deploy-hf
vmain
io.github.Vincentqyw/image-matching-webui/deploy-hf
Release a new imcui version and deploy to HuggingFace Spaces (test → prod). Invoke when user asks to release, deploy, or ship a new version.
io.github.alirezarezvani/claude-skills/security-guidance · vmain
PreToolUse security-anti-pattern hook for Claude Code. Catches 12 common security risks (command injection, XSS, SQL injection, unsafe deserialization, GitHub Actions workflow injection, eval/new Function code injection) BEFORE the Edit/Write/MultiEdit operation completes. Session-state caching prevents duplicate warnings on the same file+rule combo. Stdlib only — no dependencies. Use when you want a safety net during Claude Code sessions that touch security-sensitive code (auth, payments, user input handling, IaC). Disable with ENABLE_SECURITY_REMINDER=0 if you need to perform a verified-safe operation that would otherwise trip a pattern. Triggers — "add security hook", "block unsafe code", "detect command injection before write", "prevent SQL injection patterns", "security warning hook".
热度数据
security-guidance 是一个Agent Skill,收录自 SkillsMP。本页提供 Cursor、Claude Code 等客户端的安装配置片段。
Agent Skill 是带 SKILL.md 的指令包。安装后,AI 会根据 description 在匹配任务时自动加载,无需每次手动粘贴提示词。
选择你的平台查看安装方式
选择安装方式
# 改 -a 切换客户端:cursor | claude-code | codex | github-copilot
npx skills add alirezarezvani/claude-skills@security-guidance -a cursor -y安装完成后,在对话中直接描述你的任务(或提及技能名称)。Agent 会先读取 SKILL.md 的 description 判断是否启用,再按其中的步骤执行。可用 /skills(Claude Code)或在设置中查看已加载的 Skills。
vmain
io.github.Vincentqyw/image-matching-webui/deploy-hf
Release a new imcui version and deploy to HuggingFace Spaces (test → prod). Invoke when user asks to release, deploy, or ship a new version.
vmain
io.github.kenn-io/agentsview/testing-without-tautologies
Use when creating, editing, fixing, or reviewing tests; when adding mocks, fakes, assertions, unit tests, PG integration tests, frontend component tests, or Playwright e2e tests; or when changing tests after failures.
vmain
io.github.Dynatrace/dynatrace-for-ai/dt-obs-kubernetes
Kubernetes cluster, pod, node, and workload monitoring. Use when analyzing K8s health, resource optimization, pod failures, OOMKills, scheduling, or security posture. Also use for Kubernetes operational events like pod restarts, OOM events, evictions, and cluster event history. Trigger: "Kubernetes pods", "K8s cluster health", "OOMKill", "pod restarts", "container CPU", "namespace resource usage", "over-provisioned pods", "privileged containers", "pod placement", "K8s node capacity", "running containers by cluster", "workload scheduling", "pod evictions", "K8s labels and annotations", "kubernetes events", "pod restart events", "OOM events", "K8s event history". Do NOT use for explaining existing queries, product documentation questions, AWS-specific resource queries, service-level RED metrics, distributed tracing, or log analysis — use the relevant skill instead.
vmaster
io.github.hitobito/hitobito/refactoring
Use when restructuring internal code in hitobito without changing external functionality — for future extensibility, performance, or maintainability.
vmain
io.github.uphiago/recon-skills/docker-privesc
Escape Docker containers to host root via 5 techniques.
vmaster
io.github.Raishin/vanguard-frontier-agentic/css-architecture-design-system-review
Review CSS for specificity and cascade-layer discipline, design-token (custom-property) conformance, and responsive strategy correctness (container queries vs. media queries), catching specificity wars, hardcoded-value token drift, and non-reflowing layouts that fail WCAG 1.4.10/1.4.4 before they compound into unmaintainable stylesheets.
{
"id": "io.github.alirezarezvani/claude-skills/security-guidance",
"type": "skill",
"version": "main",
"displayName": "security-guidance",
"description": "PreToolUse security-anti-pattern hook for Claude Code. Catches 12 common security risks (command injection, XSS, SQL injection, unsafe deserialization, GitHub Actions workflow injection, eval/new Function code injection) BEFORE the Edit/Write/MultiEdit operation completes. Session-state caching prevents duplicate warnings on the same file+rule combo. Stdlib only — no dependencies. Use when you want a safety net during Claude Code sessions that touch security-sensitive code (auth, payments, user input handling, IaC). Disable with ENABLE_SECURITY_REMINDER=0 if you need to perform a verified-safe operation that would otherwise trip a pattern. Triggers — \"add security hook\", \"block unsafe code\", \"detect command injection before write\", \"prevent SQL injection patterns\", \"security warning hook\".",
"author": {
"name": "alirezarezvani",
"url": "https://github.com/alirezarezvani"
},
"repository": {
"url": "https://github.com/alirezarezvani/claude-skills",
"source": "github",
"subfolder": "engineering/security-guidance/skills/security-guidance"
},
"homepage": "https://skillsmp.com/creators/alirezarezvani/claude-skills/engineering-security-guidance-skills-security-guidance",
"distribution": {
"packages": [
{
"registryType": "source",
"identifier": "alirezarezvani/claude-skills@security-guidance",
"version": "main",
"runtimeHint": "npx skills add"
}
],
"remotes": []
},
"dependencies": [],
"installTargets": [
"claude-code",
"claude-desktop",
"cursor",
"codex",
"vscode"
],
"keywords": [
"repo_stars:19546"
],
"provenance": {
"origin": "skillsmp",
"originalId": "alirezarezvani-claude-skills-engineering-security-guidance-skills-security-guidance-skill-md",
"originalUrl": "https://skillsmp.com/creators/alirezarezvani/claude-skills/engineering-security-guidance-skills-security-guidance",
"isOfficial": false,
"status": "active"
}
}