security▌

Survey codebases and produce implementation plans for improvements.

Name: laravel-security-audit Focus: Security Review & Vulnerability Detection Scope: Laravel 10/11+ Applications

Perform comprehensive security audits of frontend codebases to identify vulnerabilities, bad practices, and missing protections.

Comprehensive security auditing workflow for web applications, APIs, and infrastructure. This bundle orchestrates skills for penetration testing, vulnerability assessment, security scanning, and remediation.

Comprehensive security hardening for web applications covering HTTPS, input validation, authentication, and OWASP Top 10 vulnerabilities. \n \n Enforces HTTPS, security headers (CSP, HSTS), and rate limiting via Helmet and Express middleware to prevent DDoS and common attacks \n Prevents SQL Injection and XSS through parameterized queries, input validation with Joi, and output encoding with DOMPurify \n Implements CSRF token protection, JWT-based authentication with refresh token rotation, and s

Comprehensive guide to preventing OWASP Top 10 vulnerabilities with code examples. \n \n Covers all 10 categories with prevention patterns: access control, cryptography, injection, design flaws, misconfiguration, vulnerable dependencies, authentication, data integrity, logging, and SSRF \n Includes production-ready TypeScript/Node.js code examples for each vulnerability type, from parameterized queries to secure password hashing and JWT token management \n Provides practical implementations for

Comprehensive security checklist covering secrets, input validation, authentication, and deployment readiness. \n \n Covers 10 critical security domains: secrets management, input validation, SQL injection prevention, authentication/authorization, XSS prevention, CSRF protection, rate limiting, sensitive data exposure, blockchain wallet verification, and dependency security \n Includes code examples for both unsafe and secure patterns across TypeScript, SQL, and configuration files \n Provides p

Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS packages, language-specific dependencies, misconfigurations, secrets, and license violati

$21

Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.