security-review
보안, 보안 리뷰, 보안 검토, 취약점, 보안 분석 - Use when reviewing code for security vulnerabilities, designing authentication/authorization, or ensuring secure architecture. Provides systematic security analysis based on OWASP guidelines.
security-review
MANDATORY for security-sensitive code changes - OWASP-based security review with dedicated checklist, required before PR for auth, input handling, API, database, or credential code
security-patterns
Elixir-specific security patterns, OWASP mitigations, and compliance best practices
owasp-top-10
OWASP Top 10 web application security risks with detection patterns and fixes. Use when reviewing security vulnerabilities, authentication, authorization, or data handling.
code-reviewer
Research-backed code review skill with OWASP Top 10 security checks, SAST tool integration (SonarQube, CodeQL, Snyk), performance pattern detection, and automated quality standards enforcement. Auto-invoked for code review, security audit, PR analysis, and bug checking. Implements 2025 best practices with 92% faster vulnerability remediation.
security-architecture-overview
Understand the defense-in-depth security architecture of Secure Vibe Coding OS. Use this skill when you need to understand the overall security approach, the 5-layer security stack, OWASP scoring, or when to use other security skills. Triggers include "security architecture", "defense in depth", "security layers", "how does security work", "OWASP score", "security overview", "security principles".
security-prompts
Library of battle-tested security prompt templates for secure feature implementation. Use when implementing forms, endpoints, authentication, authorization, file uploads, or conducting security reviews. Triggers include "security prompt", "secure form", "RBAC", "threat model", "STRIDE", "admin endpoint", "file upload", "security testing", "code review", "OWASP".
security
Production-grade security testing skill with OWASP Top 10, vulnerability scanning, penetration testing guidance, and compliance validation
security-auditor
Activates when user needs security review, vulnerability scanning, or secure coding guidance. Triggers on "security review", "find vulnerabilities", "is this secure", "check for injection", "security audit", "OWASP", "secure this code", or security-related questions.
security-practices
Master secure development, OWASP top 10, testing, and compliance. Use when building secure systems, conducting security reviews, or implementing best practices.
security
Secure backend applications against OWASP threats. Implement authentication, encryption, scanning, compliance, and incident response procedures.
security-audit
Agent Skill: Security audit patterns for PHP/OWASP. Use when conducting security assessments, identifying vulnerabilities (XXE, SQL injection, XSS), or CVSS scoring. By Netresearch.
