Automatically discover security skills when working with authentication, authorization, input validation, security headers, vulnerability assessment, or secrets management. Activates for application security, OWASP, and security hardening tasks.
View on GitHubskills/discover-security/SKILL.md
February 3, 2026
Select agents to install to:
npx add-skill https://github.com/rand/cc-polymath/blob/main/skills/discover-security/SKILL.md -a claude-code --skill discover-securityInstallation paths:
.claude/skills/discover-security/# Security Skills Discovery Provides automatic access to comprehensive application security, vulnerability assessment, and security best practices skills. ## When This Skill Activates This skill auto-activates when you're working with: - Authentication and authorization systems - Input validation and sanitization - Security headers (CSP, HSTS, CORS) - Vulnerability scanning and penetration testing - OWASP Top 10 vulnerabilities - Secrets management (Vault, AWS Secrets Manager) - SQL injection, XSS, or other attack prevention - Security hardening and compliance - Password hashing and credential management - API security and access control ## Available Skills ### Quick Reference The Security category contains 6 specialized skills: 1. **authentication** - Authentication patterns (JWT, OAuth2, sessions, MFA, password security) 2. **authorization** - Access control (RBAC, ABAC, policy engines, permissions) 3. **input-validation** - Input validation and sanitization (SQL injection, XSS, command injection) 4. **security-headers** - HTTP security headers (CSP, HSTS, X-Frame-Options, CORS) 5. **vulnerability-assessment** - Security testing (OWASP Top 10, scanning tools, pentesting) 6. **secrets-management** - Secrets handling (Vault, AWS Secrets Manager, key rotation) ### Load Full Category Details For complete descriptions and workflows: Read <cc-polymath-root>/skills/security/INDEX.md This loads the full Security category index with: - Detailed skill descriptions - Usage triggers for each skill - Common workflow combinations - Cross-references to related skills ### Load Specific Skills Load individual skills as needed: # Identity and access Read <cc-polymath-root>/skills/security/authentication.md Read <cc-polymath-root>/skills/security/authorization.md # Input security Read <cc-polymath-root>/skills/security/input-validation.md Read <cc-polymath-root>/skills/security/security-headers.md # Security operations Read <cc-polymath-root>/skills/security/vulner