Io.Github.Tyox All/Mund
AI security scanner - secrets, PII, prompt injection, and exfiltration detection.
argocd-helm
ArgoCD and Helm expert skill. Use when deploying applications with ArgoCD, creating or reviewing Helm charts, designing GitOps workflows, managing ApplicationSets, multi-cluster deployments, progressive delivery with Argo Rollouts, troubleshooting sync issues, secrets management (SOPS, External Secrets Operator), and Kubernetes manifest management. Covers ArgoCD 3.x and Helm 3.x best practices.
Io.Github.Aguantar/Vibescan Mcp Server
MCP server for VibeScan — scan projects for leaked secrets and security issues
Security guardrails for Claude Code, MCP tools, and Claude cowork workflows. Local-first modular YARA-style guard packs for secrets, exfiltration, prompt injection, MCP abuse, and risky agent actions.
Inspect the current Secure Claude Code posture, enabled protections, and recent audit events.
mcpwall
iptables for MCP — blocks dangerous tool calls, scans for secrets, logs everything.
secret-management
Portable credential management for AI agents using age encryption, session-scoped leases, auto-rotation, and killswitch. Use this skill when agents need secure, time-bounded access to API keys, tokens, or credentials without direct exposure to plaintext secrets.
secret-scanner
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
env
Manage environment variables and secrets with flow (always use Flow env store)
Flyto Core
Secure execution engine for AI agents. 300+ modules, SSRF protection, secrets proxy.
1password-hardened
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Skylos
Dead code, security, secrets detection and code quality for Python, TypeScript, Go.
Io.Github.VouchlyAI/Pincer
Secure grip for your agent's secrets - security-hardened MCP gateway with proxy token architecture
project-workflows
Official Festapp workflows. How to run tests, manage secrets, sync translations, and commit changes safely.
Securecode
Secrets vault for Claude Code with audit logs, access rules, and AES-256 encryption.
terrashark
Prevent Terraform/OpenTofu hallucinations by diagnosing and fixing failure modes: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gate gaps. Use when generating, reviewing, refactoring, or migrating IaC and when building delivery/testing pipelines.
Janee
Secure secrets proxy for AI agents — manages API keys so agents never see raw credentials.
cyberconan
Security Audit Swarm â Full repo security scan (SAST, SCA, secrets, config). Adaptive orchestration: subagents for small repos, Agent Teams for large. Pure Claude analysis.
cloudflare-browser
Control headless Chrome via Cloudflare Browser Rendering CDP WebSocket. Use for screenshots, page navigation, scraping, and video capture when browser automation is needed in a Cloudflare Workers environment. Requires CDP_SECRET env var and cdpUrl configured in browser.profiles.
Decompile Android APK, XAPK, AAB, DEX, JAR, and AAR files using jadx
Decompile Android APK, XAPK, AAB, DEX, JAR, and AAR files using jadx or Fernflower/Vineflower. Reverse engineer Android apps, extract HTTP API endpoints (Retrofit, OkHttp, Volley, GraphQL, WebSocket), trace call flows from UI to network layer, analyze security patterns (cert pinning, exposed secrets), and perform dynamic analysis with Frida (adaptive bypass generation, crash analysis, runtime hooking). Use when the user wants to decompile, analyze, or reverse engineer Android packages, find API endpoints, follow call flows, audit app security, or bypass runtime protections.
AI Scanner
Scan codebases for LLM/AI SDK usage, exposed API tokens, and hardcoded secrets.
Io.Github.Sparkvibe Io/GuardianShield
AI security layer: code scanning, PII detection, prompt injection, secrets, CVEs
Aegis
Credential isolation for AI agents. Inject secrets at the network boundary.
skill-security-auditor
Security auditing for code, configs, and infrastructure. Use when the user wants to audit or improve security: scan for vulnerabilities (SQL injection, XSS, command injection, path traversal), detect hardcoded secrets and credentials, review auth and authorization, check dependencies for known CVEs, audit config files for insecure defaults, or generate security reports. Trigger on "security audit", "vulnerability scan", "code review for security", "find secrets", "check for vulnerabilities", "OWASP", "CVE", or questions about code security.
agenix-secrets
Create, edit, and wire up agenix-encrypted secrets in this dotfiles repo. Use when adding API keys, tokens, credentials, passwords, or any sensitive values to NixOS host configs. Trigger phrases: "add a secret", "encrypt with agenix", "new age secret", "hide this value", "agenix secret".
omniwire
Control your entire server mesh from chat. Execute commands, transfer files, manage Docker, sync configs, and monitor all your nodes â VPS, Raspberry Pi, laptop, desktop â through one unified interface. 30 MCP tools. Works on any architecture (x64, ARM, Apple Silicon). SSH2 with compression, encrypted config sync, 1Password secrets backend. Just say what you need and your agent runs it across every machine.
Hardcoded Secrets in Public Code Detection
You are performing a focused security assessment to find hardcoded sensitive data that is exposed in publicly accessible code. This skill uses a three-phase approach with subagents: **recon** (find all potential secret candidates), **batched verify** (confirm each is a real secret in publicly reacha
AgentSecrets â Zero-Knowledge Secrets Infrastructure
AgentSecrets is a complete secrets management system where you â the AI agent â are the operator.
1password
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands.
agent-vault
Read and write config files without ever seeing secret values. Secrets are stored in an encrypted local vault. You see `<agent-vault:key-name>` placeholders; the real values are written to disk transparently.