sensitive AI Agent Skills
Browse 255 skills related to sensitive
security-review
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
secrets-management
Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
security-review
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
difficult-workplace-conversations
Structured approach to workplace conflicts, performance discussions, and challenging feedback using preparation-delivery-followup framework. Use when preparing for tough conversations, addressing conflicts, giving critical feedback, or navigating sensitive workplace discussions.
secrets-management
Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD ...
security-bluebook-builder
Build security Blue Books for sensitive apps
pr-review
Security-first PR review checklist for this repo. Use when reviewing diffs/PRs, especially changes involving authentication, networking, sensitive data, or dependency/lockfile updates. Focus on secret/PII leakage risk, supply-chain risk (npm + node_modules inspection), cross-platform architecture (extension/mobile/desktop/web), and React performance (hooks + re-render hotspots). Avoid UI style nitpicks. PR Review.
codex-account-switcher
Manage multiple OpenAI Codex accounts. Capture current login tokens and switch between them instantly. ⚠️ Reads and writes ~/.codex/auth.json and ~/.codex/accounts/*.json (sensitive authentication tokens).
aifs
Store and retrieve files via AIFS.space cloud storage API. Use when persisting notes, documents, or data to the cloud; syncing files across sessions; or when the user mentions AIFS, aifs.space, or cloud file storage. Not to be used for any sensitive content.
lmstudio-subagents
Reduces token usage from paid providers by offloading work to local LM Studio models. Use when: (1) Cutting costs—use local models for summarization, extraction, classification, rewriting, first-pass review, brainstorming when quality suffices, (2) Avoiding paid API calls for high-volume or repetitive tasks, (3) No extra model configuration—JIT loading and REST API work with existing LM Studio setup, (4) Local-only or privacy-sensitive work. Requires LM Studio 0.4+ with server (default :1234). No CLI required.
cron-mastery
Master OpenClaw's timing systems. Use for scheduling reliable reminders, setting up periodic maintenance (janitor jobs), and understanding when to use Cron vs Heartbeat for time-sensitive tasks.
Confidant
Secure secret handoff from human to AI. Use when you need sensitive information from the user (API keys, passwords, tokens, credentials, secrets). Never ask for secrets via chat — use Confidant instead.
otp-challenger
Enable agents and skills to challenge users for fresh two-factor authentication proof (TOTP or YubiKey) before executing sensitive actions. Use this for identity verification in approval workflows - deploy commands, financial operations, data access, admin operations, and change control.
security-ownership-map
Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Trigger only when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do not trigger for general maintainer lists or non-security ownership questions.
azure-security-keyvault-secrets-java
Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.
azure-security-keyvault-secrets-java
Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.
replit-data-handling
Implement Replit PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Replit integrations. Trigger with phrases like "replit data", "replit PII", "replit GDPR", "replit data retention", "replit privacy", "replit CCPA".
validating-cors-policies
This skill enables Claude to validate Cross-Origin Resource Sharing (CORS) policies. It uses the cors-policy-validator plugin to analyze CORS configurations and identify potential security vulnerabilities. Use this skill when the user requests to "validate CORS policy", "check CORS configuration", "analyze CORS headers", or asks about "CORS security". It helps ensure that CORS policies are correctly implemented, preventing unauthorized cross-origin requests and protecting sensitive data.
windsurf-data-handling
Implement Windsurf PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Windsurf integrations. Trigger with phrases like "windsurf data", "windsurf PII", "windsurf GDPR", "windsurf data retention", "windsurf privacy", "windsurf CCPA".
posthog-data-handling
Implement PostHog PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for PostHog integrations. Trigger with phrases like "posthog data", "posthog PII", "posthog GDPR", "posthog data retention", "posthog privacy", "posthog CCPA".
coderabbit-data-handling
Implement CodeRabbit PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for CodeRabbit integrations. Trigger with phrases like "coderabbit data", "coderabbit PII", "coderabbit GDPR", "coderabbit data retention", "coderabbit privacy", "coderabbit CCPA".
instantly-data-handling
Implement Instantly PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Instantly integrations. Trigger with phrases like "instantly data", "instantly PII", "instantly GDPR", "instantly data retention", "instantly privacy", "instantly CCPA".
firecrawl-data-handling
Implement FireCrawl PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for FireCrawl integrations. Trigger with phrases like "firecrawl data", "firecrawl PII", "firecrawl GDPR", "firecrawl data retention", "firecrawl privacy", "firecrawl CCPA".
juicebox-data-handling
Implement Juicebox data privacy and handling. Use when managing personal data, implementing GDPR compliance, or handling sensitive candidate information. Trigger with phrases like "juicebox data privacy", "juicebox GDPR", "juicebox PII handling", "juicebox data compliance".
clay-data-handling
Implement Clay PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Clay integrations. Trigger with phrases like "clay data", "clay PII", "clay GDPR", "clay data retention", "clay privacy", "clay CCPA".
ideogram-data-handling
Implement Ideogram PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Ideogram integrations. Trigger with phrases like "ideogram data", "ideogram PII", "ideogram GDPR", "ideogram data retention", "ideogram privacy", "ideogram CCPA".
vastai-data-handling
Implement Vast.ai PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Vast.ai integrations. Trigger with phrases like "vastai data", "vastai PII", "vastai GDPR", "vastai data retention", "vastai privacy", "vastai CCPA".
fireflies-data-handling
Implement Fireflies.ai PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Fireflies.ai integrations. Trigger with phrases like "fireflies data", "fireflies PII", "fireflies GDPR", "fireflies data retention", "fireflies privacy", "fireflies CCPA".
groq-data-handling
Implement Groq PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Groq integrations. Trigger with phrases like "groq data", "groq PII", "groq GDPR", "groq data retention", "groq privacy", "groq CCPA".
retellai-data-handling
Implement Retell AI PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Retell AI integrations. Trigger with phrases like "retellai data", "retellai PII", "retellai GDPR", "retellai data retention", "retellai privacy", "retellai CCPA".
exa-data-handling
Implement Exa PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Exa integrations. Trigger with phrases like "exa data", "exa PII", "exa GDPR", "exa data retention", "exa privacy", "exa CCPA".
sentry-data-handling
Manage sensitive data properly in Sentry. Use when configuring PII scrubbing, data retention, GDPR compliance, or data security settings. Trigger with phrases like "sentry pii", "sentry gdpr", "sentry data privacy", "scrub sensitive data sentry".
lokalise-data-handling
Implement Lokalise translation data handling, PII management, and compliance patterns. Use when handling sensitive translation data, implementing data redaction, or ensuring compliance with privacy regulations for Lokalise integrations. Trigger with phrases like "lokalise data", "lokalise PII", "lokalise GDPR", "lokalise data retention", "lokalise privacy", "lokalise compliance".
lindy-data-handling
Best practices for handling data with Lindy AI. Use when managing sensitive data, implementing data privacy, or ensuring data compliance. Trigger with phrases like "lindy data", "lindy privacy", "lindy PII", "lindy data handling", "lindy GDPR".
mistral-data-handling
Implement Mistral AI PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Mistral AI integrations. Trigger with phrases like "mistral data", "mistral PII", "mistral GDPR", "mistral data retention", "mistral privacy", "mistral CCPA".
scanning-for-data-privacy-issues
This skill enables Claude to automatically scan code and configuration files for potential data privacy vulnerabilities using the data-privacy-scanner plugin. It identifies sensitive data exposure, compliance violations, and other privacy-related risks. Use this skill when the user requests to "scan for data privacy issues", "check privacy compliance", "find PII leaks", "identify GDPR violations", or needs a "privacy audit" of their codebase. The skill is most effective when used on projects involving personal data, financial information, or health records.
supabase-data-handling
Implement Supabase PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Supabase integrations. Trigger with phrases like "supabase data", "supabase PII", "supabase GDPR", "supabase data retention", "supabase privacy", "supabase CCPA".
langchain-data-handling
Implement LangChain data privacy and handling best practices. Use when handling sensitive data, implementing PII protection, or ensuring data compliance in LLM applications. Trigger with phrases like "langchain data privacy", "langchain PII", "langchain GDPR", "langchain data handling", "langchain compliance".
perplexity-data-handling
Implement Perplexity PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Perplexity integrations. Trigger with phrases like "perplexity data", "perplexity PII", "perplexity GDPR", "perplexity data retention", "perplexity privacy", "perplexity CCPA".
sentry-security-basics
Configure Sentry security settings and data protection. Use when setting up data scrubbing, managing sensitive data, or configuring security policies. Trigger with phrases like "sentry security", "sentry PII", "sentry data scrubbing", "secure sentry".
vercel-data-handling
Implement Vercel PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for Vercel integrations. Trigger with phrases like "vercel data", "vercel PII", "vercel GDPR", "vercel data retention", "vercel privacy", "vercel CCPA".
security-review
Use this skill when adding authentication, processing user input, using sensitive information, creating API endpoints, or implementing payment/sensitive features. It provides a comprehensive security checklist and patterns.
transit-least-squares
Transit Least Squares (TLS) algorithm for detecting exoplanet transits in light curves. Use when searching for transiting exoplanets specifically, as TLS is more sensitive than Lomb-Scargle for transit-shaped signals. Based on the transitleastsquares Python package.
analyze-performance
Establish performance baselines and detect regressions using flamegraph analysis. Use when optimizing performance-critical code, investigating performance issues, or before creating commits with performance-sensitive changes.
owasp-security-scanner
Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.
secret-detection-scanner
Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.
convex-security-audit
Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations
managing-secrets
Managing secrets (API keys, database credentials, certificates) with Vault, cloud providers, and Kubernetes. Use when storing sensitive data, rotating credentials, syncing secrets to Kubernetes, implementing dynamic secrets, or scanning code for leaked secrets.