security-reviewer
Use when explicitly asked to run the security-reviewer subagent or when another skill requires the security-reviewer agent card.
aws-cost-operations
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
code-auditor
Performs comprehensive codebase analysis covering architecture, code quality, security, performance, testing, and maintainability. Use when user wants to audit code quality, identify technical debt, find security issues, assess test coverage, or get a codebase health check.
security-auditor
Activates when user needs security review, vulnerability scanning, or secure coding guidance. Triggers on "security review", "find vulnerabilities", "is this secure", "check for injection", "security audit", "OWASP", "secure this code", or security-related questions.
pr-reviewer
Review pull requests for quality, security, and performance. Use when user says "review my changes before I merge", "do a code review on this PR", "check if this is ready to merge", "review the diff for any issues", "give me feedback on these changes", or "is this PR ready for review".
Pentest Checklist
This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
