SKILL.md packages that extend Claude Code, Cursor, Copilot, and other AI agents.
Tags

xianzhi-research
A structured vulnerability research framework distilled from 5600+ security docs, covering web injection, deserialization, binary exploitation, domain pentest,

saas-security
Comprehensive SaaS security audit skill: run domain-based audits, generate checklists, classify risks, and produce prioritized remediation reports.

Anthropic Cybersecurity Skills
Guided workflow to identify, validate, and document reflected, stored, and DOM-based XSS using Burp Suite (scanner, repeater, intruder, DOM Invader).

guardian-cli
An AI-driven, production-ready CLI that automates authorized penetration testing workflows, orchestrating planner, tool, analyst and reporter agents to produce

anthropic-cybersecurity-skills
Structured workflow to test REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR), with techniques for discovery, exploitation checks, and rem

Anthropic Cybersecurity Skills
Techniques and checks to find and exploit common JWT misconfigurations (alg none, alg confusion, kid/JKU injection, weak secrets).

claude-bughunter
Enumerate and assess on-prem Microsoft SharePoint servers for version disclosure, anonymous endpoints, legacy SOAP login abuse, ToolShell preconditions (CVE-202

correctless
Goal-directed red team assessment skill for live systems with source-code access; enforces isolation and intensity gating before active testing.

vibe-security-skill
Audits AI-generated codebases for critical security flaws like exposed keys, broken RLS, and insecure payment flows.