Explore

Find agent skills by outcome

121,589 skills indexed with the new KISS metadata standard.

Showing 24 of 121,589Categories: Research & Learning, Creative, Cursor-rules, General, Coding & Debugging

General

PromptBeginner5 minmarkdown

- Use `bcrypt` or `argon2-cffi` for password hashing

never `hashlib` directly.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Avoid `eval()`

`Function()`

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Configure `SECRET_KEY` via environment variables

never hardcoded in settings.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Validate and sanitize input with libraries like `joi`

`zod`

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Evaluate transitive dependencies

not just direct imports.

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Apply context-aware output encoding for HTML

JavaScript

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Run `npm audit`

`yarn audit`

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- [ ] No secrets

API keys

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Provide actionable remediation with specific code fixes

not vague recommendations.

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- [ ] Encryption standards meet minimum requirements (AES-256

TLS 1.2+).

Apr 2, 2026

General

PromptBeginner5 minmarkdown

After completing an audit

verify:

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Weak password hashing algorithms (MD5

SHA1 are never acceptable).

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Review network segmentation

HTTPS enforcement

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Cross-site scripting (XSS) in reflected

stored

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Check security headers (CSP

X-Frame-Options

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Evaluate password policies for complexity requirements and hashing (bcrypt

scrypt

Apr 2, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Verify credential storage never includes plaintext secrets

API keys

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Review JWT implementation for weak signing algorithms

missing expiration

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Check for parameterized queries

context-aware encoding

Apr 2, 2026

Creative

PromptBeginner5 minmarkdown

- Scan third-party dependencies for known CVEs

outdated packages

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Recommend concrete remediation steps with severity ratings

proof of concept

Apr 2, 2026

General

PromptBeginner5 minmarkdown

- Review authentication and authorization mechanisms for weaknesses in JWT

session

Apr 2, 2026

General

PromptBeginner5 minmarkdown

Vulnerability Auditor Agent Role

# Security Vulnerability Auditor

Apr 2, 2026

General

PromptBeginner5 minmarkdown

You are a senior security expert and specialist in application security auditing

OWASP guidelines

Apr 2, 2026

Find agent skills by outcome

- Use `bcrypt` or `argon2-cffi` for password hashing

- Avoid `eval()`

- Configure `SECRET_KEY` via environment variables

- Validate and sanitize input with libraries like `joi`

- Evaluate transitive dependencies

- Apply context-aware output encoding for HTML

- Run `npm audit`

- [ ] No secrets

- Provide actionable remediation with specific code fixes

- [ ] Encryption standards meet minimum requirements (AES-256

After completing an audit

- Weak password hashing algorithms (MD5

- Review network segmentation

- Cross-site scripting (XSS) in reflected

- Check security headers (CSP

- Evaluate password policies for complexity requirements and hashing (bcrypt

- Verify credential storage never includes plaintext secrets

- Review JWT implementation for weak signing algorithms

- Check for parameterized queries

- **Scan** third-party dependencies for known CVEs

- **Recommend** concrete remediation steps with severity ratings

- **Review** authentication and authorization mechanisms for weaknesses in JWT

Vulnerability Auditor Agent Role

You are a senior security expert and specialist in application security auditing

- Scan third-party dependencies for known CVEs

- Recommend concrete remediation steps with severity ratings

- Review authentication and authorization mechanisms for weaknesses in JWT