🔒Security
3,360
522

insecure-defaults

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

#audit#configuration#secrets#appsec
Share
Quick Install
>_npx skills add trailofbits/skills
Documentation
Loading documentation...
Author

trailofbits

@trailofbits

View on GitHub
Repository
Repositorytrailofbits/skills
Stars3,360
Last UpdatedMar 6, 2026
Related Skills
6,168
26

authentication-setup

Setup and manage authentication and authorization systems including JWT, OAuth, and role-based access control.

supercent-io
supercent-io/skills-template
6,013
23,974

azure-role-selector

Helps users select appropriate Azure roles based on required permissions with least privilege access.

github
github/awesome-copilot
5,028
26

security-best-practices

Implement security best practices for web apps and infrastructure, covering HTTPS, CORS, XSS, SQL injection, CSRF, rate limiting, and OWASP

supercent-io
supercent-io/skills-template
3,994
30,440

security-requirement-extraction

Extract security requirements from threat models and business context for actionable security measures.

wshobson
wshobson/agents
2,915
30,440

auth-implementation-patterns

Implement authentication and authorization patterns like JWT, OAuth2, session management, and RBAC for secure API access.

wshobson
wshobson/agents