Autonomous multi-source security intelligence agent. Scans GitHub PRs for vulnerabilities using cross-source context from Slack and codebase architecture. Finds risks that single-source scanners miss by correlating data across tools.

Use when implementing Auth0 authentication in Nuxt 3/4 applications, configuring session management, protecting routes with middleware, or integrating API access tokens - provides setup patterns, composable usage, and security best practices for the @auth0/auth0-nuxt SDK

Phalanx runs parallel-fork CVE remediation on a GitHub repository. Paste a repo URL, and the skill detects critical CVEs in the dependency tree, forks the dependency state N ways via Ghost, validates each hypothesis in isolated InsForge backends, cancels false positives mid-flight via Redis Pub/Sub, converts the Dockerfile to a Chainguard zero-CVE base, and publishes a signed evidence chain to cited.md. Use when the user asks to scan a repository for vulnerabilities, remediate a CVE autonomously, generate an SBOM with attestation, or produce a legally-defensible security remediation record. Also use for keywords like "CVE", "supply chain attack", "dependency audit", "zero-day remediation", "SBOM", "Sigstore", or "security remediation."

Use when adding MFA, 2FA, TOTP, SMS codes, push notifications, passkeys, or when requiring step-up verification for sensitive operations or meeting compliance requirements (HIPAA, PCI-DSS) - covers adaptive and risk-based authentication with Auth0.

Add authentication and authorization to an app — login, signup, session management, and protected routes. Supports Auth0, NextAuth, Clerk, Supabase Auth, and custom JWT. Use when the user says "add login", "protect this route", "add auth", or "users need accounts".