security▌

Automatic detection of OWASP Top 10 vulnerabilities and insecure code patterns across your codebase. \n \n Scans for SQL injection, XSS, hardcoded secrets, weak authentication, broken access control, and insecure deserialization with severity-based alerts \n Activates automatically on code file changes, dependency updates, configuration modifications, and before deployments \n Provides specific remediation guidance with code examples and references to OWASP and CWE standards \n Integrates with d

Map git repository ownership to people and files, compute bus factor for sensitive code, and export graph artifacts for visualization. \n \n Builds a bipartite people-to-file ownership graph from git history with optional co-change clustering (Jaccard similarity) to identify files that move together \n Flags sensitive code paths (auth, crypto, secrets) by default; customize with a CSV config and query by tag, bus factor, or staleness \n Outputs CSV nodes/edges, JSON summaries (orphaned sensitive

Triage and review Google Workspace security alerts from Alert Center. \n \n Lists active security alerts with table formatting for quick overview \n Retrieves detailed information for specific alerts by ID \n Acknowledges alerts to mark them as reviewed or resolved \n Requires the gws-alertcenter skill as a prerequisite \n

Security audit framework for web applications and REST APIs covering OWASP Top 10 vulnerabilities. \n \n 20 rules organized across 5 categories: Authentication & Authorization, Data Protection, Input/Output Security, Configuration & Headers, and API & Monitoring \n Covers critical vulnerabilities including injection attacks, broken access control, cryptographic failures, CSRF, SSRF, and insecure deserialization with code examples for both vulnerable and secure patterns \n Includes

Secure iOS apps with Keychain, CryptoKit, biometric authentication, and Apple security best practices. \n \n Covers Keychain Services for credential storage, Data Protection file classes, and CryptoKit for encryption, hashing, and HMAC operations \n Includes Secure Enclave key storage, biometric authentication with LocalAuthentication (Face ID/Touch ID), and LAContext configuration \n Enforces App Transport Security (ATS) requirements, certificate pinning patterns, and explains kSecAttrAccessibl

Comprehensive security guidance for Laravel applications to protect against common vulnerabilities.

Comprehensive security checklist covering secrets, input validation, authentication, and deployment readiness. \n \n Covers 10 critical security domains: secrets management, input validation, SQL injection prevention, authentication/authorization, XSS prevention, CSRF protection, rate limiting, sensitive data exposure, blockchain wallet verification, and dependency security \n Includes code examples for both unsafe and secure patterns across TypeScript, SQL, and configuration files \n Provides p

Security audits for AI-generated code, catching vulnerabilities before they ship. \n \n Systematically checks nine vulnerability categories: secrets exposure, database access control, authentication, rate limiting, payments, mobile security, AI/LLM integration, deployment config, and input validation \n Prioritizes findings by severity (Critical → High → Medium → Low) with concrete exploit scenarios and before/after code fixes \n Designed specifically for \"vibe-coded\" apps where AI assistants

When running a security review on a codebase, follow these structured steps to identify potential vulnerabilities, leaks, and misconfigurations.

This skill provides security expertise for managing Mapbox access tokens safely and effectively.