security headers AI Agent Skills

Browse 44 skills related to security headers

analyzing-security-headers

1.5k
Jeremylongshore Claude Code Plugins Plus Skills Analyzing Security HeadersJeremylongshore Claude Code Plugins Plus Skills Analyzing Security Headers

Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations. Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications. Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".

132 days ago

security-headers-generator

1.5k
jeremylongshorejeremylongshore

Security Headers Generator - Auto-activating skill for Security Fundamentals. Triggers on: security headers generator, security headers generator Part of the Security Fundamentals skill category.

133 days ago

web-security

376
a5c-aia5c-ai

OWASP Top 10, security headers, CSP, XSS prevention, and vulnerability prevention.

133 days ago

configuring-nginx

296
ancolemanancoleman

Configure nginx for static sites, reverse proxying, load balancing, SSL/TLS termination, caching, and performance tuning. When setting up web servers, application proxies, or load balancers, this skill provides production-ready patterns with modern security best practices for TLS 1.3, rate limiting, and security headers.

133 days ago

Laravel Sessions & Middleware

279
HoangNguyen0403HoangNguyen0403

Expert standards for session drivers, security headers, and middleware logic.

133 days ago

spring-boot-rest-api-standards

126
giuseppe-trisciuogliogiuseppe-trisciuoglio

Provides REST API design standards and best practices for Spring Boot projects. Use when creating or reviewing REST endpoints, DTOs, error handling, pagination, security headers, HATEOAS and architecture patterns.

133 days ago

security-headers-configuration

95
aj-geddesaj-geddes

Configure HTTP security headers including CSP, HSTS, X-Frame-Options, and XSS protection. Use when hardening web applications against common attacks.

133 days ago

security-patterns

95
koralliskorallis

Implement comprehensive security patterns to protect applications against OWASP Top 10 vulnerabilities including XSS, CSRF, SQL injection, authentication bypass, and data exposure. Use when handling user data, implementing authentication and authorization, validating input, encrypting sensitive data, preventing injection attacks, securing API endpoints, managing sessions and tokens, implementing rate limiting, configuring security headers, or building security-critical features that require defense-in-depth protection.

133 days ago

aws-cloudfront-cdn

95
aj-geddesaj-geddes

Distribute content globally using CloudFront with caching, security headers, WAF integration, and origin configuration. Use for low-latency content delivery.

133 days ago

security-nextjs

88
IgorWarzochaIgorWarzocha

Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers

133 days ago

discover-security

76
randrand

Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management. Activates for application security, OWASP, and security hardening tasks.

133 days ago

OWASP Security Testing

71
PramodDuttaPramodDutta

Security testing skill based on OWASP Top 10, covering ZAP scanning, security headers, input validation, authentication, and authorization testing.

owaspsecurityzap+3
132 days ago

security-headers-configuration

69
secondskysecondsky

Configures HTTP security headers to protect against XSS, clickjacking, and MIME sniffing attacks. Use when hardening web applications, passing security audits, or implementing Content Security Policy.

133 days ago

api-authentication

69
secondskysecondsky

Secure API authentication with JWT, OAuth 2.0, API keys. Use for authentication systems, third-party integrations, service-to-service communication, or encountering token management, security headers, auth flow errors.

133 days ago

api-security-hardening

69
secondskysecondsky

REST API security hardening with authentication, rate limiting, input validation, security headers. Use for production APIs, security audits, defense-in-depth, or encountering vulnerabilities, injection attacks, CORS issues.

133 days ago

API Security

31
melodic-softwaremelodic-software

Comprehensive API security guidance covering authentication methods, rate limiting, input validation, CORS, security headers, and protection against OWASP API Top 10 vulnerabilities. Use when designing API authentication, implementing rate limiting, configuring CORS, setting security headers, or reviewing API security.

133 days ago

security

29
omer-metinomer-metin

One breach = game over. Threat modeling, OWASP Top 10, secure coding, security architecture, zero trust. The complete security skill for protecting your application from day one. Security isn't a feature you add later - it's a mindset that shapes every decision. This skill covers application security, not infrastructure security. Use when "security, owasp, xss, sql injection, csrf, authentication, authorization, secrets, api key, vulnerability, secure coding, security headers, rate limiting, input validation, sanitize, escape, security, owasp, authentication, authorization, vulnerabilities, secure-coding" mentioned.

132 days ago

ssl-helper

25
armanzeroeightarmanzeroeight

Configures SSL/TLS certificates, implements secure protocols and ciphers, and sets up security headers. Use when setting up HTTPS, SSL certificates, TLS configuration, or web security hardening.

133 days ago

security-headers

22
CuriousLearnerCuriousLearner

Validate and implement HTTP security headers to protect web applications.

133 days ago

salvo-cors

14
salvo-rssalvo-rs

Configure Cross-Origin Resource Sharing (CORS) and security headers. Use for APIs accessed from browsers on different domains.

132 days ago

secure-headers-csp-builder

12
patricio0312revpatricio0312rev

Implements security headers and Content Security Policy with safe rollout strategy (report-only → enforce), testing, and compatibility checks. Use for "security headers", "CSP", "HTTP headers", or "XSS protection".

133 days ago

nginx

9
TerminalSkillsTerminalSkills

Assists with configuring Nginx as a web server, reverse proxy, and load balancer. Use when serving static files, proxying to application servers, setting up TLS termination, configuring caching, rate limiting, or writing security headers. Trigger words: nginx, reverse proxy, load balancer, tls, ssl, server block, location block.

133 days ago

analyzing-security-headers

8
BbgnsurfTechBbgnsurfTech

Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations. Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications. Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".

133 days ago

Sentinel

8
simotasimota

A static security analysis agent. Responsible for detecting hardcoded secrets, preventing SQL injection, performing input validation, configuring security headers, and scanning dependencies for CVEs. Used for security audits and when vulnerability fixes are required.

133 days ago

security-nextjs

6
justinlevinedotmejustinlevinedotme

Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers

132 days ago

remediation-config

6
ZateZate

Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.

133 days ago

aws-s3-cloudfront

5
Hack23Hack23

AWS S3 bucket configuration, CloudFront distribution setup, security headers (CSP, HSTS), cache policies, and SSL/TLS configuration

133 days ago

security-checklist

5
webdevtodayjasonwebdevtodayjason

Comprehensive security checklist covering OWASP Top 10, SQL injection, XSS, CSRF, authentication, authorization, secrets management, input validation, and security headers. Use when scanning for vulnerabilities, reviewing security, implementing authentication/authorization, or handling sensitive data.

132 days ago

audit-security

4
pwittchenpwittchen

Quick security audit checking for hardcoded secrets, SSRF vectors, injection points, dependency issues, and missing security headers

133 days ago

vibe-security

4
0x85060x8506

Security intelligence for code analysis. Detects SQL injection, XSS, CSRF, authentication issues, crypto failures, and more. Actions: scan, analyze, fix, audit, check, review, secure, validate, sanitize, protect. Languages: JavaScript, TypeScript, Python, PHP, Java, Go, Ruby. Frameworks: Express, Django, Flask, Laravel, Spring, Rails. Vulnerabilities: SQL injection, XSS, CSRF, authentication bypass, authorization issues, command injection, path traversal, insecure deserialization, weak crypto, sensitive data exposure. Topics: input validation, output encoding, parameterized queries, password hashing, session management, CORS, CSP, security headers, rate limiting, dependency scanning.

133 days ago

orchardcore-security

3
CrestAppsCrestApps

Skill for configuring security and authorization in Orchard Core. Covers permission definitions, authorization services, CORS, security headers, content security policies, and OpenID Connect.

133 days ago

configure-nginx

2
pjt222pjt222

Configure Nginx as a web server and reverse proxy. Covers static file serving, reverse proxy to upstream services, SSL/TLS termination with Let's Encrypt, location blocks, load balancing, rate limiting, and security headers. Use when serving static files in production, reverse proxying to backend services (Node.js, Python, R/Shiny), terminating SSL/TLS, load balancing across instances, or adding rate limiting and security headers to harden an endpoint.

132 days ago

configure-nginx

2
pjt222pjt222

Configure Nginx as a web server and reverse proxy. Covers static file serving, reverse proxy to upstream services, SSL/TLS termination with Let's Encrypt, location blocks, load balancing, rate limiting, and security headers. Use when serving static files in production, reverse proxying to backend services (Node.js, Python, R/Shiny), terminating SSL/TLS, load balancing across instances, or adding rate limiting and security headers to harden an endpoint.

132 days ago

performing-security-headers-audit

2
mukul975mukul975

Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing or misconfigured browser-level protections.

penetration-testingsecurity-headerscsp+4
132 days ago

security-headers

1
wshaddixwshaddix

Security headers configuration and best practices for ASP.NET Core Razor Pages applications. Covers CSP, HSTS, X-Frame-Options, and comprehensive security middleware setup. Use when configuring security headers in ASP.NET Core applications, implementing Content Security Policy (CSP), or setting up HSTS and other security-related HTTP headers.

132 days ago

OWASP Security Testing

1
KaliBellionKaliBellion

Security testing skill based on OWASP Top 10, covering ZAP scanning, security headers, input validation, authentication, and authorization testing.

owaspsecurityzap+3
132 days ago

analyzing-security-headers

nivkazdannivkazdan

Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations. Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications. Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".

133 days ago

security-review

medy-gribkovmedy-gribkov

Code security review covering OWASP Top 10, injection prevention (SQL, XSS, command injection), authentication and authorization patterns, secrets management, dependency vulnerability scanning, input validation, CORS, CSRF, rate limiting, and security headers. Language-agnostic with examples in JavaScript, Python, and Go. Use when reviewing code for security or hardening an application.

132 days ago

nextjs-mastery

UmarFarooqOO7UmarFarooqOO7

Next.js 15/16 App Router patterns and best practices — Server Components, streaming, parallel routes, intercepting routes, Server Actions, route handlers, caching ("use cache"), metadata, Auth.js v5, i18n, error handling, security headers, proxy.ts, React Compiler, and Turbopack. Use when building Next.js applications, implementing SSR/SSG, choosing between Server and Client Components, optimizing data fetching and caching, setting up authentication, or configuring security.

133 days ago

Security & Trust

BartWaardenburgBartWaardenburg

Fixes security and trust issues — configures HTTPS, HSTS, Content-Security-Policy, X-Content-Type-Options, frame protection, CORS, and Referrer-Policy headers so AI agents and platforms trust the website for interaction. Use when asked to "fix security headers", "add HSTS", "configure CSP", "fix HTTPS", "improve security score", "add security headers", "fix CORS", "add Referrer-Policy", or any security header configuration task.

132 days ago

SEO — Technical

royaluniondesign-sysroyaluniondesign-sys

Technical SEO audit across 8 categories: crawlability, indexability, security, URL structure, mobile, Core Web Vitals, structured data, and JavaScript rendering. Use when user says "technical SEO", "crawl issues", "robots.txt", "Core Web Vitals", "site speed", or "security headers".

132 days ago

Security Headers Checker

faahimfaahim

Audit HTTP security headers for any URL — get a security score, detailed analysis, and actionable fix recommendations.

132 days ago

security-headers-generator

nivkazdannivkazdan

Generate security headers generator operations. Auto-activating skill for Security Fundamentals. Triggers on: security headers generator, security headers generator Part of the Security Fundamentals skill category. Use when working with security headers generator functionality. Trigger with phrases like "security headers generator", "security generator", "security".

133 days ago

Spring Boot Security

royaluniondesign-sysroyaluniondesign-sys

Spring Security best practices for authentication/authorization, input validation, CSRF, secret management, security headers, rate limiting, and dependency/CVE scanning in Java Spring Boot services.

132 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network