by affaan-m
Use the security-review skill to review auth, user input, secrets, APIs, payments, uploads, and other sensitive flows. It provides a practical security-review guide with clear pass/fail checks, risky-pattern examples, and a focused process for catching common issues before release.
by microsoft
azure-identity-dotnet is a Microsoft Entra ID authentication skill for .NET Azure SDK clients. It covers DefaultAzureCredential, managed identity, service principals, and developer credentials, with guidance for install and usage in backend services, ASP.NET Core apps, and automation.
by mcollina
oauth helps you implement and troubleshoot OAuth 2.0/2.1 in Fastify apps for login, access tokens, PKCE, refresh tokens, and route protection. Use it as an oauth guide for backend development when you need practical oauth usage, install steps, and help resolving redirect URI, scope, CSRF, or token validation issues.
by mukul975
detecting-api-enumeration-attacks helps Security Audit teams detect API probing, BOLA, and IDOR by analyzing sequential IDs, 404 bursts, authorization failures, and docs discovery paths. It is built for log-driven detection guidance, rule drafting, and practical review of API abuse patterns.
by mukul975
containing-active-breach is an incident-response skill for live breach containment. It helps isolate hosts, block suspicious traffic, disable compromised accounts, and slow lateral movement using a structured containing-active-breach guide with practical API and script references.
