prevention AI Agent Skills
Browse 224 skills related to prevention
django-security
Django security best practices, authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure deployment configurations.
graphql
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
frontend-security-coder
Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns.
frontend-mobile-security-xss-scan
You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention. Analyze React, Vue, Angular, and vanilla JavaScript code to identify injection poi
churn-prevention
Use when the user wants to reduce churn, build cancellation flows, set up save offers, recover failed payments, or implement retention strategies. Also use when the user mentions "churn," "cancel flow," "offboarding," "save offer," "dunning," "failed payment recovery," "win-back," "retention," "exit survey," "pause subscription," or "involuntary churn." This skill covers voluntary churn (cancel flows, save offers, exit surveys) and involuntary churn (dunning, payment recovery). For post-cancel win-back email sequences, see email-sequence. For in-app upgrade paywalls, see paywall-upgrade-cro.
secure-code-guardian
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention.
backtest-expert
Expert guidance for systematic backtesting of trading strategies. Use when developing, testing, stress-testing, or validating quantitative trading strategies. Covers "beating ideas to death" methodology, parameter robustness testing, slippage modeling, bias prevention, and interpreting backtest results. Applicable when user asks about backtesting, strategy validation, robustness testing, avoiding overfitting, or systematic trading development.
ClawGateSecure
Advanced security protocol for LLM agents focusing on Prompt Injection mitigation, code auditing, and data exfiltration prevention.
mermaid-visualizer
Transform text content into professional Mermaid diagrams for presentations and documentation. Use when users ask to visualize concepts, create flowcharts, or make diagrams from text. Supports process flows, system architectures, comparisons, mindmaps, and more with built-in syntax error prevention.
detecting-database-deadlocks
This skill uses the database-deadlock-detector plugin to detect, analyze, and prevent database deadlocks. It monitors database lock contention, analyzes transaction patterns, and suggests resolution strategies. Use this skill when the user asks to "detect database deadlocks", "analyze deadlock causes", "monitor database locks", or any requests related to database deadlock prevention and resolution. This skill is particularly useful for production database systems experiencing recurring deadlock issues. The plugin's command `/deadlock` is triggered by these requests.
AI Writing Detection
Comprehensive AI writing detection patterns and methodology. Provides vocabulary lists, structural patterns, model-specific fingerprints, and false positive prevention guidance. Use when analyzing text for AI authorship or understanding detection patterns.
ai-writing-detection
Comprehensive AI writing detection patterns and methodology. Provides vocabulary lists, structural patterns, model-specific fingerprints, and false positive prevention guidance. Use when analyzing text for AI authorship or understanding detection patterns.
family-health-analyzer
Analyze family health history, assess genetic risks, identify family health patterns, and provide personalized prevention advice
caching-strategies
Implement multi-layer caching with Redis, in-memory, and HTTP caching. Covers cache invalidation, stampede prevention, and cache-aside patterns.
skill-creator
Design effective Claude Code skills with optimal descriptions, progressive disclosure, and error prevention patterns. Covers freedom levels, token efficiency, and quality standards. Use when: creating new skills, improving skill descriptions, optimizing token usage, structuring skill content, or debugging why skills aren't being discovered.
responsive-images
Implement performant responsive images with srcset, sizes, lazy loading, and modern formats (WebP, AVIF). Covers aspect-ratio for CLS prevention, picture element for art direction, and fetchpriority for LCP optimization. Use when: adding images to pages, optimizing Core Web Vitals, preventing layout shift, implementing art direction, or converting to modern formats.
axiom-synchronization
Use when needing thread-safe primitives for performance-critical code. Covers Mutex (iOS 18+), OSAllocatedUnfairLock (iOS 16+), Atomic types, when to use locks vs actors, deadlock prevention with Swift Concurrency.
prompt-injection-detector
Prompt injection detection and prevention for secure LLM applications
web-security
OWASP Top 10, security headers, CSP, XSS prevention, and vulnerability prevention.
cost-of-quality-analyzer
Cost of Quality analysis skill with prevention, appraisal, internal failure, and external failure cost tracking
secure-coding-training-skill
Developer security training and assessment for secure coding practices and vulnerability prevention
debugging-dags
Comprehensive DAG failure diagnosis and root cause analysis. Use for complex debugging requests requiring deep investigation like "diagnose and fix the pipeline", "full root cause analysis", "why is this failing and how to prevent it". For simple debugging ("why did dag fail", "show logs"), the airflow entrypoint skill handles it directly. This skill provides structured investigation and prevention recommendations.
qe-shift-left-testing
Move testing activities earlier in the development lifecycle to catch defects when they're cheapest to fix. Use when implementing TDD, CI/CD, or early quality practices.
shift-left-testing
Move testing activities earlier in the development lifecycle to catch defects when they're cheapest to fix. Use when implementing TDD, CI/CD, or early quality practices.
payuni-webhook
Implements PAYUNi webhook handling including signature verification, replay attack prevention, and payment status updates. Use when building payment notification endpoints for 統一金流.
building-with-sqlmodel-async
Use when building async database layers with SQLModel and PostgreSQL. Triggers include async session management, create_async_engine, SQLModel relationships, CRUD operations with async/await, N+1 prevention with selectinload, JSONB columns, self-referential models, or Alembic async migrations. NOT when using sync SQLAlchemy (use sync patterns) or raw SQL (use SQLModel ORM).
ml-rigor
Enforces baseline comparisons, cross-validation, interpretation, and leakage prevention for ML pipelines
payment-integration
Expert payment integration specialist mastering payment gateway integration, PCI compliance, and financial transaction processing. Specializes in secure payment flows, multi-currency support, and fraud prevention with focus on reliability, compliance, and seamless user experience.
postmortem
Use when analyzing failures, outages, incidents, or negative outcomes, conducting blameless postmortems, documenting root causes with 5 Whys or fishbone diagrams, identifying corrective actions with owners and timelines, learning from near-misses, establishing prevention strategies, or when user mentions postmortem, incident review, failure analysis, RCA, lessons learned, or after-action review.
PHP Security Patterns
Use when essential PHP security patterns including input validation, SQL injection prevention, XSS protection, CSRF tokens, password hashing, secure session management, and defense-in-depth strategies for building secure PHP applications.
fix-issue
Fixes GitHub issues with parallel analysis. Use to debug errors, resolve regressions, fix bugs, or triage issues.
security-patterns
Security patterns for authentication, defense-in-depth, input validation, OWASP Top 10, LLM safety, and PII masking. Use when implementing auth flows, security layers, input sanitization, vulnerability prevention, prompt injection defense, or data redaction.
sql-injection-prevention
Prevent SQL injection attacks using prepared statements, parameterized queries, and input validation. Use when building database-driven applications securely.
security-practices
Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.
Secret Detection & Prevention
Automated detection and prevention of leaked secrets, API keys, passwords, and tokens in code using tools like gitleaks, trufflehog, and pre-commit hooks.
E2E Testing Patterns
Comprehensive end-to-end testing methodologies and best practices covering architecture, test design, data management, flakiness prevention, and cross-browser strategies.
LLM Security Testing
Security testing for LLM-powered applications including prompt injection, jailbreak detection, data leakage prevention, and AI safety testing.
Database Performance Testing
Database performance testing including query optimization, index analysis, connection pooling, slow query detection, and N+1 query prevention.
Authorization Testing Patterns
Role-based and attribute-based access control testing including permission matrices, privilege escalation prevention, and resource-level authorization.
Concurrency Testing Patterns
Testing concurrent code including race condition detection, deadlock prevention, thread safety verification, and parallel execution correctness.
Multi-Tenant Testing
Testing multi-tenant application isolation including data segregation, tenant-specific configuration, cross-tenant access prevention, and performance isolation.
Regression Suite from Bug Reports
Convert bug reports and incident post-mortems into automated regression tests that prevent recurrence of previously discovered defects.
Form Validation Breaker
Exhaustive testing of form validation logic including boundary values, injection payloads, encoding edge cases, and client-server validation bypass techniques
Cron Job & Scheduled Task Testing
Testing scheduled tasks and cron jobs including execution timing, idempotency, failure recovery, overlap prevention, and timezone handling.
attio-mcp-usage
Provides universal workflow patterns and best practices for using the Attio MCP server. Complements the attio-workspace-schema skill with HOW-TO guidance for MCP tools and error prevention.
premortem
Pre-mortem analysis that imagines a plan has failed, then works backward to identify causes and preventions. Use before launches, major decisions, or risky initiatives to surface hidden risks.
incident-reporting
Construction safety incident reporting and analysis. Capture incidents, conduct investigations, track corrective actions, and analyze trends for prevention.
crisis-response-protocol
Handle mental health crisis situations in AI coaching safely. Use when implementing crisis detection, safety protocols, emergency escalation, or suicide prevention features. Activates for crisis keywords, safety planning, hotline integration, and risk assessment.