安全性

This skill should be used when the user asks to "create a Supabase table", "write RLS policies", "set up Supabase Auth", "create Edge Functions", "configure Storage buckets", "use Supabase with Next.js", "migrate API keys", "implement row-level security", "create database functions", "set up SSR auth", or mentions 'Supabase', 'RLS', 'Edge Function', 'Storage bucket', 'anon key', 'service role', 'publishable key', 'secret key'. Automatically triggers when user mentions 'database', 'table', 'SQL', 'migration', 'policy'.

Security audit worker (L3). Scans codebase for hardcoded secrets, SQL injection, XSS, insecure dependencies, missing input validation. Returns findings with severity (Critical/High/Medium/Low), location, effort, and recommendations.

Critical guardrail for Supabase database operations ensuring multi-tenant isolation with publication_id filtering, proper use of supabaseAdmin, avoiding SELECT *, error handling patterns, and secure server-side database access. Use when writing database queries, working with supabase, accessing newsletter_campaigns, articles, rss_posts, or any tenant-scoped data.

Set up a fresh Ubuntu VPS for web development with Node.js, Python, Nginx, PM2, SSL, and security hardening. Use when setting up a new server, configuring web hosting, deploying apps, or helping users create a development playground server.

Boot configuration for Bazzite OS. BIOS/UEFI access, GRUB menu settings,secure boot key enrollment, and Windows dual-boot setup. Use when usersneed to configure boot options or access BIOS settings.

Comprehensive Firebase skill for TypeScript/Next.js 16 projects. Use when configuring Firebase services (Firestore Client SDK with aggregations/vector search, Authentication, Storage, Cloud Functions v2, FCM push notifications, App Check bot protection), implementing security rules and indexes, troubleshooting Firebase errors, setting up auth providers (email/password, Google Sign-In), configuring VAPID keys for notifications, custom action URLs, reCAPTCHA Enterprise, replay protection, or resolving permission issues. Covers TypeScript patterns, Next.js 16 SSR/App Router integration, and common pain points like CORS, duplicate documents, notification setup, and bot abuse prevention.

Specialized agent for comprehensive code auditing, security analysis, architecture review, and quality assurance for the BarqNet project. Performs deep analysis of code quality, security vulnerabilities, performance bottlenecks, best practices compliance, and generates detailed audit reports. Use when reviewing code changes, security assessments, or quality checks.

Design security controls and threat mitigations. Use for features involving auth, data, or external exposure.

Auditar a configuração do Resource Server JWT/OIDC, integrando secrets do Azure Key Vault/Swarm e garantindo policies CORS/claims seguras.

Guide for configuring GitHub repository rules, branch protection, rulesets, CODEOWNERS, and security policies. Use when users need to set up branch protection rules, configure required reviews, enforce status checks, manage merge strategies, or implement repository security policies.

GitHub Actions workflow automation for intelligent CI/CD pipelines with adaptive optimization. Use for workflow creation, pipeline optimization, security scanning, failure analysis, and automated deployment strategies.

Web infrastructure for Hostinger VPS - Nginx reverse proxy, SSL/Let's Encrypt, configuration audit, and application deployment (INCLUZ'HACT). Use for site configuration, SSL setup, 502/504 errors, or deployments.

Integrate external REST and GraphQL APIs with proper authentication (Bearer, Basic, OAuth), error handling, retry logic, and JSON schema validation. Use when making API calls, database queries, or integrating external services like Stripe, Twilio, AWS. Achieves 10-30x cost savings through direct execution vs LLM-based calls. Triggers on "API call", "REST API", "GraphQL", "external service", "API integration", "HTTP request".

Backend Cloud Run/Express/Firestore do Sr Cardoso. Use quando criar ou alterar endpoints, auth JWT, regras de agenda, financeiro, branding, WhatsApp, cron jobs, ou modelagem Firestore.

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

Implement authentication with Scalekit for web applications, APIs, and MCP servers. Supports full-stack auth, modular SSO (SAML/OIDC), and MCP OAuth 2.1. Handles login, SSO, session management, token validation, and enterprise identity providers. Works with Node.js, Express, Next.js, Python, FastAPI, and MCP servers. Use when implementing authentication, adding SSO, securing APIs, or protecting MCP servers.

Master MongoDB Atlas cloud setup, cluster configuration, security, networking, backups, and monitoring. Get production-ready cloud database in minutes. Use when setting up cloud MongoDB, configuring clusters, or managing Atlas.

Expert knowledge for running winter festival operations (Security, Marketing, CX, Lost & Found).

Systematic vulnerability finding, threat modeling, and attack surface analysis. Use for comprehensive security assessment planning.

Security audits, vulnerability analysis, and security best practices enforcement