Agent-Skills.md
Back to tags
Tag

Agent Skills with tag: api-security

16 skills match this tag. Use tags to discover related Agent Skills and explore similar workflows.

secure-error-handling

Implement secure error handling to prevent information leakage and provide appropriate error responses. Use this skill when you need to handle errors in API routes, prevent stack trace exposure, implement environment-aware error messages, or use the error handler utilities. Triggers include "error handling", "handle errors", "error messages", "information leakage", "stack trace", "handleApiError", "production errors", "error responses".

error-handlinginformation-leakagesecure-codingapi-security
harperaa
harperaa
1

csrf-protection

Implement Cross-Site Request Forgery (CSRF) protection for API routes. Use this skill when you need to protect POST/PUT/DELETE endpoints, implement token validation, prevent cross-site attacks, or secure form submissions. Triggers include "CSRF", "cross-site request forgery", "protect form", "token validation", "withCsrf", "CSRF token", "session fixation".

csrftoken-validationapi-securitysession-management
harperaa
harperaa
1

infrastructure-security

Securing AI/ML infrastructure including model storage, API endpoints, and compute resources

infrastructure-securitycloud-securityapi-securitymodel-storage
pluginagentmarketplace
pluginagentmarketplace
1

model-extraction

Techniques to extract model weights, architecture, and training data through API queries

model-extractionapi-securityadversarial-techniquesmodel-theft
pluginagentmarketplace
pluginagentmarketplace
1

api-hardening

API security hardening patterns. Use when implementing rate limiting, input validation, CORS configuration, API key management, request throttling, or protecting endpoints from abuse. Covers defense-in-depth strategies for REST APIs with practical implementations for Express, FastAPI, and serverless.

api-securityrate-limitinginput-validationcors
jamditis
jamditis
1

api-expert

Expert API architect specializing in RESTful API design, GraphQL, gRPC, and API security. Deep expertise in OpenAPI 3.1, authentication patterns (OAuth2, JWT), rate limiting, pagination, and OWASP API Security Top 10. Use when designing scalable APIs, implementing API gateways, or securing API endpoints.

restgraphqlgrpcapi-security
martinholovsky
martinholovsky
92

fastapi

REST API and WebSocket development with FastAPI emphasizing security, performance, and async patterns

pythonrest-apiwebsocketsasynchronous-programming
martinholovsky
martinholovsky
92

cloud-api-integration

Expert skill for integrating cloud AI APIs (Claude, GPT-4, Gemini). Covers secure API key management, prompt injection prevention, rate limiting, cost optimization, and protection against data exfiltration attacks.

api-key-managementapi-securityinjection-attacksrate-limiting
martinholovsky
martinholovsky
92

python

Backend services development with Python emphasizing security, performance, and maintainability for JARVIS AI Assistant

pythonapiperformance-optimizationapi-security
martinholovsky
martinholovsky
92

owasp-security

Implement secure coding practices following OWASP Top 10. Use when preventing security vulnerabilities, implementing authentication, securing APIs, or conducting security reviews. Triggers on OWASP, security, XSS, SQL injection, CSRF, authentication security, secure coding, vulnerability.

OWASPweb-securityinjection-attacksauthentication
hoodini
hoodini
354

rate-limiting-implementation

Implement rate limiting, throttling, API quotas, and backpressure mechanisms to protect services from abuse and ensure fair resource usage. Use when building APIs, preventing DOS attacks, or managing system load.

rate-limitingapi-securityapithrottling
aj-geddes
aj-geddes
301

webhook-development

Implement webhook systems for event-driven integration with retry logic, signature verification, and delivery guarantees. Use when creating event notification systems, integrating with external services, or building event-driven architectures.

webhooksevent-driven-architectureapiapi-security
aj-geddes
aj-geddes
301

api-security-hardening

Secure REST APIs with authentication, rate limiting, CORS, input validation, and security middleware. Use when building or hardening API endpoints against common attacks.

api-securityauthenticationrate-limitingcors
aj-geddes
aj-geddes
301

symfony:api-platform-security

Secure API Platform resources with security expressions, voters, and operation-level access control

phpsymfonyapi-platformaccess-control
MakFly
MakFly
304

mapbox-token-security

Security best practices for Mapbox access tokens, including scope management, URL restrictions, rotation strategies, and protecting sensitive data. Use when creating, managing, or advising on Mapbox token security.

api-securityapi-key-managementaccess-controlbest-practices
mapbox
mapbox
376

Top 100 Web Vulnerabilities Reference

This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about injection attacks", "review access control weaknesses", "analyze API security issues", "assess security misconfigurations", "understand client-side vulnerabilities", "examine mobile and IoT security flaws", or "reference the OWASP-aligned vulnerability taxonomy". Use this skill to provide comprehensive vulnerability definitions, root causes, impacts, and mitigation strategies across all major web security categories.

web-securityowaspweb-vulnerabilitiesinjection-attacks
zebbern
zebbern
2,951263