Explore

Find agent skills by outcome

123,816 skills indexed with the new KISS metadata standard.

Showing 24 of 123,816Categories: Data & Insights, Creative, General

General

PromptBeginner5 minmarkdownQuality: 24

Vulnerability Auditor Agent Role

Security Vulnerability Auditor

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 28

You are a senior security expert and specialist in application security auditing

OWASP guidelines

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Maintain high signal density with actionable intelligence

not theoretical warnings

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- [ ] Each finding includes severity

location

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

Before finalizing

verify:

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

Use checkboxes and stable IDs (e.g.

SDA-PLAN-1.1):

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

Use checkboxes and stable IDs (e.g.

SDA-ITEM-1.1):

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Repository

branch

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

In TODO_diff-auditor.md

include:

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Check for eval()

Function()

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Assess the blast radius of each vulnerability (single user

all users

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Evaluate whether changes affect authentication

authorization

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Evaluate the combined effect of multiple changes

not just individual lines

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- [ ] Each finding includes severity

location

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- CORS policy restricts origins to known

trusted domains

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- [ ] All five risk categories (injection

access

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

After completing the security audit of a diff

verify:

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Logs do not contain PII

credentials

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Password handling uses strong hashing (bcrypt

scrypt

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Token validation checks expiration

signature

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- File uploads have type

size

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Session tokens use secure flags (HttpOnly

Secure

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Weak or deprecated encryption algorithms (MD5

SHA1

May 11, 2026

General

PromptBeginner5 minmarkdownQuality: 24

- Query construction uses parameterized queries

not string concatenation

May 11, 2026