hardening AI Agent Skills
Browse 210 skills related to hardening
docker-expert
Docker containerization expert with deep knowledge of multi-stage builds, image optimization, container security, Docker Compose orchestration, and production deployment patterns. Use PROACTIVELY for Dockerfile optimization, container issues, image size problems, security hardening, networking, and orchestration challenges.
security-scanning-security-hardening
Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.
kubernetes-specialist
Use when deploying or managing Kubernetes workloads requiring cluster configuration, security hardening, or troubleshooting. Invoke for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization.
clawdbot-security
Security audit and hardening for Clawdbot/Moltbot installations. Detects exposed gateways, fixes permissions, enables authentication, and guides firewall/Tailscale setup.
moltbot-security
Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups.
openclaw-setup
Set up a complete OpenClaw personal AI assistant from scratch using Claude Code. Walks through AWS provisioning, OpenClaw installation, Telegram bot creation, API configuration, Google Workspace integration, security hardening, and all power features. Give this to Claude Code and it handles the rest.
clawdbot-self-security-audit
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
azure-compliance
Comprehensive Azure compliance and security auditing capabilities including best practices assessment, Key Vault expiration monitoring, and resource configuration validation. USE FOR: compliance scan, security audit, azqr, Azure best practices, Key Vault expiration check, compliance assessment, resource review, configuration validation, expired certificates, expiring secrets, orphaned resources, policy compliance, security posture evaluation. DO NOT USE FOR: deploying resources (use azure-deploy), cost analysis alone (use azure-cost-optimization), active security hardening (use azure-security-hardening), general Azure Advisor queries (use azure-observability).
azure-rbac
Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. USE FOR: "what role should I assign", "least privilege role", "RBAC role for", "role to read blobs", "role for managed identity", "custom role definition", "assign role to identity". DO NOT USE FOR: creating or configuring managed identities, or general Azure security hardening; those are out of scope for this role-selection skill.
evernote-security-basics
Implement security best practices for Evernote integrations. Use when securing API credentials, implementing OAuth securely, or hardening Evernote integrations. Trigger with phrases like "evernote security", "secure evernote", "evernote credentials", "evernote oauth security".
linear-security-basics
Secure API key management and OAuth best practices for Linear. Use when setting up authentication securely, implementing OAuth flows, or hardening Linear integrations. Trigger with phrases like "linear security", "linear API key security", "linear OAuth", "secure linear integration", "linear secrets management".
maintainx-security-basics
Configure MaintainX API security, credential management, and access control. Use when securing API keys, implementing access controls, or hardening your MaintainX integration. Trigger with phrases like "maintainx security", "maintainx api key security", "secure maintainx", "maintainx credentials", "maintainx access control".
clerk-security-basics
Implement security best practices with Clerk authentication. Use when securing your application, reviewing auth implementation, or hardening Clerk configuration. Trigger with phrases like "clerk security", "secure clerk", "clerk best practices", "clerk hardening".
scanning-input-validation-practices
This skill enables Claude to automatically scan source code for potential input validation vulnerabilities. It identifies areas where user-supplied data is not properly sanitized or validated before being used in operations, which could lead to security exploits like SQL injection, cross-site scripting (XSS), or command injection. Use this skill when the user asks to "scan for input validation issues", "check input sanitization", "find potential XSS vulnerabilities", or similar requests related to securing user input. It is particularly useful during code reviews, security audits, and when hardening applications against common web vulnerabilities. The skill leverages the input-validation-scanner plugin to perform the analysis.
llvm-security
Expertise in LLVM security features including sanitizers, hardening techniques, exploit mitigations, and secure compilation. Use this skill when implementing security-focused compiler features, analyzing vulnerabilities, or hardening applications.
aws-security-scanner
AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config
shadow-techniques
Shadow mapping skill for cascaded shadows, contact hardening, and optimization.
gcp-security-scanner
GCP security configuration scanning and hardening using Security Command Center, Forseti, and ScoutSuite
azure-security-scanner
Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
mobile-security
Mobile application security skill for implementing OWASP MASVS compliance, secure storage, certificate pinning, biometric authentication, and security hardening across iOS and Android platforms.
phase-7-seo-security
Skill for enhancing search optimization (SEO) and security. Covers meta tags, semantic HTML, and security vulnerability checks. Use proactively when user asks about search ranking, security hardening, or vulnerability fixes. Triggers: SEO, security, meta tags, XSS, CSRF, 보안, セキュリティ, 安全, seguridad, etiquetas meta, optimización de búsqueda, sécurité, balises méta, optimisation pour les moteurs de recherche, Sicherheit, Meta-Tags, Suchmaschinenoptimierung, sicurezza, tag meta, ottimizzazione per i motori di ricerca Do NOT use for: backend-only APIs, internal tools, or basic development setup.
test-hardening
Convert passed QA Contract criteria to automated tests
system-planning
NixOS system configuration and administration. Use when configuring system services, hardware setup, networking, security hardening, boot configuration, or system maintenance.
configuring-firewalls
Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and bastion hosts. Use when exposing services, hardening servers, or implementing network segmentation with defense-in-depth strategies.
security-hardening
Reduces attack surface across OS, container, cloud, network, and database layers using CIS Benchmarks and zero-trust principles. Use when hardening production infrastructure, meeting compliance requirements, or implementing defense-in-depth security.
operating-kubernetes
Operating production Kubernetes clusters effectively with resource management, advanced scheduling, networking, storage, security hardening, and autoscaling. Use when deploying workloads to Kubernetes, configuring cluster resources, implementing security policies, or troubleshooting operational issues.
bunjs-production
Use when deploying Bun.js to production, containerizing with Docker, setting up AWS ECS/Fargate, implementing Redis caching, hardening security, or configuring CI/CD pipelines. See bunjs for basics, bunjs-architecture for patterns.
performance-security
Use when optimizing performance or reviewing security. Covers code-splitting, React Compiler patterns, asset optimization, a11y testing, and security hardening for React apps.
backend-dev-suite
Backend development comprehensive skill pack (Java coding + database design + security hardening)
Wheels Deployment
Configure Wheels applications for production deployment with security hardening, performance optimization, and environment-specific settings. Use when preparing for production, configuring servers, or hardening security.
aws-cli-beast
Provides comprehensive AWS CLI mastery cloud for advanced engineers. Use for complex AWS resource management, bulk operations, automation scripts, cross-service workflows, security hardening, and high-efficiency CLI patterns across EC2, Lambda, S3, DynamoDB, RDS, VPC, IAM, Bedrock, and CloudWatch. Triggers on "aws beast mode", "optimize aws resources via cli", "bulk s3 migration cli", "audit iam policies beast", "troubleshoot vpc networking cli".
ring:production-readiness-audit
Comprehensive Ring-standards-aligned 44-dimension production readiness audit. Detects project stack, loads Ring standards via WebFetch, and runs in batches of 10 explorers appending incrementally to a single report file. Categories - Structure (pagination, errors, routes, bootstrap, runtime, core deps, naming, domain modeling, nil-safety, api-versioning, resource-leaks), Security (auth, IDOR, SQL, validation, secret-scanning, data-encryption, multi-tenant, rate-limiting, cors), Operations (telemetry, health, config, connections, logging, resilience, graceful-degradation), Quality (idempotency, docs, debt, testing, dependencies, performance, concurrency, migrations, linting, caching), Infrastructure (containers, hardening, cicd, async, makefile, license). Produces scored report (0-430, max 440 with multi-tenant) with severity ratings and standards cross-reference.
docker-compose-production
Use when deploying Docker Compose applications to production including security hardening, resource management, health checks, logging, monitoring, and high-availability patterns.
fnox-security-best-practices
Use when implementing secure secrets management with Fnox. Covers encryption, key management, access control, and security hardening.
mcp-patterns
MCP server building, advanced patterns, and security hardening. Use when building MCP servers, implementing tool handlers, adding authentication, creating interactive UIs, hardening MCP security, or debugging MCP integrations.
api-security-hardening
Secure REST APIs with authentication, rate limiting, CORS, input validation, and security middleware. Use when building or hardening API endpoints against common attacks.
security-headers-configuration
Configure HTTP security headers including CSP, HSTS, X-Frame-Options, and XSS protection. Use when hardening web applications against common attacks.
secrets-rotation
Implement automated secrets rotation for API keys, credentials, certificates, and encryption keys. Use when managing secrets lifecycle, compliance requirements, or security hardening.
security-symfony
Sicherheit & DSGVO - Atoll Tourisme. Use when reviewing security, implementing auth, or hardening code.
security-flutter
Sécurité Flutter. Use when reviewing security, implementing auth, or hardening code.
security-react
Seguranca React. Use when reviewing security, implementing auth, or hardening code.
security-reactnative
Seguridad - Mejores Prácticas de React Native. Use when reviewing security, implementing auth, or hardening code.
security-practices
Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.
discover-security
Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management. Activates for application security, OWASP, and security hardening tasks.
cairo-security
Use when reviewing Cairo contracts for security — common vulnerabilities, audit patterns, production hardening, Cairo-specific pitfalls, L1/L2 bridging safety, session key security, precision/rounding bugs, static analysis tooling. Sourced from 50+ public audits and the Cairo Book.
security-headers-configuration
Configures HTTP security headers to protect against XSS, clickjacking, and MIME sniffing attacks. Use when hardening web applications, passing security audits, or implementing Content Security Policy.
api-security-hardening
REST API security hardening with authentication, rate limiting, input validation, security headers. Use for production APIs, security audits, defense-in-depth, or encountering vulnerabilities, injection attacks, CORS issues.
webapp-nikto
Web server vulnerability scanner for identifying security issues, misconfigurations, and outdated software versions. Use when: (1) Conducting authorized web server security assessments, (2) Identifying common web vulnerabilities and misconfigurations, (3) Detecting outdated server software and known vulnerabilities, (4) Performing compliance scans for web server hardening, (5) Enumerating web server information and enabled features, (6) Validating security controls and patch levels.