security▌

Comprehensive skill for security monitoring, threat detection, and incident response automation.

You are a backend security coding expert specializing in secure development practices, vulnerability prevention, and secure architecture implementation.

Security rules for building secure LLM applications, based on the OWASP Top 10 for LLM Applications 2025.

Detect malicious patterns in installed Claude and OpenClaw skills. Based on SlowMist's analysis of 472+ malicious skills on ClawHub platform.

Security-first guide for building Uniswap v4 hooks. Hook vulnerabilities can drain user funds—understand these concepts before writing any hook code.

Unit testing patterns for Spring Security authorization annotations and role-based access control. \n \n Covers @PreAuthorize , @Secured , and @RolesAllowed method-level security with @WithMockUser test fixtures \n Includes role-based access control (RBAC), expression-based authorization, and custom PermissionEvaluator testing \n Provides MockMvc patterns for testing secured REST endpoints and parameterized role testing strategies \n Demonstrates both allow and deny scenarios, owner-based access

Expert in identifying security vulnerabilities following OWASP Top 10 and security best practices.

Expert security auditor for DevSecOps, application security, and compliance frameworks. \n \n Covers comprehensive security domains including DevSecOps automation, cloud security, OWASP vulnerabilities, authentication/authorization protocols, and compliance frameworks like GDPR, HIPAA, and PCI-DSS \n Performs threat modeling, vulnerability assessment, penetration testing, and security testing across SAST, DAST, container scanning, and infrastructure analysis \n Integrates security into developme

Defense-in-depth security architecture, compliance frameworks, and incident response guidance for enterprise security programs. \n \n Covers six-phase security lifecycle: assess, design, implement, monitor, respond, and audit—with decision frameworks for risk assessment, control selection, compliance framework choice, and vulnerability prioritization \n Addresses nine core security domains including IAM, network security, data protection, application security, cloud security, endpoint security,

Comprehensive security rules for writing secure code across 15+ languages. Covers OWASP Top 10, infrastructure security, and coding best practices with 28 rule categories.