moai-platform-auth
>
security-audit
Load PROACTIVELY when task involves security review, vulnerability assessment, or hardening. Use when user says \"check for security issues\", \"audit for vulnerabilities\", \"scan for secrets\", \"review auth security\", or \"check OWASP compliance\". Covers authentication and session security, authorization and access control, input validation and injection prevention, data protection and encryption, dependency vulnerability scanning, API security (CORS, rate limiting, headers), and infrastructure hardening. Produces structured reports with severity ratings.
whop-dev
Build Next.js apps for the Whop platform. For empty repos, guides users from idea to deployed app through discovery and setup. For existing projects, provides best practices for authentication, payments, webhooks, and UI. Triggers on "build me a Whop app", @whop/sdk, verifyUserToken, checkAccess, checkout flows, webhook handling, Experience/Dashboard pages, Frosted UI. Delegates to companion skills (frontend-design, vercel-react-best-practices, supabase-postgres-best-practices, web-design-guidelines) for design, performance, and database.
moai-platform-auth
>
authentication-setup
Design and implement authentication and authorization systems. Use when setting up user login, JWT tokens, OAuth, session management, or role-based access control. Handles password security, token management, SSO integration.
owasp-top-10
OWASP Top 10 web application security risks with detection patterns and fixes. Use when reviewing security vulnerabilities, authentication, authorization, or data handling.
eve-esi-integration
EVE Online ESI API integration skill for third-party development. Use when building EVE Online tools, apps, or games that need ESI endpoints, SSO authentication, image server assets, or SDE data. Triggers on EVE Online API work, ESI integration, EVE developer tools, ship renders, map data, character authentication, or EVE static data.
gcp-login
Authenticate to Google Cloud Platform using Application Default Credentials. Use when user selects GCP from cloud provider selection, or says "login to GCP", "gcloud auth", "authenticate to Google Cloud".
aws-login
Authenticate to AWS using SSO. Use when user selects AWS from cloud provider selection, or says "login to AWS", "AWS SSO", "authenticate to AWS".
rails-api
REST API specialist for Rails applications. Use when building API endpoints, implementing serialization, API versioning, JWT authentication, or creating API documentation. Focuses on RESTful design, performance, and consistency.
rails-security
Specialized skill for Rails security, authorization, and data protection. Use when implementing Pundit policies, Lockbox encryption, Blind Index searches, authentication, secure configuration, or fixing security vulnerabilities. Includes security best practices and common pitfall prevention.