The go-to AI vibe coding skill for security: security audits, threat modelling, web security testing, application security, API security, and remediation workflows.
View the full SUPER Skills catalogue.
Audit, threat-model, test, and remediate security risks across applications, APIs, and infrastructure.
Super Security helps AI coding agents treat security as part of the build, not an afterthought. Use it for security audits, threat modelling, web/API security testing, risk prioritisation, remediation planning, validation, and residual risk notes.
These skills are designed for AI vibe coding: fast, agent-assisted building where the AI needs strong domain context, practical workflows, guardrails, and implementation-ready outputs.
SEO and discovery keywords: security audit, threat modelling, web security, application security, API security, security testing, remediation, AI vibe coding, agent skills.
Copy this folder into your agent's skills directory, then restart or reload the agent.
cp -R super-security ~/.your-agent/skills/Use it by name:
Use $super-security to help with this request.
- security audits
- threat modelling
- web security testing
- risk prioritisation
- remediation planning
- threat model
- findings with severity
- remediation plan
- verification checklist
- residual risk notes
| Module | Purpose |
|---|---|
security-auditor.md |
Security audits, risk review, control assessment, and prioritised remediation |
threat-modelling-expert.md |
Threat modelling, attack paths, abuse cases, and mitigation mapping |
web-security-testing.md |
Web and API security testing, validation, and remediation guidance |
Use $super-security to threat-model this architecture.Use $super-security to review this API for security risks.Use $super-security to prioritise these vulnerabilities.
Works with any AI agent that can read Markdown skill files. Install paths vary by tool.
See INSTALL.md for detailed installation, Download ZIP instructions, and update guidance.
This repository is part of the SUPER Skills series: standalone, installable agent skills that can be used independently or together.
| Repository | Purpose |
|---|---|
| skills-super | Master catalogue for the full SUPER Skills collection: AI vibe coding skills, agent workflows, and installable Markdown skills. |
| super-ai-ml-agents | AI agents, agent architecture, tool use, memory, orchestration, multi-agent systems, and guardrails. |
| super-ai-ml-foundation | Model selection, prompt engineering, RAG, embeddings, vector search, and production-ready AI app design. |
| super-ai-ml-ops | LLM evaluation, monitoring, cost control, reliability, latency, release gates, and production AI governance. |
| super-automation | SaaS workflows, API integrations, triggers, permissions, retries, monitoring, and GitHub automation. |
| super-cloud | AWS, Azure, GCP, infrastructure as code, Terraform, networking, containers, reliability, and cost optimisation. |
| super-data-analytics | Pipelines, BI dashboards, SQL optimisation, metrics, data quality, and analytics workflows. |
| super-design-core | UI/UX, product design, design systems, frontend UI patterns, IA, flows, and visual systems. |
| super-design-quality | Accessibility, WCAG, responsive testing, visual consistency, UI polish, and remediation plans. |
| super-engineering-devops | Architecture, full-stack implementation, CI/CD, observability, incidents, testing, and reliability. |
| super-gaming-3d-media | Game engines, Three.js, animation, audio/video workflows, asset pipelines, and performance. |
| super-healthcare-wellness | Health trend analysis, care workflows, wellness data, safety boundaries, and non-diagnostic guidance. |
| super-industry-ops | Logistics, manufacturing, procurement, production scheduling, supply chain workflows, and operational quality. |
| super-legal-hr-compliance | Contracts, policies, HR processes, obligations, internal comms, and non-security regulatory guidance. |
| super-marketing-execution | Campaign orchestration, CRO, copywriting, analytics, email, social, paid ads, and growth execution. |
| super-marketing-strategy | Positioning, ICP, product marketing, growth hypotheses, content strategy, launch strategy, and GTM planning. |
| super-office-docs-presentation | Documents, PDFs, presentations, spreadsheets, documentation systems, templates, and productivity automation. |
| super-product-business-finance | Market sizing, startup analysis, pricing, monetisation, roadmap decisions, and PM frameworks. |
| super-security | Security audits, threat modelling, web security testing, application security, API security, and remediation workflows. |
| super-seo-foundation | Technical SEO, SEO audits, crawlability, indexing, schema, sitemaps, hreflang, Core Web Vitals, and Google tooling. |
| super-seo-growth | AI SEO, GEO, LLM visibility, content optimisation, programmatic SEO, and citation readiness. |
| super-specialized-platform-sdks | Shopify, Salesforce, Telegram bots, commerce platforms, CRM/ERP integrations, and messaging workflows. |
Start with the skill that matches the task. Use the catalogue when you want to browse the full collection or install multiple skills.
See VERSION and CHANGELOG.md.
MIT. See the root repository LICENSE.