Security & Testing Agent Skills

Skill Installer & Security Scanner

Installs Claude skills from GitHub repositories while performing automated security scans to protect your environment from malicious code.

Package Upgrade Auditor

Audits npm package version upgrades by performing source-level diffs and tracing call sites to ensure project compatibility.

Privilege Escalation Methods

Provides comprehensive methodologies and command-line techniques for escalating user privileges on Linux and Windows systems during security assessments.

API Security Fuzzing & Bug Bounty

Conducts comprehensive API security assessments and vulnerability discovery using industry-standard fuzzing and exploitation techniques.

Broken Authentication Security Testing

Identifies and evaluates vulnerabilities in web application authentication and session management systems using industry-standard penetration testing methodologies.

HTML Injection Security Testing

Identifies and tests HTML injection vulnerabilities in web applications to prevent content defacement and phishing attacks.

SQL Injection Security Testing

Performs comprehensive SQL injection vulnerability assessments to identify, demonstrate, and validate database security flaws in web applications.

Web Application Testing

Automates and tests local web applications using Playwright scripts with built-in server lifecycle management.

Next.js Authentication Patterns

Implements secure authentication and authorization workflows for Next.js applications using industry-standard libraries and patterns.

Code Change Verification

Validates code changes within the OpenAI Agents JS monorepo by executing a mandatory suite of build, lint, and test scripts.

AI Code Review Studio

Automates Pull Request analysis to detect security vulnerabilities, performance bottlenecks, and code quality issues directly within Claude Code.

Deep Code Analysis

Conducts systematic investigations and root-cause analysis to solve complex bugs and architectural issues.

UltraQA: Autonomous Testing & Fixing

Automates the cycle of running tests, diagnosing failures with an architect agent, and applying code fixes until quality goals are met.

Cancel UltraQA Workflow

Terminates active UltraQA automated cycling tasks to immediately halt persistent loops for tests, builds, or linting.

Network 101: Pentest Lab Setup

Configures and tests essential network services like HTTP, SNMP, and SMB to create controlled penetration testing environments.

Wireshark Network Analysis

Performs deep network traffic analysis, packet filtering, and security forensics using standardized Wireshark methodologies.

Penetration Testing Commands

Provides a battle-tested command reference for industry-standard penetration testing tools to accelerate security audits and vulnerability assessments.

Red Team Methodology & Bug Bounty Tools

Automates advanced security reconnaissance and vulnerability discovery using proven red team methodologies and professional toolchains.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

File Path Traversal Testing

Identifies and tests for directory traversal vulnerabilities to prevent unauthorized access to sensitive server-side files.

SSH Penetration Testing

Conducts comprehensive SSH security assessments including enumeration, vulnerability exploitation, and advanced tunneling techniques.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments across networks, web applications, and cloud environments.

Test Case Generator

Generates structured, requirement-driven test cases from PRDs and user stories to ensure comprehensive QA coverage and traceability.

Secure Skill Installer

Installs Claude skills from GitHub repositories while performing automated security scans to protect your local environment.

Firebase APK Security Scanner

Scans Android APKs for Firebase security misconfigurations like open databases, storage leaks, and exposed authentication endpoints.

Semgrep Rule Variant Creator

Ports existing Semgrep rules to multiple programming languages with automated applicability analysis and test-driven validation.

Azure Playwright Testing for TypeScript

Scales Playwright browser tests using Azure-hosted infrastructure and integrated reporting for high-speed CI/CD execution.

Azure AI Content Safety for Python

Moderates user-generated and AI-generated content by detecting harmful text and images with multi-severity classification.

Azure RBAC & Role Assignment

Identifies optimal Azure RBAC roles based on least-privilege principles and generates ready-to-use CLI commands and Bicep code for secure identity management.

Azure Key Vault Keys for .NET

Manages cryptographic keys and performs secure encryption, signing, and key rotation operations using the Azure Key Vault .NET SDK.