WebSocket connections frequently fail with cryptic errors like Invalid frame header or RSV1 must be clear. This skill provides structured debugging techniques to diagnose and fix multiple WebSocketServer conflicts, compression mismatches, and raw frame inspection methods.

Claude Code skills help AI agents apply proven techniques across projects. This guide covers proper structure, search optimization, and real examples to make skills discoverable and actionable for future use.

Define modular rules that guide Claude on file-specific conventions. Rules in .claude/rules/ automatically apply to matching files, ensuring consistent code patterns across your project.

Claude Code hooks enable automatic actions during AI sessions. This skill provides the reference guide for creating, securing, and publishing hooks that validate, log, and automate workflows.

Manual browser testing is time-consuming and error-prone. This skill provides automated Chrome browser control through DevTools Protocol for reliable UI verification and screenshot capture.

Creating Claude Code agents requires understanding proper file structure, frontmatter syntax, and validation rules. This skill provides expert guidance to build agents that activate correctly and follow best practices for tool access, persona definition, and schema compliance.

This skill enables Claude to discover, install, and manage AI agent skills from the agentskill.sh marketplace, turning your agent into a self-improving system.

SQL injection vulnerabilities pose critical risks to web applications. This skill automates detection and exploitation of SQL injection flaws for authorized security assessments using the industry-standard sqlmap tool.

Nikto is an open-source web server scanner that identifies dangerous files, outdated software versions, and server misconfigurations. Use this skill to conduct authorized security assessments and compliance scans against web servers and applications.

Need a standardized way to build security skills? This template provides the structure for creating new skills with documentation, workflows, and configuration templates following SecOpsAgentKit best practices.

Hardcoded secrets in code lead to data breaches and unauthorized access. This skill integrates Gitleaks for automated secret detection in repositories, CI/CD pipelines, and pre-commit hooks.

Manual dependency and container vulnerability scanning requires significant security expertise to interpret CVE reports and prioritize fixes. This skill provides standardized Trivy workflows for identifying CVEs, generating SBOMs, and integrating security scanning into CI/CD pipelines.

Open source dependencies often contain known vulnerabilities and license compliance risks. This skill integrates Synopsys Black Duck SCA to automatically detect vulnerabilities, map findings to CVE/CWE/OWASP frameworks, and enforce license compliance policies in CI/CD pipelines.

Software supply chain attacks are increasing. Organizations need visibility into their software dependencies. This skill provides step-by-step guidance for generating comprehensive SBOMs using Syft, enabling vulnerability tracking, license compliance, and secure software provenance.

Security vulnerabilities in code can lead to data breaches and system compromise. This skill provides comprehensive SAST scanning with Semgrep, mapping findings to OWASP Top 10 and CWE standards for prioritized remediation.

Python code often contains hidden security risks like hardcoded passwords, SQL injection flaws, and command injection vulnerabilities. This skill integrates Bandit SAST scanning to automatically detect security issues in your Python codebase and maps findings to industry security frameworks.

Manual security reviews miss common vulnerabilities. This skill provides Horusec-based SAST workflows to automatically scan code across 18+ languages, detect secrets in git history, and integrate security scanning into CI/CD pipelines for continuous protection.

Security scanning results are scattered across CI logs and missed by reviewers. Reviewdog aggregates findings from multiple security tools into inline pull request comments, making vulnerabilities visible where developers work.

Network reconnaissance is essential for security assessments but requires structured workflows to ensure thoroughness and compliance. This skill provides ready-to-use Nmap commands, workflow checklists, and integration templates for port scanning, service enumeration, and vulnerability detection.

Threat modeling is critical for secure system design but often gets skipped due to complexity. This skill provides programmatic threat modeling using Python and the pytm library. Define architecture as code, automatically generate data flow diagrams, and identify security threats across trust boundaries.