Explore

Find agent skills by outcome

114,230 skills indexed with the new KISS metadata standard.

Showing 24 of 114,230Categories: Data & Insights, Coding & Debugging, Cursor-rules, General, Research & Learning

General

PromptBeginner5 minmarkdown

- Auth Schemes: Correct JWT/cookie/OAuth configuration

token validation

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

If the target is an ASP.NET Core / .NET Web API

include these additional checks.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Weak cryptography: Use of MD5

SHA1

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Hardcoded secrets: API keys

passwords

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Review log collection

centralization

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Review access logging

audit trails

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Test for encoding evasion: Unicode tricks

Base64 variants

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Assess resource limits

quotas

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Test for known jailbreak patterns

encoding-based bypass

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Check for unsafe output rendering: script injection

executable code

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Audit for sensitive information leakage: secrets

credentials

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Analyze indirect injection channels: tool output

document-based

Apr 2, 2026

General

PromptBeginner5 minmarkdown

If the target system includes LLM agents

prompts

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Analyze security headers (CSP

X-Frame-Options

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Verify HTTPS enforcement

HSTS

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Validate and restrict CORS origins to known

trusted domains only.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Use `bcrypt` or `argon2-cffi` for password hashing

never `hashlib` directly.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Avoid `eval()`

`Function()`

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Configure `SECRET_KEY` via environment variables

never hardcoded in settings.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Validate and sanitize input with libraries like `joi`

`zod`

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Evaluate transitive dependencies

not just direct imports.

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Apply context-aware output encoding for HTML

JavaScript

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Run `npm audit`

`yarn audit`

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- [ ] No secrets

API keys

Apr 2, 2026

Find agent skills by outcome

- **Auth Schemes**: Correct JWT/cookie/OAuth configuration

If the target is an ASP.NET Core / .NET Web API

- **Weak cryptography**: Use of MD5

- **Hardcoded secrets**: API keys

- Review log collection

- Review access logging

- Test for encoding evasion: Unicode tricks

- Assess resource limits

- Test for known jailbreak patterns

- Check for unsafe output rendering: script injection

- Audit for sensitive information leakage: secrets

- Analyze indirect injection channels: tool output

If the target system includes LLM agents

- Analyze security headers (CSP

- Verify HTTPS enforcement

- Validate and restrict CORS origins to known

- Use `bcrypt` or `argon2-cffi` for password hashing

- Avoid `eval()`

- Configure `SECRET_KEY` via environment variables

- Validate and sanitize input with libraries like `joi`

- Evaluate transitive dependencies

- Apply context-aware output encoding for HTML

- Run `npm audit`

- [ ] No secrets

- Auth Schemes: Correct JWT/cookie/OAuth configuration

- Weak cryptography: Use of MD5

- Hardcoded secrets: API keys