Tag: security
Comprehensive Code Review Checklist for LobeHub
This comprehensive checklist guides developers through critical areas of code review, covering security best practices, testing coverage, internationalisation, and architectural consistency. It ensures adherence to LobeHub's standards, part…
Comprehensive code review for bugs and security
This skill performs comprehensive code analysis, checking for logic errors, security vulnerabilities, and performance bottlenecks. It provides actionable, structured feedback covering best practices and maintainability.
Comprehensive Frontend Code Quality Review
This skill performs comprehensive code reviews on frontend files (.tsx, .ts, .js), checking for adherence to established conventions, performance anti-patterns, and security vulnerabilities. It supports both file-targeted and pending-change…
Automated Code Review and Quality Assurance
This skill provides comprehensive code review assistance, automating style checks and identifying potential bugs, security vulnerabilities, and performance issues. It delivers structured feedback categorized by severity (Critical, Important…
Stripe API integration best practices guide
This skill provides comprehensive guidance on selecting the correct Stripe API endpoints for various use cases, including one-time payments, subscriptions, and marketplace setups. It covers critical best practices such as restricted API key…
Comprehensive Code Quality and Security Reviewer
Performs thorough code assessments covering correctness, readability, performance, and security vulnerabilities. It provides a structured report detailing issues by severity, along with actionable recommendations for improvement.
OpenClaw Host Security Auditing and Hardening
This skill assesses the security posture of the host running OpenClaw, performing deep audits across OS context, network exposure, and system configuration. It generates a detailed, actionable remediation plan tailored to a specified risk t…
Automated Pull Request Review Agent
This skill automates comprehensive Pull Request reviews, checking for logical correctness, security vulnerabilities, and adherence to architectural standards. It structures feedback using criticality badges and posts detailed inline comment…
Security review for authentication code
This skill reviews authentication code to identify common security vulnerabilities, such as weak password hashing (e.g., SHA-1/MD5) or unsafe direct comparisons of secrets and tokens. It ensures that reported issues strictly match the user'…
Security review for authentication code
This skill reviews authentication code to identify common security vulnerabilities, such as the use of weak password hashing algorithms like SHA-1 or MD5. It provides a focused report, limiting output to a single actionable security issue.
comprehensive code review for security and bugs
Analyzes provided codebases to identify logical bugs, security vulnerabilities (such as injection risks), and deviations from established best practices. Findings are structured by severity level with actionable remediation suggestions.
Security review for authentication code
This skill reviews authentication code to identify common security vulnerabilities, such as weak password hashing (SHA-1/MD5) and insecure secret/token comparisons. It ensures reported issues strictly adhere to the user-defined scope.
Security review for authentication code
This skill reviews authentication code to identify potential security vulnerabilities. It specifically checks for weak password hashing algorithms, such as SHA-1 or MD5, and is constrained to reporting a maximum of one issue.
Comprehensive Code Review Checklist for LobeHub
This skill provides a detailed, multi-faceted checklist for reviewing pull requests, covering best practices across security, testing, i18n, and architectural consistency. It guides developers to catch common pitfalls such as hardcoded secr…
Comprehensive Frontend Code Quality Review
This skill performs deep code analysis on frontend files, supporting both file-targeted and pending-change reviews. It rigorously checks for security flaws, performance anti-patterns, and adherence to established component and architectural…
Backend Python Code Review Skill
This skill performs automated reviews of Python backend code to identify security vulnerabilities, performance bottlenecks, and violations of architectural best practices. It supports analysing code snippets, specific files, or pending chan…
Mandatory permission check for file deletion
This skill intercepts all file deletion operations, including using commands like rm or fs.rm, ensuring explicit user consent is obtained before any files are removed from the disk. It enforces a strict workflow requiring a permission check…
Comprehensive code review and quality assurance
Performs thorough code analysis, identifying bugs, security vulnerabilities, and performance bottlenecks across various dimensions. It provides structured, actionable feedback detailing the location, severity, and suggested fix for each iss…
ISO 27001 Internal Audit and Compliance Assessment
This skill guides users through a structured internal audit against ISO 27001:2022, covering scoping, control assessment, and evidence gathering. It facilitates the identification of nonconformities and the generation of corrective action p…
Comprehensive code quality and maintainability review
This skill guides the user through conducting thorough code reviews, covering critical areas such as correctness, performance, security, and overall maintainability. It provides actionable feedback guidelines to ensure suggestions are speci…
Secure IPC for Vault Credential Management
Provides a unified Unix socket for secure, authenticated communication with a local vault. It facilitates sensitive operations like payment signing and credential retrieval while ensuring private keys are never stored long-term.
Run skeptical adversarial code reviews
Utilises a Codex bridge to perform a deep, skeptical review of code changes, identifying potential regressions, unsafe assumptions, and release risks. This is ideal for pre-merge checks, migrations, or any high-risk deployment.
Batch Phishing Risk Assessment for Multiple URLs
This tool performs batch phishing detection, allowing developers to submit up to 500 URLs or domains via a single API call. It returns a structured risk assessment, including a risk level and actionable recommendation for each target.
Focused code review of diffs with Codestral
This skill performs a focused code review of a provided diff, automatically detecting the most relevant focus area (e.g., security, performance, API design). It utilizes the Codestral model to provide concrete, high-signal findings and conc…