Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

security-check

security-check 收录了来自 ersinkoc 的 49 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
49
Stars
47
更新
2026-07-07
Forks
5
职业覆盖
2 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

security-check
信息安全分析师

Comprehensive AI-powered security scanning suite with 48 skills covering OWASP Top 10, 7 language-specific deep scanners (Go, TypeScript, Python, PHP, Rust, Java, C#), supply chain analysis, infrastructure-as-code scanning, and 3000+ checklist items. Use when you need to run a security audit, find vulnerabilities, scan a PR for security issues, or perform a penetration test on a codebase.

2026-07-07
sc-lang-csharp
信息安全分析师

C#/.NET-specific security deep scan

2026-04-08
sc-lang-go
信息安全分析师

Go-specific security deep scan

2026-04-08
sc-lang-java
信息安全分析师

Java/Kotlin-specific security deep scan

2026-04-08
sc-lang-php
信息安全分析师

PHP-specific security deep scan

2026-04-08
sc-lang-python
信息安全分析师

Python-specific security deep scan

2026-04-08
sc-lang-rust
信息安全分析师

Rust-specific security deep scan

2026-04-08
sc-lang-typescript
信息安全分析师

TypeScript/JavaScript-specific security deep scan

2026-04-08
sc-api-security
信息安全分析师

REST, GraphQL, and gRPC API security audit — authentication, authorization, data exposure, and configuration

2026-04-08
sc-auth
信息安全分析师

Authentication flaw detection — weak passwords, broken auth, credential stuffing, and bypass vectors

2026-04-08
sc-authz
信息安全分析师

Authorization flaw detection — IDOR, broken access control, horizontal and vertical privilege issues

2026-04-08
sc-business-logic
信息安全分析师

Business logic flaw detection — price manipulation, workflow bypass, race conditions, and abuse vectors

2026-04-08
sc-ci-cd
信息安全分析师

CI/CD pipeline security — GitHub Actions injection, secret exposure, untrusted actions, and artifact poisoning

2026-04-08
sc-clickjacking
信息安全分析师

Clickjacking and UI redressing detection — missing frame protection headers and CSP frame-ancestors

2026-04-08
sc-cmdi
信息安全分析师

OS Command Injection detection in shell execution, subprocess calls, and process spawning

2026-04-08
sc-cors
信息安全分析师

CORS misconfiguration detection — wildcard origin, reflected origin, null origin, and credential leaks

2026-04-08
sc-crypto
信息安全分析师

Cryptography misuse detection — weak algorithms, ECB mode, static IVs, weak PRNG, and key management flaws

2026-04-08
sc-csrf
信息安全分析师

Cross-Site Request Forgery detection — missing tokens, SameSite misconfiguration, and CORS-CSRF interaction

2026-04-08
sc-data-exposure
信息安全分析师

Sensitive data exposure detection — PII leaks, verbose errors, debug mode, and information disclosure

2026-04-08
sc-dependency-audit
信息安全分析师

Supply chain and dependency security analysis across all package ecosystems

2026-04-08
sc-deserialization
信息安全分析师

Insecure deserialization detection across all serialization formats and languages

2026-04-08
sc-diff-report
信息安全分析师

Incremental security scan for changed files only — optimized for PR and commit-level reviews

2026-04-08
sc-docker
信息安全分析师

Docker-specific security checks — image hardening, secrets in layers, compose security, and runtime configuration

2026-04-08
sc-file-upload
信息安全分析师

Insecure file upload detection — unrestricted types, MIME mismatch, polyglot files, and webshell upload

2026-04-08
sc-graphql
信息安全分析师

GraphQL injection, introspection abuse, query complexity attacks, and authorization bypass detection

2026-04-08
sc-header-injection
信息安全分析师

HTTP Header Injection and Response Splitting detection via CRLF injection in headers

2026-04-08
sc-iac
信息安全分析师

Infrastructure-as-Code security scanning — Dockerfile, Kubernetes, Terraform, and GitHub Actions misconfigurations

2026-04-08
sc-jwt
信息安全分析师

JWT implementation flaw detection — algorithm confusion, weak secrets, missing validation, and storage issues

2026-04-08
sc-ldap
信息安全分析师

LDAP Injection detection in search filters, DN construction, and bind operations

2026-04-08
sc-mass-assignment
信息安全分析师

Mass assignment and over-posting detection — unfiltered request body binding to data models

2026-04-08
sc-nosqli
信息安全分析师

NoSQL Injection detection for MongoDB, Redis, CouchDB, and Elasticsearch

2026-04-08
sc-open-redirect
信息安全分析师

Open redirect detection — unvalidated redirect URLs, protocol-relative bypasses, and URI scheme abuse

2026-04-08
sc-orchestrator
软件开发工程师

Master orchestration skill that coordinates the entire 4-phase security scanning pipeline

2026-04-08
sc-path-traversal
软件开发工程师

Path traversal and directory traversal detection — LFI, RFI, zip slip, and symlink attacks

2026-04-08
sc-privilege-escalation
软件开发工程师

Privilege escalation vector detection — role manipulation, admin bypass, and RBAC circumvention

2026-04-08
sc-race-condition
软件开发工程师

Race condition and TOCTOU detection — database races, file system races, double-spend, and atomicity failures

2026-04-08
sc-rate-limiting
软件开发工程师

Missing rate limiting and application-level DoS vector detection — ReDoS, query complexity, resource exhaustion

2026-04-08
sc-rce
软件开发工程师

Remote Code Execution detection via eval, exec, dynamic code loading, and code injection vectors

2026-04-08
sc-recon
软件开发工程师

Codebase discovery and architecture mapping for security analysis

2026-04-08
sc-report
软件开发工程师

Final consolidated security assessment report generator with CVSS severity and remediation roadmap

2026-04-08
当前展示该仓库 Top 40 / 49 个已收集 skills。
security-check GitHub Agent Skills | SkillsMP