Auth, encryption, vulnerability scanning, and compliance
48 boosters
A specialized AI agent for detecting vulnerabilities in smart contracts and DeFi protocols through expert analysis, formal verification, and exploit testing. Essential for blockchain developers, auditors, and protocol teams seeking to prevent security breaches before deployment.
A technical compliance auditor agent that guides organizations through SOC 2, ISO 27001, HIPAA, and PCI-DSS certification processes, handling readiness assessment, evidence collection, and gap remediation. Ideal for security teams and compliance officers preparing for audits.
"name": "impeccable", "description": "Design fluency for frontend development. 1 skill with 23 commands (/impeccable polish, /impeccable audit, /impeccable critique, etc.) and curated anti-pattern detection.", "name": "Paul Bakaus",
This skill provides automated assistance for attack surface analyzer tasks within the Security Advanced domain. This skill activates automatically when you: 1. Provides step-by-step guidance for attack surface analyzer
Configure the Slack channel MCP plugin by providing your Slack bot token and app-level token. Writes credentials to a secure file with owner-only permissions. 1. Parse the two arguments from : 2. If either token is missing or has the wrong prefix, show this error and stop:
Check HIPAA compliance for healthcare data security requirements. Use when auditing healthcare applications. Trigger with 'check HIPAA compliance', 'validate health data security', or 'audit PHI protection'.
"name": "safety-net", "description": "Block destructive git and filesystem commands before execution", "email": "jliew@420024lab.com"
"name": "token-optimizer", "description": "Audit, fix, and monitor Claude Code context window usage. Find the ghost tokens.", "name": "Alex Greenshpun",
"name": "safety-net", "description": "Block destructive git and filesystem commands before execution", "email": "jliew@420024lab.com"
Checks Claude Octopus setup status and provides configuration instructions for missing dependencies like Codex CLI. Useful for developers setting up AI coding environments, though references appear outdated.
"name": "codeguard-security", "description": "Security code review skill based on Project CodeGuard's comprehensive security rules. Helps AI coding agents write secure code and prevent common vulnerabilities.", "name": "Project CodeGuard",
"description": "確定申告を自動化する Claude Code Plugin。会社員+副業(事業所得・青色申告)の所得税・消費税確定申告をエンドツーエンドで支援。", "name": "kazukinagata" "keywords": ["確定申告", "tax-filing", "bookkeeping", "blue-return", "japan-tax"]
"name": "cc-company", "name": "Shin-sibainu" "description": "秘書から始める仮想組織プラグイン。3ステップで即運用開始。"
A Cursor IDE rules configuration for the pig-ui framework that enforces MCP feedback loops during development workflows. Beneficial for teams using Spring Boot 3.5, Spring Cloud, and Vue with role-based access control requirements.
"name": "clawdstrike", "name": "Backbay Labs", "email": "hello@backbay.io"
Manage bookmarks via Raindrop.io REST API. User must have env var set. If not configured, instruct them to: 1. Create app at https://app.raindrop.io/settings/integrations
"description": "rr CLI skill - sync code and run commands on remote machines", "name": "Riley Hilliard"
이 항목들은 Anthropic 내부 빌드에서 실행될 때만 포함됩니다. Carefully consider the reversibility and blast radius of actions. Generally you can freely take local, reversible actions like editing files or running tests. But for actions that are hard to reverse, affect shared systems beyond your local environment, or coul
"description": "Run any model with an Anthropic- or OpenAI-compatible API (e.g. DeepSeek, GLM, Kimi, Qwen, MiniMax) — even your Codex subscription — as real Claude Code workflows, agent-team teammates, or one-shot subagents, driven exactly like native ones. Your main session's own auth is untouched
Secure agent runtime with trusted process mediation
Transform a Vibes app into a multi-tenant SaaS with subdomain-based tenancy. Adds Clerk authentication, subscription gating, and generates a unified app with landing page, tenant routing, and admin dashboard.
触发敏感请求时,按“拒答但不出戏”统一话术输出: 更完整的安全规则与免责声明见:references/research/03-safety-and-boundaries.md。 我是峰哥(虚构版),亡命天涯。嘴上不讲意义,手上爱看细节;有时候像孩子王,讲人话、讲现实;看到离谱事就直球追问,看到倒霉事就给你反转成“赚了”。我不许愿、不兜底,但我能把事给你捋清楚,让你知道下一步该干啥。
gog is a Google Workspace CLI tool that enables AI coding assistants to interact with Gmail, Calendar, Drive, Contacts, Sheets, and Docs directly from code. Developers building automation or integrations with Google services benefit from this skill.
31 specialized agents covering every department from solo founder Day 0 to IPO. 22 frameworks with tactical playbooks, compliance guides, and process maps. Before loading any agent files, consult . It contains:
Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.
"name": "promptadvisers-claudex", "name": "promptadvisers" "description": "Autonomous Claude + Codex review loop. Plan with adversarial pushback, or audit code (read-only).",
This project includes deepsafe-scan, a preflight security scanner for AI agent environments. When the user asks to audit, scan, or check security of their AI agent setup, skills, or MCP servers, run the scanner: For a full scan with LLM analysis (if OPENAIAPIKEY is set):
Mazeway provides Cursor-specific rules for implementing authentication and authorization patterns in Next.js projects using Supabase, enabling developers to own their auth logic instead of relying on external packages. Ideal for developers building secure, self-contained authentication systems.
Mazeway provides cursor-integrated authentication rules for building secure auth systems in Next.js projects using Supabase, emphasizing best practices for 2FA and device trust without external auth libraries.
"name": "workflow-audit", "description": "SwiftUI workflow audit — find dead ends, broken promises, and UX friction. Bundled with a phased plan generator.", "name": "Terry Nyberg"
"description": "Ship software systematically: project lifecycle, TDD, parallel agents, code review, security auditing, and infrastructure validation", "email": "lgbarn@users.noreply.github.com"
"name": "ultraship", "description": "Claude Code plugin — 36 tools, 42 skills, 12 agents. Elite SEO strategy with AI traffic tracking, IndexNow, GSC-GA4 cross-reference, CTR anomalies, brand filtering, keyword intelligence, index doctor, pentest, ship, launch, grow, rescue.", "name": "Houseofmvps",
"name": "andrew-architect", "description": "Claude Skills for architecture design distilled from Andrew Wu's published articles", "name": "Andrew Wu",
"name": "kernel-vuln-analyzer", "description": "Analyze Linux kernel vulnerabilities from KASAN/UBSAN/BUG crash logs or CVE descriptions. Full root cause analysis, exploitability assessment, patch development, and QEMU verification.", "url": "https://github.com/winmin"
Performs comprehensive email deliverability auditing for a domain. Checks DNS authentication records (SPF, DKIM, DMARC), infrastructure (MX, PTR, TLS), reputation (blacklists), and bulk sender compliance. Generates a health score (0-100) with prioritized fixes. 1. Both SPF AND DKIM must pass (not ju
"name": "quantum-loop", "description": "Universal CLI orchestrator with multi-runner support. Autonomous spec-driven development with dependency DAG, parallel worktree execution, two-stage review gates, and modular merge hardening.", "name": "andyzengmath"
Advanced security research skill for web servers, REST APIs, web applications, and network infrastructure. Designed for experienced users who want structured, tool-driven Claude's role is to interpret tool output, suggest next steps, and document findings.
"description": "Matrix channel for Claude Code — two-way messaging bridge with E2EE, access control, and permission relay", "skills": "./skills/", "keywords": ["matrix", "channel", "bridge", "e2ee", "mcp"],
"version": "5.10.0", "description": "Memory → Evaluation → Credential → Access Control for AI agents. Persistent memory with W3C Verifiable Credentials, capability-based access control, drift detection, and FSRS-6 spaced repetition.", "name": "kobie3717",
"description": "Rust language server", "email": "zircote@gmail.com" "repository": "https://github.com/zircote/rust-lsp",
"name": "sensitive-canary", "description": "Blocks secrets and PII before they reach the Anthropic API", "repository": "https://github.com/coo-quack/sensitive-canary",
"description": "Soleur plugin marketplace. Provides the Soleur AI organization plugin for Claude Code.", "name": "Jean Deruelle", "email": "jean.deruelle@jikigai.com"
"name": "claude-mlx-tts", "description": "Voice-cloned TTS notifications using MLX Chatterbox Turbo. Clone any voice from a 20-second sample.", "command": "${CLAUDEPLUGINROOT}/scripts/run-tts.sh",
Heuristic scoring (no AI key configured).
"name": "cadre-devkit-claude", "description": "Cadre team development kit for Claude Code - security hooks, workflow automation, and productivity tools", "name": "Cadre Team"
"name": "oh-my-claudecode", "description": "Multi-agent orchestration system for Claude Code", "skills": "./skills/"
"name": "compliance-pilot", "description": "AWS compliance engine — SOC 2 + HIPAA scanning, remediation, and audit reporting powered by Prowler", "name": "Mehul Prajapati",
"name": "keep-it-simple", "description": "Keep it simple skills ruthlessly kills complexity."