and DOM-based XSS vulnerabilities across HTML, JavaScript, CSS, and URLs. Test WAF bypass techniques and CSP protections, then receive reports on risks with remediation suggestions via commands or natural language triggers.

Audit dependencies across Node.js, Python, PHP, Ruby, Go, and Rust projects for vulnerabilities, outdated versions, transitive issues, and license compliance. Generate detailed reports with CVE information, upgrade recommendations, and fix commands using tools like npm audit and pip-audit.

Scan your current codebase for security vulnerabilities using SAST on code, CVE detection in npm, pip, and composer dependencies, plus configuration issues. Receive a structured report with severity ratings, detailed findings, and remediation steps to fix them quickly.

Add Redis-backed rate limiting to Express, FastAPI, Python, Node.js, or Java APIs using token bucket, sliding window, or quota algorithms. Enforce per-user or per-IP limits with configurable tiers, monitoring headers, and automatic 429 responses to protect against abuse.

Audit IaC templates like Terraform and CloudFormation, Docker and Kubernetes manifests, nginx configs, and app settings for security misconfigurations against OWASP and CIS benchmarks. Scan current projects for issues in code and settings, reporting problems with potential fixes.

Generate Kubernetes NetworkPolicy manifests enforcing zero-trust networking via ingress/egress rules with pod labels, namespaces, CIDRs, and ports. Create production-ready configurations, setup code, and documentation matching your infrastructure and security requirements.

Generate comprehensive security audit reports from vulnerability scans, configs, and compliance data, featuring CVSS scoring, findings tables, remediation plans, status matrices, and exports in PDF, HTML, JSON, or Markdown formats.

Encrypt and decrypt data with various algorithms using the /encrypt command and shortcut. Audit encryption implementations, validate crypto algorithms, and verify key management in codebases and configs during security reviews.

Scan codebases and projects for GDPR compliance issues including consent flows, data erasure rights, transfers, processing agreements, and privacy risks. Generate detailed reports with identified gaps and remediation recommendations.

Audit PostgreSQL, MySQL, and MongoDB databases for security risks including misconfigurations, privileges, encryption, network exposure, default credentials, and SQL injection in app code. Run scans for 50+ OWASP vulnerabilities, generate compliance reports, automated remediation scripts, and audit trails from your IDE.

Scan your codebase and Git history for exposed secrets like API keys, passwords, tokens, and credentials using pattern matching and entropy analysis. Receive detailed reports pinpointing file locations, secret types, severity ratings, and step-by-step remediation guidance to secure your project fast.

Generate production-ready service mesh configurations for Kubernetes microservices using Istio, Linkerd, or Consul Connect. Automate mTLS encryption, traffic routing, resilience policies, observability setups, plus supporting code and documentation based on your infrastructure requirements.

Validate CSRF protections in Express, Django, Rails, and Laravel web apps by inventorying state-changing endpoints and auditing synchronizer tokens, double-submit cookies, SameSite attributes, and Origin/Referer headers to uncover compliance gaps and security issues.

Master Windsurf AI IDE with 30 skills to automate Cascade multi-file coding workflows, troubleshoot IDE issues, optimize performance and costs, configure enterprise RBAC/security/CI gates, deploy to Netlify/Vercel, and scale for large teams/monorepos.

Protect backend APIs from overload by generating throttling middleware, quota services, and management APIs with token bucket, sliding window algorithms, concurrency limits, circuit breakers, priority queues, and adaptive controls using Redis in Express, FastAPI, or JavaScript apps.

Audit authentication in JavaScript, Python, and Java web apps/APIs against OWASP/NIST standards—covering password hashing, JWT handling, sessions, OAuth flows, MFA, and account controls. Validate project setups by checking credentials, tokens, and config files for errors and compliance status.

Validate CORS configurations in Express, Django, Flask, Nginx, and Python web apps/APIs to detect security misconfigurations like wildcard origins, origin reflection, permissive methods/headers, and ensure compliance with origins, methods, credentials.

Implement trigger-based audit logging for PostgreSQL and MySQL databases to track INSERT, UPDATE, and DELETE operations with metadata for compliance, security monitoring, and debugging. Generate SQL trigger templates, CDC strategies, and application-level logging setups.

Validate Vertex AI Agent Engine deployments for production readiness, generating weighted scores across security, monitoring, performance, compliance, and best practices, plus actionable remediation plans.

Build complete API authentication and authorization systems supporting JWT, OAuth2, API keys, sessions, MFA, RBAC, token refresh, validation, and brute-force protection. Generates models, middleware, and services for JavaScript/Node.js, Python, and Java backends.

Audit EVM wallet security by scanning ERC20 approvals, transaction patterns, and contract interactions to compute risk scores and generate revoke lists via Python scripts.

Audit access controls including IAM policies, RBAC, ACLs, file permissions, and API authorizations in AWS, GCP, Azure, and local projects to detect vulnerabilities, privilege escalation paths, and least privilege violations, generating detailed compliance reports.

Fuzz test REST and GraphQL APIs using OpenAPI specs to detect crashes, vulnerabilities, edge cases, and unexpected behaviors with tools like Schemathesis, RESTler, OWASP ZAP. Generate test suites, security reports, and reproducible payloads for input validation and security auditing.

Audit Terraform, Kubernetes, and cloud configurations for CIS, SOC2, HIPAA, PCI-DSS compliance using Checkov, tfsec, and OPA. Generate detailed reports, remediation patches, CI/CD gating steps, plus production-ready secure DevOps configurations, setup code, and documentation with security-first best practices.

Implement structured logging for API requests with automatic correlation IDs, PII redaction, performance metrics, and security audit trails in JavaScript, Python, and Java backends. Use the setup command to configure request/response capture and log shipping in Node.js or Python apps for debugging, compliance, and observability workflows.

Audit codebases with a security agent that scans for vulnerabilities like SQL injection, XSS, CSRF, auth flaws, insecure dependencies, and secrets; generates severity-rated reports including file locations, explanations, compliance checks, and code fixes with examples.

Automate SOC 2 audit preparation by assessing Trust Service Criteria controls (CC1-CC9), gathering evidence from documents, logs, and IaC, identifying gaps, and generating readiness reports across AWS, GCP, and Azure environments.

Validate PCI-DSS compliance in payment systems by scanning codebases, configurations, and infrastructure for cardholder data security issues, generating status reports or detailed audits.

Audit GitHub Actions workflows to detect security vulnerabilities in AI agent integrations like Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Identify prompt injection risks and unsafe input flows in CI/CD pipelines before deployment.

Generate minimal macOS Seatbelt sandbox configurations with allowlist-based profiles to restrict application access to files, network, processes, and system resources, enabling secure isolation of macOS apps.

Build secure Rust applications integrating Azure services: authenticate with Entra ID, manage Key Vault secrets/keys/certificates, perform CRUD on Cosmos DB documents and Blob Storage, and stream data via Event Hubs using official SDK patterns and code examples.

Analyze any website's HTTP/HTTPS security headers to detect vulnerabilities, misconfigurations, OWASP compliance gaps, cookie problems, and info leaks. Receive overall grades plus targeted configuration fixes for Nginx, Apache, or Cloudflare servers.

Conduct professional security audits on code, infrastructure, and configurations. Identify OWASP Top 10 vulnerabilities, verify compliance with HIPAA, PCI-DSS, GDPR, and SOC 2 standards, and perform cryptography reviews to evaluate and strengthen your security posture.

Monitor SSL/TLS certificate expiry dates, automate renewals, list installed certificates, diagnose chain issues, and manage project configurations including setup, renewal, and verification tasks.

Scan codebases for input validation weaknesses risking SQL injection, XSS, command injection, path traversal, and buffer overflows, targeting user inputs from HTTP parameters, forms, and APIs during security audits.

Scan Docker images and Dockerfiles for vulnerabilities, misconfigurations, and compliance using Trivy, Grype, Snyk, and Hadolint. Generate remediation reports with CI/CD integration plus production-ready secure container configurations, setup code, and documentation.

Perform security reviews of pull requests, commits, or code diffs using git history for context, blast radius estimation, test coverage checks, and markdown report generation.