florianbuetow
Publisher on askill
This skill should be used when the user asks to "check for race conditions", "find TOCTOU bugs", "analyze concurrency issues", "detect double-spend vulnerabilities", "check for check-then-act patterns...
This skill should be used when the user asks to "check for misconfigurations", "analyze security headers", "find misconfigured settings", "check CORS policy", "find debug mode", "audit server configur...
This skill should be used when the user asks to "explain security concept", "what is OWASP", "explain this finding", "what does this vulnerability mean", "explain stride", "explain injection", "what i...
This skill should be used when the user asks to "check CWE Top 25", "run SANS analysis", "check for common weaknesses", or mentions "CWE" or "SANS Top 25" in a security context. Checks code against th...
This skill should be used when the user asks to "learn about security", "teach me OWASP", "security tutorial", "learn threat modeling", or invokes /appsec:learn. Interactive guided walkthrough using y...
This skill should be used when the user asks to "start security analysis", "assess security", "which security tools should I use", "appsec start", "what should I scan", "security assessment", or invok...
This skill should be used when the user asks to "review plan for security", "check plan for security issues", "security review of implementation plan", "audit the plan for vulnerabilities", or "check...
This skill should be used when the user asks to "check WebSocket security", "analyze WebSocket authentication", "find WebSocket vulnerabilities", "audit WebSocket handlers", "check for CSWSH", or ment...
This skill should be used when the user asks to "run PASTA analysis", "PASTA threat model", "risk-centric threat analysis", or invokes /appsec:pasta. Dispatches 7 stages SEQUENTIALLY -- each stage's o...
This skill should be used when the user asks to "check for personal data disclosure", "analyze PII exposure", "find privacy issues related to data leakage", "check for unauthorized data sharing", or m...
This skill should be used when the user asks to "check SOLID violations", "audit class design", "review code quality", "find design smells", or "improve object-oriented architecture". Also triggers wh...
This skill should be used when the user asks to "calculate risk scores", "prioritize mitigations", "generate remediation roadmap", "analyze business impact", or is running PASTA stage 7. Also triggers...
This skill should be used when the user asks to "run STRIDE analysis", "check STRIDE", "threat model with STRIDE", or invokes /appsec:stride. Dispatches 6 category subagents (S-T-R-I-D-E) in parallel...
This skill should be used when the user asks to "generate fuzz inputs", "create fuzz tests", "fuzz test generation", "generate test payloads", "create security test cases", or "generate edge case inpu...
This skill should be used when the user asks to "check for regressions", "verify fixes still hold", "regression test security", "check for reintroduced vulnerabilities", "security regression check", o...
This skill should be used when the user asks to "define technical scope", "map attack surface", "identify entry points", "build a data flow diagram", or is running PASTA stage 2. Also triggers when th...
Showing 18 of 31