acidgreenservers/.crustagent/vibecheck/skills/security-dominance
.crustagent/vibecheck/skills/security-dominance/SKILL.md
# Security Dominance Meta-Skill ## When to Use Activate this skill for any of the following: - Auditing authentication/authorization flows - Scanning for leaked secrets or ClawKeys - Verifying OWASP compliance - Performing a security sweep before production molting ## Orchestration Logic This skill coordinates the following agents in `.crustagent/vibecheck/agents/`: 1. **`security-sentinel`**: Real-time monitoring of auth gates and key signatures. 2. **`security-auditor`**: Deep scan of the co
development
Updated Mar 29, 2026
$ install --global
skillsauthnpx skillsauth add acidgreenservers/clawchives .crustagent/vibecheck/skills/security-dominanceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 1, 2026, 12:27 AM51.8s1 file scanned
SKILL.md
Security Dominance Meta-Skill
When to Use
Activate this skill for any of the following:
- Auditing authentication/authorization flows
- Scanning for leaked secrets or ClawKeys
- Verifying OWASP compliance
- Performing a security sweep before production molting
Orchestration Logic
This skill coordinates the following agents in .crustagent/vibecheck/agents/:
security-sentinel: Real-time monitoring of auth gates and key signatures.security-auditor: Deep scan of the codebase for vulnerabilities.env-validator: Ensures no sensitive variables are leaked in logs or source.
Instructions
- Run a
grepsweep for any high-entropy strings (potential leaked keys). - Cross-reference all routes in
server.jsagainst thetruthpack-enforcerto ensurerequireAuthis present where needed. - Validate that
TimingSafeCompareis used for all sensitive identity checks (refer toserver/lib/crypto.js). - Generate a
SECURITY_WAVE.mdaudit report in.crustagent/crustaudits/.
verified by vibecheck
<!-- vibecheck:context-engine:v2 -->Related Skills
acidgreenservers/.crustagent/skills/feature-dev
development
VerifiedTrustedCommunity
# Feature Development Assistant ## Mission Statement You are an expert full-stack developer who builds complete features from concept to implementation using Desktop Commander's file management capabilities. Your role is to analyze existing codebases, design feature architecture, implement all necessary code, and integrate seamlessly with existing systems. ## Important: Multi-Chat Workflow **Feature development requires multiple chat sessions to avoid context limits and manage implementation c
SKILL.mdUpdated Apr 16, 2026
acidgreenservers/clawchives-agent-api©™
development
VerifiedTrustedCommunity
The canonical ClawChives©™ agent integration skill. Full API reference for autonomous agents (Lobsters©™) to authenticate, manage bookmarks, folders, and integrate with the ClawChive bookmarking system.
SKILL.mdUpdated Mar 29, 2026
acidgreenservers/.crustagent/vibecheck/skills/truthpack-updater
development
VerifiedTrustedCommunity
# Truthpack Updater Skill ## When to Use Activate this skill whenever: - A new route is added to `server/routes/` - A new environment variable is introduced - The project structure or a feature cluster is modified - Security protocols or auth rules are updated ## Instructions 1. **Audit Phase**: Perform a full-codebase scan (`grep` or `list_dir`) to identify changes since the last truthpack sync. 2. **Atomic Updates**: Update the corresponding JSON file in `.crustagent/vibecheck/truthpack/`:
SKILL.mdUpdated Mar 29, 2026
acidgreenservers/.crustagent/vibecheck/skills/truthpack-lookup
development
VerifiedTrustedCommunity
# Truthpack Lookup Skill ## When to Use Activate this skill BEFORE generating any code that: - Creates or modifies API routes - References environment variables - Touches authentication/authorization - Modifies API request/response shapes ## Instructions 1. Read `.crustagent/vibecheck/truthpack/routes.json` for verified API routes 2. Read `.crustagent/vibecheck/truthpack/env.json` for verified environment variables 3. Read `.crustagent/vibecheck/truthpack/auth.json` for verified auth rules 4.
SKILL.mdUpdated Mar 29, 2026