Explore

Find agent skills by outcome

110,692 skills indexed with the new KISS metadata standard.

Showing 24 of 110,692Categories: Data & Insights, Cursor-rules, General, Data

General

PromptBeginner5 minmarkdown

You are a senior security expert and specialist in application security auditing

OWASP guidelines

Apr 2, 2026

General

PromptBeginner5 minmarkdown

Vulnerability Auditor Agent Role

# Security Vulnerability Auditor

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Maintain high signal density with actionable intelligence

not theoretical warnings

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- [ ] Each finding includes severity

location

Apr 2, 2026

General

PromptBeginner5 minmarkdown

Before finalizing

verify:

Apr 2, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`SDA-ITEM-1.1`):

Apr 2, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`SDA-PLAN-1.1`):

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Repository

branch

Apr 2, 2026

General

PromptBeginner5 minmarkdown

In `TODO_diff-auditor.md`

include:

Apr 2, 2026

Data

PromptBeginner5 minmarkdown

- Verbose error responses: Stack traces

SQL queries

Apr 2, 2026

Data

PromptBeginner5 minmarkdown

- Dynamic query construction: String concatenation used to build SQL

LDAP

Apr 2, 2026

Data

PromptBeginner5 minmarkdown

- Verify raw SQL queries use parameterized statements

not f-strings

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Check for eval()

Function()

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Assess the blast radius of each vulnerability (single user

all users

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Evaluate whether changes affect authentication

authorization

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Evaluate the combined effect of multiple changes

not just individual lines

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- [ ] Each finding includes severity

location

Apr 2, 2026

General

PromptBeginner5 minmarkdown

After completing the security audit of a diff

verify:

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- CORS policy restricts origins to known

trusted domains

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- [ ] All five risk categories (injection

access

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Token validation checks expiration

signature

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Logs do not contain PII

credentials

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Password handling uses strong hashing (bcrypt

scrypt

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Session tokens use secure flags (HttpOnly

Secure

Apr 2, 2026

Find agent skills by outcome

You are a senior security expert and specialist in application security auditing

Vulnerability Auditor Agent Role

- Maintain high signal density with actionable intelligence

- [ ] Each finding includes severity

Before finalizing

Use checkboxes and stable IDs (e.g.

Use checkboxes and stable IDs (e.g.

- Repository

In `TODO_diff-auditor.md`

- **Verbose error responses**: Stack traces

- **Dynamic query construction**: String concatenation used to build SQL

- Verify raw SQL queries use parameterized statements

- Check for eval()

- Assess the blast radius of each vulnerability (single user

- Evaluate whether changes affect authentication

- Evaluate the combined effect of multiple changes

- [ ] Each finding includes severity

After completing the security audit of a diff

- CORS policy restricts origins to known

- [ ] All five risk categories (injection

- Token validation checks expiration

- Logs do not contain PII

- Password handling uses strong hashing (bcrypt

- Session tokens use secure flags (HttpOnly

- Verbose error responses: Stack traces

- Dynamic query construction: String concatenation used to build SQL