ZeroDay Scanner
by Mowei
Read-only Windows scan for supply-chain worms and AI-assistant persistence that antivirus misses — with wiper-safe cleanup.
Ship agent workflows in 30 seconds. Browse 2,000+ expert-built and security scanned skill -> Browse skills
THE AGENSI STORE
209 skills found
by Mowei
Read-only Windows scan for supply-chain worms and AI-assistant persistence that antivirus misses — with wiper-safe cleanup.
by Samuel Rose
Audit dependencies for security, licenses, and health while generating a phased, low-risk upgrade and migration plan.
by Shogun Labs
Pre-commit security hooks: secret detection, destructive command prevention
by Shogun Labs
Project-specific Claude Code agent harness setup
Automated security auditing and risk assessment for Model Context Protocol (MCP) servers.
by LocoLoboZ
Transform APT threat intelligence into MITRE ATT&CK Navigator layers and prioritized detection gap analyses.
by LocoLoboZ
Design, govern, and report on enterprise-grade anti-phishing training programs and simulation metrics.
by LocoLoboZ
Convert cyber incident evidence into blameless post-mortem reports, root cause analyses, and action trackers.
by LocoLoboZ
Generate audit-ready privacy impact assessments, risk registers, and data flow maps for regulatory compliance.
by LocoLoboZ
Professional security incident triage for SOC teams to classify alerts, assess severity, and draft response plans.
Protect sensitive data before it reaches an AI model and automatically restore it in the final response.
Audit your Supabase project for the row-level-security mistakes that quietly expose data: tables without RLS, policies that resolve to true, leaked service-role keys, missing auth.uid() checks, open storage buckets, overbroad grants, and migration drift. A local, read-only scan plus a full review checklist, each finding with severity, evidence, and a fix. No database changes without confirmation.
Automatically detect GDPR compliance risks in websites, codebases, marketing assets, and AI workflows.
by LocoLoboZ
Build, review, and automate structured incident response playbooks for enterprise security operations.
Scan a SKILL.md package for prompt injection and secret exfiltration before you install or publish an agent skill. Flags env-variable-to-URL exfiltration wording, conditional triggers with hidden side effects, imperative instructions buried in HTML comments, zero-width characters, base64 and long-token blobs, remote content treated as instructions, pipe-to-shell and recursive force-delete references, and overbroad tool requests (network plus browser plus file-write with no scope).
by Nex AI
A complete Manifest V3 Chrome extension to detect and highlight manipulative UI dark patterns on any website.
An adversarial senior engineer review gate that audits AI-written code for security gaps and logic errors before shipping.
A pre-publish audit gate to extract claims, verify facts, and flag compliance risks in public-facing content.
Audit and harden GitHub Actions workflows against overbroad permissions, secrets exposure, and supply-chain risks.
Lint an OpenAPI spec and diff two versions to catch breaking API changes before they reach consumers. Within a spec it flags missing operationId, success responses with no schema, untyped parameters, operations with no security requirement, and unbounded arrays/strings. Across two versions it flags removed paths and operations, removed response codes, a parameter becoming required, narrowed parameter types, removed enum values, and removed response fields. Analyzes JSON specs (convert YAML to JSON first).
An adversarial gate that audits cloud and infrastructure-as-code config — Terraform, Kubernetes, IAM, security groups, buckets — for the misconfigurations that cause real breaches, and returns a structured PASS/REVISE/BLOCK verdict with severities and exact fixes before anything reaches your environment.
Audit your SPF, DKIM, and DMARC records for the misconfigurations that get mail rejected or sent to spam. Flags a missing DMARC record or p=none, missing rua reporting, a missing or duplicated SPF record, SPF over the 10-lookup limit, permissive +all/?all, a missing DKIM selector, and SPF/DKIM domain-alignment mismatches. Paste a DNS zone file or dig/nslookup output.
Audit a Helm chart for insecure defaults before you deploy to Kubernetes. Flags privileged containers, allowPrivilegeEscalation, missing CPU/memory limits and requests, hostPath volumes, hostNetwork/hostPID/hostIPC sharing, readOnlyRootFilesystem not set, runAsNonRoot not enforced (or runAsUser 0), plaintext secrets in values.yaml, missing NetworkPolicy, and NodePort/LoadBalancer services exposed without restriction.
First-pass screener that flags AI-generated, paper-mill, and fabricated scholarship using tortured-phrase, citation, statistical, and template detectors.