SKILL.md packages that extend Claude Code, Cursor, Copilot, and other AI agents.
Tags

xianzhi-research
A structured vulnerability research framework distilled from 5600+ security docs, covering web injection, deserialization, binary exploitation, domain pentest,

code-audit
Perform professional code security audits across 9 languages with configurable quick/standard/deep modes and Docker-backed verification.

claude-code-security-skills
Three-phase code security audit: broad audit, false-positive filtering, and a concise report with prioritized fixes and confidence-scored findings.

bug-hunter
Run an adversarial, sequential-first pipeline (Recon → Hunter → Skeptic → Referee) to find, verify, and optionally auto-fix runtime bugs and security issues acr

rune-stone
Compare a RUNE function specification against its implementation and produce a detailed drift report (signature, behavior, errors, constraints, edge cases).

marvin-template
Autonomous project hardening audit: security, AI-specific risks, test coverage, code quality, and decoupling recommendations for repositories.

skillsemgrep
Run Semgrep-based security scans to detect vulnerabilities, secrets, and OWASP Top 10 issues, and produce a categorized report with remediation suggestions.

saas-security
Comprehensive SaaS security audit skill: run domain-based audits, generate checklists, classify risks, and produce prioritized remediation reports.

claudefiles
Run a 3-agent adversarial bug hunt (Hunter, Skeptic, Referee) to find and verify real bugs in a codebase.

tech-debt-skill
Run a deliberate, file-cited technical debt and architecture audit that outputs a TECH_DEBT_AUDIT.md with prioritized findings and remediation recommendations.

awesome-codex-plugins
Audit and recommend file and directory organisation for codebases: colocation, anti-patterns, and feature vs layer grouping guidance.

gmickel
Comprehensive codebase assessment for agent and production readiness across 8 pillars; offers fixes for agent-readiness issues.