From kagents
OWASP Top 10 for .NET and PowerShell — injection (SQL, XSS, Invoke-Expression), broken access control ([Authorize], CORS), cryptographic failures (bcrypt, no MD5/SHA1), vulnerable dependencies (dotnet audit), SecureString, TLS 1.2+. USE FOR: reviewing code for security vulnerabilities, auditing dependencies, checking OWASP compliance. DO NOT USE FOR: general code quality review (use code-reviewer agent) or dependency updates (use security-auditor agent).
npx claudepluginhub grexyloco/k.agentsThis skill uses the workspace's default tool permissions.
- [ ] `[Authorize]` auf allen nicht-öffentlichen Endpoints
Expert guidance for Next.js Cache Components and Partial Prerendering (PPR). **PROACTIVE ACTIVATION**: Use this skill automatically when working in Next.js projects that have `cacheComponents: true` in their next.config.ts/next.config.js. When this config is detected, proactively apply Cache Components patterns and best practices to all React Server Component implementations. **DETECTION**: At the start of a session in a Next.js project, check for `cacheComponents: true` in next.config. If enabled, this skill's patterns should guide all component authoring, data fetching, and caching decisions. **USE CASES**: Implementing 'use cache' directive, configuring cache lifetimes with cacheLife(), tagging cached data with cacheTag(), invalidating caches with updateTag()/revalidateTag(), optimizing static vs dynamic content boundaries, debugging cache issues, and reviewing Cache Component implementations.
Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).
Share bugs, ideas, or general feedback.
[Authorize] auf allen nicht-öffentlichen EndpointsAllowAny)UseHttpsRedirection)FromSqlRaw mit Parametern)MarkupString mit User-InputProcess.Start mit User-InputInvoke-Expression mit User-InputASPNETCORE_ENVIRONMENT nicht Development in Proddotnet list package --vulnerable --include-transitive
dotnet audit
SecureString für Passwörter[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12Invoke-RestMethod