Security

Use this skill when developing Go applications with the Prefab server framework.This includes creating servers, adding gRPC/HTTP handlers, configuring authenticationand authorization, setting up SSE streams, managing configuration, creating customplugins, and following Prefab error handling and security patterns.

Automatically validate DAPR HTTP middleware configuration files. Checks for correct middleware types, proper secret references, pipeline ordering, and security best practices. Use when configuring OAuth2, Bearer tokens, OPA policies, rate limiting, or other middleware.

Search for keys matching a keyword in a keyvalue namespace. Requires authentication. Use for Agentuity cloud platform operations

Generates modern maintainable Laravel applications code with a focus on performance and security by default and for best code style practices.

Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.

Master CORS, XSS prevention, CSRF protection, CSP headers, and secure authentication patterns.

Implement type-safe client-server data flows in Next.js applications using Supabase, TanStack Query, React Hook Form, and Zod validation. Use when building CRUD features, handling forms with validation, implementing file uploads, or creating server actions with authentication and authorization. Essential for pages requiring data mutations with proper loading states, error handling, and query cache management.

Ensure secure isolation between multi-tenant consciousness instances.

Get query logs for a specific database. Requires authentication. Use for Agentuity cloud platform operations

Integrate with Better Auth SSO for OAuth2/OIDC authentication. Use this skill when implementing SSO login flows, PKCE authentication, token management, JWKS verification, or global logout in Next.js applications connecting to a Better Auth server.

Expert guidance for OpenSSL operations including certificate generation, key management, CSR creation, certificate verification, encryption, and PKI operations. Use this when working with SSL/TLS certificates, cryptographic keys, or PKI infrastructure.

Upload a file to storage bucket. Requires authentication. Use for Agentuity cloud platform operations

Build autonomous AI agents with Claude Agent SDK. Structured outputs (v0.1.45, Nov 2025) guarantee JSON schema validation, plugins system, hooks for event-driven workflows. Use when: building coding agents with validated JSON responses, SRE systems, security auditors, or troubleshooting CLI not found, structured output validation, session forking errors.

Set a key and value in the keyvalue storage. Requires authentication. Use for Agentuity cloud platform operations

Quick security audit checking for hardcoded secrets, SSRF vectors, injection points, dependency issues, and missing security headers

Review code for best practices, security issues, and potential bugs. Use when reviewing code changes, checking PRs, analyzing code quality, or performing security audits.

Use when you need to plan technical solutions that are scalable, secure, and maintainable. Create implementation plans, architecture designs, feature roadmaps. | Sử dụng khi cần lên kế hoạch, thiết kế kiến trúc, phân tích tính năng, đề xuất giải pháp, roadmap.

Delete a keyvalue namespace and all its keys. Requires authentication. Use for Agentuity cloud platform operations

Complete organization onboarding wizard for LimaCharlie. Discovers local cloud CLIs (GCP, AWS, Azure, DigitalOcean), surveys cloud projects, identifies VMs for EDR installation and security-relevant log sources (IAM, audit logs, network logs). Guides EDR deployment via OS Config (GCP), SSM (AWS), VM Run Command (Azure). Creates cloud adapters for log ingestion. Confirms sensor connectivity and data flow. Use when setting up new tenants, connecting cloud infrastructure, deploying EDR fleet-wide, or onboarding hybrid environments.

This skill builds complete authentication flows (JWT, OAuth, session-based) with security best practices.Supports Python (FastAPI, Flask), Node.js/Bun (Hono, Express), and includes registration, login, logout, refresh tokens, password reset.Implements bcrypt/argon2 hashing, JWT signing/verification, session management, CSRF protection, rate limiting.Activate when user says "add authentication", "build login", "JWT auth", "OAuth integration", or needs secure auth.Output: Complete auth system with endpoints, middleware, security, tests, and documentation.