Awesome-omni-skill security-skills-guide
Guide for security-related Agent Skills including penetration testing, code auditing, threat hunting, and forensics skills.
install
source · Clone the upstream repo
git clone https://github.com/diegosouzapw/awesome-omni-skill
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skill "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/testing-security/security-skills-guide" ~/.claude/skills/diegosouzapw-awesome-omni-skill-security-skills-guide && rm -rf "$T"
manifest:
skills/testing-security/security-skills-guide/SKILL.mdsource content
Security Skills Guide
Scope
Use this skill when:
- Finding or adding security-related skills
- Understanding cybersecurity skill categories
- Organizing security skills in README.md
Security Skill Categories
Penetration Testing
| Category | Skills |
|---|---|
| Web Application | Burp Suite, FFUF fuzzing, SQL injection, XSS testing |
| Network | Nmap, Wireshark, SMTP/SSH testing |
| Cloud | AWS/Azure/GCP penetration testing |
| Active Directory | Kerberoasting, DCSync, pass-the-hash |
Code Auditing
| Category | Skills |
|---|---|
| Static Analysis | CodeQL, Semgrep, Slither |
| Smart Contracts | Solidity security, Move auditing |
| Variant Analysis | Finding similar vulnerabilities |
Threat Hunting
| Category | Skills |
|---|---|
| Detection Rules | Sigma rules, YARA |
| Forensics | File metadata, memory analysis |
| Incident Response | Triage, investigation |
Key Security Skill Repositories
Trail of Bits Security Team
- Static analysis, code auditing, smart contractstrailofbits/skills
Antigravity Collection
- 50+ cybersecurity skillssickn33/antigravity-awesome-skills
Community Skills
- Computer forensics skillsmhattingpete/claude-skills-marketplace
Where to Add Security Skills in README
- Penetration testing tools:
Cybersecurity & Penetration Testing - Code analysis tools:
orSecurity & SystemsDevelopment & Code Tools - Threat hunting:
Security & Systems - Smart contract security:
(if dev-focused)Development & Code Tools
Security Skill Best Practices
- Clear scope: Define what the skill does and doesn't do
- Legal warnings: Include responsible use disclaimers
- Tool requirements: List required external tools
- Safe defaults: Use non-destructive operations by default
- Logging: Include audit trail capabilities
Example Security Skill Structure
threat-hunting/ ├── SKILL.md # Main instructions ├── scripts/ │ ├── sigma-search.py │ └── log-parser.sh ├── references/ │ └── sigma-rules.md └── templates/ └── report.md