Manages authentication flow for MutuaPIX (Laravel Sanctum + Next.js), handles mock mode security, and validates environment configurations
Senior Next.js 15+/16 Engineer skill for App Router. Use when scaffolding production apps, enforcing RSC patterns, auditing codebases, or optimizing performance.
Implement production-ready features across database, backend, and frontend layers with incremental phased approach
This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, asks for a code review with a focus on security, or mentions security concerns related to code. The security-agent plugin then provides structured security findings with severity ratings, code locations, impact assessments, and remediation guidance.
Comprehensive security vulnerability analysis for codebases and infrastructure. Scans dependencies (npm, pip, gem, go, cargo), containers (Docker, Kubernetes), cloud IaC (Terraform, CloudFormation), and detects secrets exposure. Fetches live CVE data from OSV.dev, calculates risk scores, and generates phased remediation plans with TDD validation tests. Use when users mention security scan, vulnerability, CVE, exploit, security audit, penetration test, OWASP, hardening, dependency audit, container security, or want to improve security posture.
Runbook for working in the AGILab repo (uv, Streamlit, run configs, packaging, troubleshooting).
This skill should be used when the user asks to "generate audit logs", "create HIPAA audit trail", "log healthcare events", "configure audit logging", "track PHI access", "maintain compliance logs", "audit log format", "healthcare event logging", "access control logging", "authentication logging", "HIPAA logging requirements", or mentions HIPAA audit trails, healthcare event logging, compliance logging, PHI access tracking, authentication auditing, or §164.312(b) logging requirements.
Stacks blockchain development intelligence for Codex.
Get details about a specific eval run. Requires authentication. Use for Agentuity cloud platform operations
This skill should be used when the user asks to "scan for PHI", "detect PII", "HIPAA compliance check", "audit for protected health information", "find sensitive healthcare data", "generate HIPAA audit report", "check code for PHI leakage", "scan logs for PHI", "check authentication on PHI endpoints", "scan FHIR resources", "check HL7 messages", or mentions PHI detection, HIPAA compliance, healthcare data privacy, medical record security, logging PHI violations, authentication checks for health data, or healthcare data formats (FHIR, HL7, CDA).
Detects non-functional "theater" code that appears complete but doesn't actually work. Use this skill to identify code that looks correct in static analysis but fails during execution, preventing fake implementations from reaching production. Scans for suspicious patterns, validates actual functionality, and reports findings with recommendations.
Implement and debug wallet connection and authentication in this repo using thirdweb v5 and the SIWE-style flow in `app/hooks/useWalletAuth.ts` and `app/hooks/server_actions.ts`. Use for ConnectButton setup, account state, signature/auth verification, Base/USDC config, and CSP issues with embedded wallet.
**Type:** Red Team - Offensive Security Agent
```mermaid
**Version:** 1.0.0
Control Eight Sleep pods (status, temperature, alarms, schedules).
Send WhatsApp messages to other people or search/sync WhatsApp history via the wacli CLI (not for normal user chats).
Comprehensive security and authentication workflow that orchestrates security architecture, identity management, access control, and compliance implementation. Handles everything from authentication system design and authorization frameworks to security auditing and threat protection.
Create, export, unpack, pack, import, and validate Dataverse solutions. USE WHEN: "export solution", "import solution", "pack solution", "unpack solution", "create solution", "pull from environment", "push to environment", "validate import", "check import errors", "check if table exists", "check if form is published", "verify deployment". DO NOT USE WHEN: creating tables/columns/forms/views (use dataverse-metadata).
**Version:** 1.0.0