Browse Skills
9063 skills found
validating-authentication-implementations.md
2
1
export
validating-authentication-implementations
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to validate authentication implementations against security best practices and industry standards. It analyzes various authentication methods, including JWT, OAuth, session-based authentication, and API keys. Use this skill when you need to perform an authentication security check, assess password policies, evaluate MFA implementation, or analyze session security. Trigger this skill with phrases like "validate authentication," "authentication check," or "authcheck."
2026-01-05
automating-api-testing.md
2
1
export
automating-api-testing
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill automates API endpoint testing, including request generation, validation, and comprehensive test coverage for REST and GraphQL APIs. It is used when the user requests API testing, contract testing, or validation against OpenAPI specifications. The skill analyzes API endpoints and generates test suites covering CRUD operations, authentication flows, and security aspects. It also validates response status codes, headers, and body structure. Use this skill when the user mentions "API testing", "REST API tests", "GraphQL API tests", "contract tests", or "OpenAPI validation".
2026-01-05
ci-cd.md
2
1
export
ci-cd
2
from
"cosmix/claude-code-setup"
from
"cosmix/claude-code-setup"
3
Designs and implements CI/CD pipelines for automated testing, building, and deployment. Trigger keywords: ci/cd, pipeline, github actions, gitlab ci, jenkins, deployment, workflow, automation.
2026-01-05
auth-module-builder.md
2
1
export
auth-module-builder
2
from
"patricio0312rev/skillset"
from
"patricio0312rev/skillset"
3
Implements secure authentication patterns including login/registration, session management, JWT tokens, password hashing, cookie settings, and CSRF protection. Provides auth routes, middleware, security configurations, and threat model documentation. Use when building "authentication", "login system", "JWT auth", or "session management".
2026-01-05
artifact-sbom-publisher.md
2
1
export
artifact-sbom-publisher
2
from
"patricio0312rev/skillset"
from
"patricio0312rev/skillset"
3
Produces build artifacts with Software Bill of Materials (SBOM) and supply chain metadata for security and compliance. Use for "artifact publishing", "SBOM generation", "supply chain security", or "build provenance".
2026-01-05
excel-pivot-wizard.md
2
1
export
excel-pivot-wizard
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
Generate pivot tables and charts from raw data using natural language - analyze sales by region, summarize data by category, and create visualizations effortlessly
2026-01-05
data-seeding-fixtures-builder.md
2
1
export
data-seeding-fixtures-builder
2
from
"patricio0312rev/skillset"
from
"patricio0312rev/skillset"
3
Generates deterministic seed data for development and testing with factory functions, realistic fixtures, and database reset scripts. Use for "data seeding", "test fixtures", "database seeding", or "mock data generation".
2026-01-05
running-integration-tests.md
2
1
export
running-integration-tests
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to run and manage integration test suites. It automates environment setup, database seeding, service orchestration, and cleanup. Use this skill when the user asks to "run integration tests", "execute integration tests", or any command that implies running integration tests for a project, including specifying particular test suites or options like code coverage. It is triggered by phrases such as "/run-integration", "/rit", or requests mentioning "integration tests". The plugin handles database creation, migrations, seeding, and dependent service management.
2026-01-05
test-review.md
2
1
export
test-review
2
from
"wmeints/promptyard"
from
"wmeints/promptyard"
3
Use this skill to review unit-tests, component-tests, and integration tests.
2026-01-05
performing-security-code-review.md
2
1
export
performing-security-code-review
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, asks for a code review with a focus on security, or mentions security concerns related to code. The security-agent plugin then provides structured security findings with severity ratings, code locations, impact assessments, and remediation guidance.
2026-01-05
scanning-input-validation-practices.md
2
1
export
scanning-input-validation-practices
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to automatically scan source code for potential input validation vulnerabilities. It identifies areas where user-supplied data is not properly sanitized or validated before being used in operations, which could lead to security exploits like SQL injection, cross-site scripting (XSS), or command injection. Use this skill when the user asks to "scan for input validation issues", "check input sanitization", "find potential XSS vulnerabilities", or similar requests related to securing user input. It is particularly useful during code reviews, security audits, and when hardening applications against common web vulnerabilities. The skill leverages the input-validation-scanner plugin to perform the analysis.
2026-01-05
managing-test-environments.md
2
1
export
managing-test-environments
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to manage isolated test environments using Docker Compose, Testcontainers, and environment variables. It is used to create consistent, reproducible testing environments for software projects. Claude should use this skill when the user needs to set up a test environment with specific configurations, manage Docker Compose files for test infrastructure, set up programmatic container management with Testcontainers, manage environment variables for tests, or ensure cleanup after tests. Trigger terms include "test environment", "docker compose", "testcontainers", "environment variables", "isolated environment", "env-setup", and "test setup".
2026-01-05
security-scan.md
2
1
export
security-scan
2
from
"cosmix/claude-code-setup"
from
"cosmix/claude-code-setup"
3
Quick routine security checks for secrets, dependencies, and common vulnerabilities. Run frequently during development. Triggers: security scan, quick scan, secrets check, vulnerability check, security check, pre-commit security, routine security.
2026-01-05
checking-owasp-compliance.md
2
1
export
checking-owasp-compliance
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill uses the owasp-compliance-checker plugin to automatically identify potential security vulnerabilities based on the OWASP Top 10 (2021) list. It helps ensure your application adheres to industry-standard security practices by providing a detailed analysis of compliance gaps and offering remediation guidance. Use this skill when you need to audit your code for OWASP compliance, identify and fix vulnerabilities, or generate a compliance report. Trigger this skill by asking to "check OWASP compliance", "scan for OWASP vulnerabilities", or using the `/owasp` shortcut.
2026-01-05
platform-api-integration.md
2
1
export
platform-api-integration
2
from
"lsst-sqre/squareone"
from
"lsst-sqre/squareone"
3
Guide for discovering and integrating with Rubin Science Platform (RSP) APIs using OpenAPI specifications. Use this skill when working with Gafaelfawr authentication APIs (/auth/*), Times Square notebook APIs (/times-square/api/*), or other RSP services. Covers finding OpenAPI specs, using WebFetch to download specifications, creating TypeScript types from schemas, implementing SWR-based hooks, handling authentication patterns (CSRF tokens, credentials), and creating mock APIs for development.
2026-01-05
python.md
2
1
export
python
2
from
"bendrucker/claude"
from
"bendrucker/claude"
3
Python coding standards, best practices, type hints, and testing patterns. Use when writing or reviewing Python code, implementing tests, or discussing Python language features.
2026-01-05
checking-infrastructure-compliance.md
2
1
export
checking-infrastructure-compliance
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill allows Claude to check infrastructure compliance against industry standards such as SOC2, HIPAA, and PCI-DSS. It analyzes existing infrastructure configurations and reports on potential compliance violations. Use this skill when the user asks to assess compliance, identify security risks related to compliance, or generate reports on compliance status for SOC2, HIPAA, or PCI-DSS. Trigger terms include: "compliance check", "SOC2 compliance", "HIPAA compliance", "PCI-DSS compliance", "compliance report", "infrastructure compliance", "security audit", "assess compliance".
2026-01-05
prompt-injection-defense.md
2
1
export
prompt-injection-defense
2
from
"daishiman/AIWorkflowOrchestrator"
from
"daishiman/AIWorkflowOrchestrator"
3
AIシステムへのプロンプトインジェクション攻撃を防ぎ、入力検証とコンテキスト分離の設計指針を提供するスキル。Anchors:• OWASP LLM Top 10 / 適用: LLMセキュリティ脅威モデリング / 目的: インジェクション攻撃の分類と防御パターン理解• Simon Willison's Prompt Injection Research / 適用: 実攻撃パターン分析 / 目的: 実世界の攻撃事例から防御戦略を導出• Defense in Depth principle / 適用: 多層防御設計 / 目的: 単一障害点の排除Trigger:Use when designing prompt injection defenses, implementing AI security measures, sanitizing user inputs for LLM systems, separating trusted and untrusted contexts, conducting security reviews for LLM applications, mitigating indirect prompt injection risks.
2026-01-05
checking-session-security.md
2
1
export
checking-session-security
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to check session security implementations within a codebase. It analyzes session management practices to identify potential vulnerabilities. Use this skill when a user requests to "check session security", "audit session handling", "review session implementation", or asks about "session security best practices" in their code. It helps identify issues like insecure session IDs, lack of proper session expiration, or insufficient protection against session fixation attacks. This skill leverages the session-security-checker plugin. Activates when you request "checking session security" functionality.
2026-01-05
test-naming-conventions.md
2
1
export
test-naming-conventions
2
from
"daishiman/AIWorkflowOrchestrator"
from
"daishiman/AIWorkflowOrchestrator"
3
テスト命名規則を設計し、可読性と一貫性を維持するスキル。ファイル名、describe/it 構造、シナリオ表現を統一し、チーム運用を支援する。Anchors:• xUnit Test Patterns / 適用: 命名規則設計 / 目的: 可読性の向上• Specification by Example / 適用: シナリオ命名 / 目的: 意図の共有Trigger:Use when defining, reviewing, or enforcing test naming conventions and file structures.test naming, describe/it, file structure
2026-01-05
analyzing-dependencies.md
2
1
export
analyzing-dependencies
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.
2026-01-05
generating-end-to-end-tests.md
2
1
export
generating-end-to-end-tests
2
from
"jeremylongshore/claude-code-plugins-nixtla"
from
"jeremylongshore/claude-code-plugins-nixtla"
3
This skill enables Claude to generate end-to-end (E2E) tests for web applications. It leverages Playwright, Cypress, or Selenium to automate browser interactions and validate user workflows. Use this skill when the user requests to "create E2E tests", "generate end-to-end tests", or asks for help with "browser-based testing". The skill is particularly useful for testing user registration, login flows, shopping cart functionality, and other multi-step processes within a web application. It supports cross-browser testing and can be used to verify the responsiveness of web applications on different devices.
2026-01-05
test-driven-development.md
2
1
export
test-driven-development
2
from
"HTRamsey/claude-config"
from
"HTRamsey/claude-config"
3
Use when implementing any feature or bugfix, adding tests, fixing flaky tests, refactoring, or changing behavior. Default approach for new features, bug fixes. Exceptions only for throwaway prototypes or generated code. Covers TDD workflow (red-green-refactor), condition-based waiting for async tests, and testing anti-patterns to avoid.
2026-01-05
ark-vulnerability-fixer.md
2
1
export
ark-vulnerability-fixer
2
from
"dwmkerr/ark-claude-code-marketplace"
from
"dwmkerr/ark-claude-code-marketplace"
3
CVE research and security patch workflow for Ark. Provides CVE API integration, mitigation strategies, and security-focused PR templates. Works with research, analysis, and setup skills for comprehensive vulnerability fixing.
2026-01-05