The best AI skills for security audit做安全审计最好用的

Skills that review risky code, API surfaces, permissions, and security-sensitive workflows.审查高风险代码、API 暴露面、权限边界和安全敏感工作流的 skill。

Editor rank · 编辑排名 Stars · 星标数 Updated · 最近更新

All Claude Code Codex Cursor Cline OpenClaw Hermes Anthropic Skills MCP Generic

All Low Medium

Editor's picks编辑精选榜单

2026-05-16 last re-ranked · 上次重排

#1Gold · 金

api-security-testing

★ Editor's Choice· 编辑首选

by Ed1s0nZ·updated 3w ago

API安全测试的专业技能和方法论

“

API安全测试的专业技能和方法论

Claude CodeCodexMedium risk · 中风险$

—

rating · 评分

3.7k

stars · 星标

View看详情 →

#2Silver · 银

aig-scanner

★ Runner-up· 次选

by Tencent·updated 3w ago

A.I.G Scanner — AI security scanning for infrastructure, AI tools / skills, AI Agents, and LLM jailbreak evaluation via

“

A.I.G Scanner — AI security scanning for infrastructure, AI tools / skills, AI Agents, and LLM jailbreak evaluation via Tencent Zhuque Lab AI-Infra-Guard. Uses built-in exec + Python script, no plugin required. Requires AIGBASEURL to be configured. Triggers on: scan AI service, AI vulnerability scan, scan AI infra, check CVE, audit AI service, scan MCP, scan skills, audit AI tools, scan agent, red-team LLM, jailbreak test, 扫描AI服务, 检查AI漏洞, 扫描AI工具, 检查MCP安全, 审计Agent, 越狱测试.

Claude CodeCodexMedium risk · 中风险$

—

rating · 评分

3.6k

stars · 星标

View看详情 →

#3Bronze · 铜

offensive-iot

★ Pair with #1· 推荐配套

by SnailSploit·updated 3w ago

IoT and embedded device security testing methodology. Covers hardware reconnaissance (UART, JTAG, SWD, SPI flash, I2C EE

“

IoT and embedded device security testing methodology. Covers hardware reconnaissance (UART, JTAG, SWD, SPI flash, I2C EEPROM, eMMC chip-off), firmware acquisition (vendor portals, OTA capture, flash dump, binwalk extraction), firmware analysis (filesystem mounting, binary triage, hardcoded secrets, default credential discovery), bootloader attacks (U-Boot console, secure-boot bypass, fault injection), runtime attacks on embedded Linux/RTOS (busybox CVEs, MTD writes, /dev/mem), wireless protocol attacks (Zigbee, BLE, Z-Wave, LoRaWAN, Thread/Matter, sub-GHz), MQTT/CoAP/Modbus/BACnet/OPC-UA exploitation, mobile companion app analysis, cloud-IoT API abuse, and side-channel/glitching basics. Use for IoT pentest, smart-home assessment, ICS/OT testing, or embedded vulnerability research.

Claude CodeCodexMedium risk · 中风险$

—

rating · 评分

1.2k

stars · 星标

View看详情 →

Why we didn't pick these为什么没选这些

Also common, but didn't make the picks同样常见，但未入精选

supply chain risk auditor
Workflows that require stronger human review than this catalog entry documents.
需要比当前目录条目更严格人工复核的工作流。
tsa risk
Workflows that require stronger human review than this catalog entry documents.
需要比当前目录条目更严格人工复核的工作流。
tsa risk
Workflows that require stronger human review than this catalog entry documents.
需要比当前目录条目更严格人工复核的工作流。

Didn't find what you need?没看到合适的 skill？

Tell us your pain points and we'll go look.把你的痛点告诉我们，我们会去找。

Compare top 3对比 Top 3 →Request a skill提交需求 →