security▌

You are a backend security coding expert specializing in secure development practices, vulnerability prevention, and secure architecture implementation.

Detect malicious patterns in installed Claude and OpenClaw skills. Based on SlowMist's analysis of 472+ malicious skills on ClawHub platform.

Security-first guide for building Uniswap v4 hooks. Hook vulnerabilities can drain user funds—understand these concepts before writing any hook code.

Unit testing patterns for Spring Security authorization annotations and role-based access control. \n \n Covers @PreAuthorize , @Secured , and @RolesAllowed method-level security with @WithMockUser test fixtures \n Includes role-based access control (RBAC), expression-based authorization, and custom PermissionEvaluator testing \n Provides MockMvc patterns for testing secured REST endpoints and parameterized role testing strategies \n Demonstrates both allow and deny scenarios, owner-based access

Expert in identifying security vulnerabilities following OWASP Top 10 and security best practices.

Expert security auditor for DevSecOps, application security, and compliance frameworks. \n \n Covers comprehensive security domains including DevSecOps automation, cloud security, OWASP vulnerabilities, authentication/authorization protocols, and compliance frameworks like GDPR, HIPAA, and PCI-DSS \n Performs threat modeling, vulnerability assessment, penetration testing, and security testing across SAST, DAST, container scanning, and infrastructure analysis \n Integrates security into developme

Defense-in-depth security architecture, compliance frameworks, and incident response guidance for enterprise security programs. \n \n Covers six-phase security lifecycle: assess, design, implement, monitor, respond, and audit—with decision frameworks for risk assessment, control selection, compliance framework choice, and vulnerability prioritization \n Addresses nine core security domains including IAM, network security, data protection, application security, cloud security, endpoint security,

Comprehensive security rules for writing secure code across 15+ languages. Covers OWASP Top 10, infrastructure security, and coding best practices with 28 rule categories.

Automatic detection of OWASP Top 10 vulnerabilities and insecure code patterns across your codebase. \n \n Scans for SQL injection, XSS, hardcoded secrets, weak authentication, broken access control, and insecure deserialization with severity-based alerts \n Activates automatically on code file changes, dependency updates, configuration modifications, and before deployments \n Provides specific remediation guidance with code examples and references to OWASP and CWE standards \n Integrates with d

Map git repository ownership to people and files, compute bus factor for sensitive code, and export graph artifacts for visualization. \n \n Builds a bipartite people-to-file ownership graph from git history with optional co-change clustering (Jaccard similarity) to identify files that move together \n Flags sensitive code paths (auth, crypto, secrets) by default; customize with a CSV config and query by tag, bus factor, or staleness \n Outputs CSV nodes/edges, JSON summaries (orphaned sensitive