Labsco

Agent Skills

Instruction packs that give your AI agent know-how. Three different kinds — pick the right one below.

microsoft logo

owasp-llm

1,200

by microsoft

OWASP Top 10 for LLM Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in large language model…

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

secure-by-design

1,200

by microsoft

Secure by Design principles knowledge base for assessing adherence to security-first design, development, and deployment practices across the software…

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

owasp-cicd

1,200

by microsoft

OWASP CI/CD Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in continuous integration and continuous delivery…

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

owasp-mcp

1,200

by microsoft

OWASP MCP Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in Model Context Protocol environments - Brought to…

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

django-access-review

844

by sentry

Django access control and IDOR security review. Use when reviewing Django views, DRF viewsets, ORM queries, or any Python/Django code handling user…

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

django-access-review

844

by sentry

Django access control and IDOR security review. Use when reviewing Django views, DRF viewsets, ORM queries, or any Python/Django code handling user…

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

skill-scanner

844

by sentry

Automated security scanning for agent skills before installation, detecting prompt injection, malicious code, excessive permissions, and supply chain risks. Runs static analysis via bundled Python scanner that outputs structured JSON findings with severity levels and URLs Validates SKILL.md frontmatter (required fields, tool justification, model overrides) and checks for config poisoning or scope creep in instructions Analyzes scripts for data exfiltration, reverse shells, credential theft,...

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

skill-scanner

844

by sentry

Scan agent skills for security issues. Use when asked to "scan a skill",

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

security-review

844

by sentry

Systematic security code review identifying high-confidence vulnerabilities with data-flow verification. Focuses exclusively on HIGH CONFIDENCE findings: vulnerable patterns with confirmed attacker-controlled input, skipping theoretical issues and framework-mitigated code Requires codebase research before reporting: traces data flow, checks for validation/sanitization, and verifies exploitability rather than pattern-matching alone Covers 14 vulnerability categories (injection, XSS,...

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeAdvanced setup
getsentry logo

gha-security-review

844

by sentry

GitHub Actions security review for workflow exploitation vulnerabilities. Use when asked to "review GitHub Actions", "audit workflows", "check CI security",…

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeAdvanced setup
getsentry logo

find-bugs

844

by sentry

Comprehensive code review identifying bugs, security vulnerabilities, and quality issues in branch changes. Executes a structured five-phase review process: gathering the complete diff, mapping attack surfaces, running a detailed security checklist, verifying findings, and auditing coverage before conclusions Security checklist covers 11 critical areas including injection, XSS, authentication, authorization, CSRF, race conditions, session management, cryptography, information disclosure,...

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

code-review

844

by sentry

Code review framework following Sentry engineering practices for pull requests and code quality assessment. Covers six key problem areas: runtime errors, performance bottlenecks, side effects, backwards compatibility, ORM query issues, and security vulnerabilities Includes design assessment guidance for component interactions, architectural alignment, and requirement conflicts Requires appropriate test coverage across functional, integration, and end-to-end tests with verification of edge...

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
getsentry logo

security-review

844

by sentry

Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP…

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeAdvanced setup
getsentry logo

gha-security-review

844

by sentry

GitHub Actions security review for workflow exploitation vulnerabilities. Use when asked to "review GitHub Actions", "audit workflows", "check CI security",…

🔌 Part of the skills plugin

🔥🔥🔥🔥✓ VerifiedFreeAdvanced setup
getsentry logo

find-bugs

844

by sentry

Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit…

🔌 Part of the skills plugin

🔥🔥🔥✓ VerifiedFreeQuick setup
hashicorp logo

terraform-style-guide

697

by hashicorp

Generate and maintain Terraform code following HashiCorp's official style conventions. Enforces two-space indentation, lowercase underscore naming, and standard file organization across terraform.tf , providers.tf , main.tf , variables.tf , outputs.tf , and locals.tf Requires type and description on all variables and outputs, with validation rules and sensitive flag support for credentials Prioritizes for_each over count for dynamic resources, applies security hardening (encryption, private...

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-auth-basics

370

by firebase

Set up Firebase Authentication with multiple identity providers and secure data access rules. Supports email/password, phone number, anonymous, federated providers (Google, Facebook, Twitter, GitHub, Microsoft, Apple), and custom auth integration Each authenticated user receives a unique ID and JWT-based tokens (short-lived ID tokens and long-lived refresh tokens) for accessing Firebase services Enable providers via CLI for Google Sign In, anonymous, and email/password; use Firebase Console...

🔌 Part of the agent-skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-app-hosting-basics

370

by firebase

Deploy and manage full-stack web apps with Firebase App Hosting using Next.js, Angular, and other supported frameworks. Requires Firebase project on Blaze pricing plan; supports Server-Side Rendering (SSR) and Incremental Static Regeneration (ISR) workflows Deploy via firebase.json configuration with optional apphosting.yaml for backend setup, or enable automated "git push to deploy" through GitHub integration Includes secret management via CLI commands for secure access to sensitive keys...

🔌 Part of the agent-skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-ai-logic-basics

370

by firebase

Official skill for integrating Firebase AI Logic (Gemini API) into web applications. Covers setup, multimodal inference, structured output, and security.

🔌 Part of the agent-skills plugin

🔥🔥🔥✓ VerifiedAccount requiredQuick setup
firebase logo

firebase-security-rules-auditor

370

by firebase

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are…

🔌 Part of the agent-skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-firestore

370

by firebase

Before setting up dependencies, writing data models, or configuring security rules, you MUST always identify the Firestore instance edition.

🔌 Part of the agent-skills plugin

🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-security-rules-auditor

370

by firebase

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are…

🔌 Part of the agent-skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-firestore

370

by firebase

Before setting up dependencies, writing data models, or configuring security rules, you MUST always identify the Firestore instance edition.

🔌 Part of the agent-skills plugin

🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-auth-basics

370

by firebase

Set up Firebase Authentication with multiple identity providers and secure data access. Supports email/password, phone number, anonymous, federated providers (Google, Facebook, Twitter, GitHub, Microsoft, Apple), and custom auth integration Users are identified by unique UIDs with optional properties including email, display name, photo URL, and email verification status Authentication via CLI enables Google Sign In, anonymous auth, and email/password; other providers require Firebase...

🔌 Part of the agent-skills plugin

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
firebase logo

firebase-ai-logic-basics

370

by firebase

Official skill for integrating Firebase AI Logic (Gemini API) into web applications. Covers setup, multimodal inference, structured output, and security.

🔌 Part of the agent-skills plugin

🔥🔥🔥✓ VerifiedAccount requiredQuick setup
microsoft logo

azure-compliance

226

by Azure

Comprehensive Azure compliance and security auditing capabilities including best practices assessment, Key Vault expiration monitoring, and resource configuration validation.

🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

azure-aigateway

226

by Azure

Configure Azure API Management (APIM) as AI Gateway to secure, observe, control AI models, MCP servers, agents. Helps with rate limiting, semantic caching, content safety, load balancing.

🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

dv-security

161

by microsoft

Security-role assignment, user access, application users, business units, and admin self-elevation in Dataverse environments. Use when the user wants to give…

🔥🔥🔥✓ VerifiedFreeQuick setup
redis logo

redis-development

82

by redis

Redis performance optimization across data structures, query engines, vector search, and semantic caching. Covers 29 prioritized rules across 11 categories including data modeling, memory management, Redis Query Engine (RQE), vector search with RedisVL, and LangCache semantic caching Provides structured guidance for connection pooling, JSON document handling, streams, clustering, security (ACLs), and observability Each rule includes explanations, correct examples, anti-patterns or usage...

🔥🔥🔥🔥✓ VerifiedFreeQuick setup
microsoft logo

security-alert-review

24

by microsoft

List and review Advanced Security alerts for an Azure DevOps repository. Shows dependency vulnerabilities, secret exposure, and code scanning findings with…

🔥🔥🔥✓ VerifiedFreeQuick setup
← PrevPage 3 of 4Next →