Use when auditing a web app for security vulnerabilities. Triggers on: 'audit my project', 'how could this get hacked', 'find bugs in this codebase', 'security review', 'pentest', 'bug bounty scope for X', 'GHSA collaborator invite', 'security audit this'. Handles both internal audits (sitting in your own codebase, filesystem access) and external audits (only URL + written authorization). Contains: context detection (inside-vs-outside), a source-code audit checklist (auth bugs, IDOR, SSRF, injection, crypto misuse, file handling, rate-limits, Docker config), a black-box probing checklist (subdomain enum, port scan, TLS/DNS, admin-panel leakage, error-shape oracles, version fingerprint), a server/infra sweep (management ports, cloud metadata, CDN bypass, backup files, container image CVEs), a rate-limit deep-dive (distributed-counter vs in-memory, XFF trust, cost-inflation DoS), and — after you have findings — advisory writing via gh api and patch delivery when the temporary private fork is gated to the mainta
This listing is imported from SkillsMP metadata and should be treated as untrusted until upstream source review is completed.
Install skill "security-audit" with this command: npx skills add shaxbozaka/skillsmp-shaxbozaka-shaxbozaka-security-audit
This source entry does not include full markdown content beyond metadata.
This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.
Related by shared tags or category signals.
GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permissions, and network exposure, then delivers an HTML report directly to you. Also use for scanning third-party code, blocking dangerous commands, preventing data leaks, evaluating action safety, and running daily security patrols.
Notion via notion-cli — a Rust CLI + MCP server for Notion API 2025-09-03+. Safety-first agent integration with rate limiting, response-size cap, untrusted-source output envelope, read-only MCP default, JSONL audit log, and --check-request dry-runs. Supports the new data-source model, 22 property types, 12 block types, and one-shot page+body creation.
Detects fire and smoke in video scenes. Supports both video stream and image analysis. Suitable for fire early warning scenarios such as security surveillance, forest fire prevention, and industrial parks. | 烟火检测技能,对视频场景中火情和烟雾进行检测,支持视频流和图片检测,适用于安防监控、森林防火、工业园区等火灾预警场景
Detects people, vehicles, non-motorized vehicles, pets, and parcels appearing in the target area. Supports video stream and image detection, suitable for general security surveillance scenarios. | 基础目标检测技能,检测出目标区域内出现的人、车、非机动车、宠物、包裹,支持视频流和图片检测,适用于通用安防监控场景