> browse/registry

found 86 skills in registry

> grc-messaging-guardrails

Validates compliance, security, and GRC terminology in marketing copy. Enforces accurate claims, prevents common mistakes (e.g., calling SOC 2 a "certification"), and applies risk-first narrative framing for B2B SaaS audiences. Use when writing or reviewing any marketing content that references compliance frameworks, security standards, regulatory requirements, or audit processes. Also use when creating ads, landing pages, emails, case studies, or sales collateral for GRC/cybersecurity B2B SaaS

#audit#ruby#security⭐ 1

Stallin-Sanamandra

> accessibility-auditor

Audit web pages and components for WCAG 2.2 accessibility compliance. Use when a user asks to check accessibility, find a11y issues, audit for WCAG compliance, fix screen reader problems, check color contrast, ensure keyboard navigation works, or prepare for accessibility regulations like the European Accessibility Act or ADA.

#audit#frontend⭐ 1

TerminalSkills

> checkov

Expert guidance for Checkov, the static analysis tool for infrastructure-as-code that scans Terraform, CloudFormation, Kubernetes, Helm, Dockerfile, and ARM templates for security misconfigurations and compliance violations. Helps developers integrate Checkov into CI/CD pipelines and write custom policies.

#audit#aws#azure⭐ 1

TerminalSkills

> kyverno

Expert guidance for Kyverno, the Kubernetes-native policy engine that validates, mutates, and generates resources using YAML policies (no Rego required). Helps developers enforce security policies, automate resource defaults, and ensure compliance across Kubernetes clusters.

#audit#kubernetes#security⭐ 1

TerminalSkills

> velero

Velero for Kubernetes backup and disaster recovery. Use when the user needs to back up cluster resources and persistent volumes, restore workloads, migrate between clusters, or schedule automated backups.

#audit#kubernetes⭐ 1

TerminalSkills

> schemathesis

Automatically test APIs by generating test cases from OpenAPI/GraphQL schemas. Use when tasks involve API fuzzing, finding edge cases in REST or GraphQL APIs, testing schema compliance, generating property-based tests from API specs, finding crashes and 500 errors, or validating API contracts. Schemathesis generates thousands of test cases from your schema and finds bugs that manual testing misses.

#audit#backend#fuzzing⭐ 1

TerminalSkills

> gdpr-compliance

Automate GDPR and privacy compliance for web applications. Use when someone asks to "make the app GDPR compliant", "add cookie consent", "handle data deletion requests", "audit PII", "data subject access request", or "privacy policy generator". Covers PII auditing, consent management, data subject request endpoints, retention policies, and privacy policy generation.

#audit⭐ 1

TerminalSkills

> privacy-policy

Draft a detailed privacy policy covering data types, jurisdiction, GDPR and compliance considerations, and clauses needing legal review. Use when creating a privacy policy, updating data protection documentation, or preparing for compliance.

#audit

phuryn

> plugin-validator

Validate automatically validates AI assistant code plugin structure, schemas, and compliance when user mentions validate plugin, check plugin, or plugin errors. runs comprehensive validation specific to AI assistant-code-plugins repository standards. Use when validating configurations or code. Trigger with phrases like 'validate', 'check', or 'verify'.

#audit

jeremylongshore

> axiom-app-store-submission

Use when preparing ANY app for App Store submission, responding to App Review rejections, or running a pre-submission audit. Covers privacy manifests, metadata requirements, IAP review, account deletion, SIWA, age ratings, export compliance, first-time developer setup.

#audit

CharlesWiltgen

> plugin-auditor

Audit automatically audits AI assistant code plugins for security vulnerabilities, best practices, AI assistant.md compliance, and quality standards when user mentions audit plugin, security review, or best practices check. specific to AI assistant-code-plugins repositor... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.

#audit#security

jeremylongshore

> best-practices

Apply modern web development best practices for security, compatibility, and code quality. Use when asked to "apply best practices", "security audit", "modernize code", "code quality review", or "check for vulnerabilities". Do NOT use for accessibility (use web-accessibility), SEO (use seo), performance (use core-web-vitals), or comprehensive multi-area audits (use web-quality-audit).

#audit#frontend#security

tech-leads-club

> security-scanning-security-sast

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

#audit#security#testing

rmyndharis

> database-admin

Expert database administrator specializing in modern cloud databases, automation, and reliability engineering. Masters AWS/Azure/GCP database services, Infrastructure as Code, high availability, disaster recovery, performance optimization, and compliance. Handles multi-cloud strategies, container databases, and cost optimization. Use PROACTIVELY for database architecture, operations, or reliability engineering.

#audit#aws#azure

rmyndharis

> axiom-shipping

Use when preparing ANY app for submission, handling App Store rejections, writing appeals, or managing App Store Connect. Covers submission checklists, rejection troubleshooting, metadata requirements, privacy manifests, age ratings, export compliance.

#audit

CharlesWiltgen

> openclaw-audit-watchdog

Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.

#audit#security

prompt-security

> performing-security-code-review

This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, asks for a code review with a focus on security, or mentions security concerns related to code. The security-agent plugin then provides structured security findings with severity ratings, code locations,

#audit#auth#security

jeremylongshore

> common-accessibility

Enforce WCAG 2.2 AA compliance with semantic HTML, ARIA roles, keyboard navigation, and color contrast standards for web UIs. Use when building interactive components, adding form labels, fixing focus traps, or auditing a11y compliance. (triggers: **/*.tsx, **/*.jsx, **/*.html, **/*.vue, **/*.component.html, accessibility, a11y, wcag, aria, screen reader, focus, alt text)

#audit#frontend#react

HoangNguyen0403

> axiom-app-store-ref

Use when looking up ANY App Store metadata field requirement, privacy manifest schema, age rating tier, export compliance decision, EU DSA trader status, IAP review pipeline, or WWDC25 submission change. Covers character limits, screenshot specs, encryption decision tree, account deletion rules.

#audit

CharlesWiltgen

> prompt-agent

Security audit enforcement for AI agents. Automated security scans and health verification.

#agent#audit#security

prompt-security

load --more

$ loading registry▋