Orchestrates phased security audits for web apps and APIs: reconnaissance, vulnerability scanning, pentesting (SQLi/XSS/IDOR), API fuzzing, and hardening via specialized skills.
From antigravity-awesome-skillsnpx claudepluginhub sickn33/antigravity-awesome-skills --plugin antigravity-awesome-skillsThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Comprehensive security auditing workflow for web applications, APIs, and infrastructure. This bundle orchestrates skills for penetration testing, vulnerability assessment, security scanning, and remediation.
Use this workflow when:
scanning-tools - Security scanningshodan-reconnaissance - Shodan searchestop-web-vulnerabilities - OWASP Top 10Use @scanning-tools to perform initial reconnaissance
Use @shodan-reconnaissance to find exposed services
vulnerability-scanner - Vulnerability analysissecurity-scanning-security-sast - Static analysissecurity-scanning-security-dependencies - Dependency scanningUse @vulnerability-scanner to scan for OWASP Top 10 vulnerabilities
Use @security-scanning-security-dependencies to audit dependencies
top-web-vulnerabilities - OWASP vulnerabilitiessql-injection-testing - SQL injectionxss-html-injection - XSS testingbroken-authentication - Authentication testingidor-testing - IDOR testingfile-path-traversal - Path traversalburp-suite-testing - Burp Suite testingUse @sql-injection-testing to test for SQL injection vulnerabilities
Use @xss-html-injection to test for cross-site scripting
Use @broken-authentication to test authentication security
api-fuzzing-bug-bounty - API fuzzingapi-security-best-practices - API securityUse @api-fuzzing-bug-bounty to fuzz API endpoints
pentest-commands - Penetration testing commandspentest-checklist - Pentest planningethical-hacking-methodology - Ethical hackingmetasploit-framework - MetasploitUse @pentest-checklist to plan penetration test
Use @pentest-commands to execute penetration testing
security-scanning-security-hardening - Security hardeningauth-implementation-patterns - Authenticationapi-security-best-practices - API securityUse @security-scanning-security-hardening to harden application security
reporting-standards - Security reportingdevelopment - Secure development practiceswordpress - WordPress securitycloud-devops - Cloud securitytesting-qa - Security testing