Agent Skills
Instruction packs that give your AI agent know-how. Three different kinds — pick the right one below.
✦ Standalone skills2,933
Self-contained. Install one into any project and it works on its own — no other software needed.
🧰 Tool add-ons725
Come bundled with a specific tool and only work together with it — they teach your agent how to operate that tool.
postgresql-code-review
✓★ 36,200by github
PostgreSQL code review assistant covering JSONB, arrays, custom types, schema design, and security best practices. Reviews JSONB operations for indexing efficiency, array usage with GIN indexes, and proper containment operators Evaluates schema design including ENUM types, CITEXT for case-insensitive data, TIMESTAMPTZ usage, and CHECK constraints Identifies anti-patterns in function optimization, trigger design, and extension usage Assesses Row Level Security (RLS) implementation, privilege...
agent-owasp-compliance
✓★ 36,200by github
Evaluate AI agent systems against the OWASP Agentic Security Initiative (ASI) Top 10 — the industry standard for agent security posture.
security-review
✓★ 36,200by github
AI-powered codebase security scanner that reasons about code like a security researcher — tracing data flows, understanding component interactions, and…
azure-keyvault-py
✓★ 2,700by microsoft
Secure storage and management for secrets, cryptographic keys, and certificates.
azure-security-keyvault-keys-dotnet
✓★ 2,700by microsoft
Client library for managing cryptographic keys in Azure Key Vault and Managed HSM.
azure-keyvault-py
✓★ 2,700by microsoft
Secure storage and management for secrets, cryptographic keys, and certificates.
azure-keyvault-keys-rust
✓★ 2,700by microsoft
Client library for Azure Key Vault Keys — secure storage and management of cryptographic keys.
azure-security-keyvault-keys-java
✓★ 2,700by microsoft
Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify…
azure-security-keyvault-keys-dotnet
✓★ 2,700by microsoft
Client library for managing cryptographic keys in Azure Key Vault and Managed HSM.
azure-keyvault-keys-rust
✓★ 2,700by microsoft
Client library for Azure Key Vault Keys — secure storage and management of cryptographic keys.
azure-security-keyvault-keys-java
✓★ 2,700by microsoft
Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify…
owasp-top-10
✓★ 1,200by microsoft
OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application…
owasp-infrastructure
✓★ 1,200by microsoft
OWASP Infrastructure Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in internal IT infrastructure environments…
security-review
✓★ 844by sentry
Systematic security code review identifying high-confidence vulnerabilities with data-flow verification. Focuses exclusively on HIGH CONFIDENCE findings: vulnerable patterns with confirmed attacker-controlled input, skipping theoretical issues and framework-mitigated code Requires codebase research before reporting: traces data flow, checks for validation/sanitization, and verifies exploitability rather than pattern-matching alone Covers 14 vulnerability categories (injection, XSS,...
find-bugs
✓★ 844by sentry
Comprehensive code review identifying bugs, security vulnerabilities, and quality issues in branch changes. Executes a structured five-phase review process: gathering the complete diff, mapping attack surfaces, running a detailed security checklist, verifying findings, and auditing coverage before conclusions Security checklist covers 11 critical areas including injection, XSS, authentication, authorization, CSRF, race conditions, session management, cryptography, information disclosure,...
security-review
✓★ 844by sentry
Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP…
find-bugs
✓★ 844by sentry
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit…
firebase-app-hosting-basics
✓★ 370by firebase
Deploy and manage full-stack web apps with Firebase App Hosting using Next.js, Angular, and other supported frameworks. Requires Firebase project on Blaze pricing plan; supports Server-Side Rendering (SSR) and Incremental Static Regeneration (ISR) workflows Deploy via firebase.json configuration with optional apphosting.yaml for backend setup, or enable automated "git push to deploy" through GitHub integration Includes secret management via CLI commands for secure access to sensitive keys...
AWS Cost & Operations
★ 326by zxkane
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
code-security
★ 232by semgrep
Security guidelines for writing secure code. Use when writing code, reviewing code for vulnerabilities, or asking about secure coding practices like 'check for…
Security Skills
Security Skills - Discover reusable skills for AI coding agents like Claude Code, Codex, and more. Each skill is a package of instructions and code that teaches your agent to perform specialized tasks and automate complex workflows.