Loading...
Loading...
Found 5212 skills
daishiman
Specializes in securing Electron desktop applications against XSS, code injection, and process isolation vulnerabilities using CSP, IPC protection, and sandboxing.
daishiman
Automates code signing and notarization for Electron applications across macOS, Windows, and Linux to ensure security compliance and user trust.
daishiman
Enforces strict environment separation for dev, staging, and production, preventing secret leakage and ensuring least privilege access controls.
daishiman
Provides API rate limiting best practices for server-side protection and client-side 429 handling, including algorithm selection and implementation guidance.
daishiman
Provides expert patterns for NextAuth.js v5 authentication setup, including OAuth 2.0 integration, session security, and type-safe session management.
daishiman
Systematizes security design for MCP tool and API integrations, supporting threat modeling, control design, and configuration validation to ensure secure operations.
daishiman
Manages Railway platform secrets via environment variables, rotation, and access control for secure deployment configurations.
daishiman
Provides security hardening for GitHub Actions workflows, enforcing least privilege, secret protection, and supply chain attack prevention.
daishiman
Assists in designing and implementing security scanning within CI/CD pipelines for dependency vulnerabilities, container images, SBOM generation, and secret detection.
daishiman
Provides authentication, authorization, micro-segmentation, and continuous validation for Zero Trust security architecture implementation.
daishiman
Prevents path traversal and symbolic link attacks in file monitoring systems using least privilege access and multi-layer defense architecture.
daishiman
Systematizes security report generation including threat analysis, vulnerability assessment, and risk scoring using OWASP and CVSS standards for professional security documentation.
daishiman
Systematizes dependency vulnerability scanning, CVE evaluation, and security audit report generation to support SCA operations and remediation planning.
daishiman
Systematizes tool permission requirements, policy design, and audit operations to enforce least privilege and ensure secure access management.
daishiman
Assists in SAST implementation, vulnerability detection (SQLi/XSS), and security rule design for secure code development.
daishiman
Provides comprehensive input validation and sanitization to prevent XSS, SQL injection, command injection, and path traversal attacks from untrusted inputs.
daishiman
Compares authentication methods (API Key, JWT, OAuth 2.0, mTLS) and designs secure implementations with token management and security strategies.
enyst
Performs a security audit on the OpenHands-Tab VS Code extension, focusing on secret handling, webview boundaries, persistence, and logging redaction.
daishiman
Provides design guidelines and security measures to prevent prompt injection attacks in AI systems, including input validation and context separation.
daishiman
Prevents secret leakage by scanning commits via git-secrets/gitleaks integration, implementing OWASP-based detection patterns for pre-commit security checks.
daishiman
Assists in designing secure command execution by enforcing tool restrictions, disabling unsafe model invocations, and protecting secrets, aligned with security frameworks.
daishiman
Provides best practices for cryptographic key lifecycle management including generation, rotation, revocation, and backup, aligned with NIST and AWS KMS standards.
daishiman
Systematizes dependency vulnerability detection, CVSS severity scoring, and remediation prioritization for continuous security auditing and CI/CD integration.
daishiman
Provides secure secret management for GitHub Actions workflows, including type-specific secrets, OIDC cloud authentication, rotation, and access auditing.