security▌

Triage and review Google Workspace security alerts from Alert Center. \n \n Lists active security alerts with table formatting for quick overview \n Retrieves detailed information for specific alerts by ID \n Acknowledges alerts to mark them as reviewed or resolved \n Requires the gws-alertcenter skill as a prerequisite \n

Secure iOS apps with Keychain, CryptoKit, biometric authentication, and Apple security best practices. \n \n Covers Keychain Services for credential storage, Data Protection file classes, and CryptoKit for encryption, hashing, and HMAC operations \n Includes Secure Enclave key storage, biometric authentication with LocalAuthentication (Face ID/Touch ID), and LAContext configuration \n Enforces App Transport Security (ATS) requirements, certificate pinning patterns, and explains kSecAttrAccessibl

Comprehensive security guidance for Laravel applications to protect against common vulnerabilities.

Comprehensive security checklist covering secrets, input validation, authentication, and deployment readiness. \n \n Covers 10 critical security domains: secrets management, input validation, SQL injection prevention, authentication/authorization, XSS prevention, CSRF protection, rate limiting, sensitive data exposure, blockchain wallet verification, and dependency security \n Includes code examples for both unsafe and secure patterns across TypeScript, SQL, and configuration files \n Provides p

Security audits for AI-generated code, catching vulnerabilities before they ship. \n \n Systematically checks nine vulnerability categories: secrets exposure, database access control, authentication, rate limiting, payments, mobile security, AI/LLM integration, deployment config, and input validation \n Prioritizes findings by severity (Critical → High → Medium → Low) with concrete exploit scenarios and before/after code fixes \n Designed specifically for \"vibe-coded\" apps where AI assistants

When running a security review on a codebase, follow these structured steps to identify potential vulnerabilities, leaks, and misconfigurations.

This skill provides security expertise for managing Mapbox access tokens safely and effectively.

Repository-grounded threat modeling that maps trust boundaries, assets, and abuse paths to concrete code evidence. \n \n Enumerates entry points, data flows, and trust boundaries anchored to actual repository structure and configuration \n Derives realistic attacker goals tied to specific assets (credentials, PII, integrity-critical state, compute resources) rather than generic checklists \n Prioritizes threats using likelihood and impact reasoning, with explicit assumptions about deployment, au

Comprehensive security guidelines for Perl applications covering input validation, injection prevention, and secure coding practices.

Language and framework-specific security reviews with actionable vulnerability detection and fix guidance. \n \n Supports Python, JavaScript/TypeScript, and Go with framework-specific best practices loaded from a references directory \n Operates in three modes: secure-by-default code generation, passive vulnerability detection during development, and full security audit reports with severity prioritization \n Generates detailed markdown reports with line-number references, impact statements, and