security-audit
conduct comprehensive assessments to identify vulnerabilities
1WORKS 57★22WORKS 57★3,0353WORKS 55★04WORKS 55★2,2805WORKS 54★106WORKS 53★5597WORKS 53★08WORKS 52★09WORKS 52★38110WORKS 52★011WORKS 52★012WORKS 52★413WORKS 51★9,72614WORKS 51★1,75715WORKS 50★17,46416WORKS 50★6917WORKS 49★018WORKS 49★6419WORKS 49★38120WORKS 49★1,79121WORKS 49★1,79122WORKS 48★023WORKS 45★1,79124WORKS 44★025WORKS 44★1,79126WORKS 44★1,79127WORKS 43★028WORKS 43★1,79129WORKS 42★1,791
forge-check-securityworkflowdefault
OWASP parallel scanning (6 dimensions) with risk aggregation and gate enforcement.
security-auditskill
Pre-release security verification and vulnerability inventory before deployment.
webassessmentskill
Comprehensive web application penetration testing with structured threat modeling and prioritized exploitation
pro-workflowplugin
Structured external red-team assessments where 71 skills auto-select by vulnerability class
security-reviewcommand
Pre-release security scanning when compliance and threat coverage matter
securityskill
Severity classification separates critical auth issues from style nits—allows teams to merge without blocking on low-severity findings.
vuln-discoveryworkflow
Structured agent orchestration with deterministic phase transitions and fault isolation.
vuln-discoveryworkflow
Structured agent orchestration with deterministic phase transitions and fault isolation.
security-lensskill
Catching common OWASP vulnerabilities (injection, weak auth, hardcoded secrets, XSS) in code review without requiring a full security audit.
security-auditor-saasskill
Blocking deployment when OWASP Top 10 vectors would otherwise reach production.
java-securityskill
OWASP Top 10 and Spring Security vulnerability detection beats generic code review.
security-reviewersubagent
Detecting OWASP Top 10 issues and enforcing secure-by-default patterns.
secure-code-guardianskill
Finding exploitable code patterns and guiding remediation in production applications.
vuln-scannersubagent
When infrastructure-as-code must be scanned for compliance violations and CVE risks.
skill-security-auditorskill
Pre-install security gating for untrusted community skills before adding to Claude Code
security-auditskill
Teams needing pre-deployment security checks and automated remediation of common Clawdbot vulnerabilities.
security-bounty-hunterskill
Identifying reportable security issues in open-source projects before bug-bounty submission
security-hygieneskill
Continuous security scanning without slowing deployment (automated pre-merge gate)
security-scanskill
Baseline security assessment before manual penetration testing.
hunt-sessionskill
Discovering session vulnerabilities when generic scanners miss domain-specific chains.
hunt-websocketskill
Discovering websocket vulnerabilities when generic scanners miss domain-specific chains.
security-reviewersubagent
Pre-deployment security hardening of LLM-powered Python tools.
hunt-subdomainskill
Discovering subdomain vulnerabilities when generic scanners miss domain-specific chains.
mcpmcp_server
Automated security scanning within AI-assisted code generation workflows
hunt-sharepointskill
Discovering sharepoint vulnerabilities when generic scanners miss domain-specific chains.
hunt-sqliskill
Discovering sqli vulnerabilities when generic scanners miss domain-specific chains.
java-security-checkskill
Finding hardcoded secrets, SQL/command injection, weak crypto, insecure deserialization, and Spring Security misconfigs in Java code.
hunt-ssrfskill
Discovering ssrf vulnerabilities when generic scanners miss domain-specific chains.
hunt-sstiskill
Discovering ssti vulnerabilities when generic scanners miss domain-specific chains.