Loading...
Loading...
Found 199 Skills
Guides cloud compliance—mapping SOC 2, ISO 27001, HIPAA, PCI DSS, FedRAMP, and data-residency requirements to cloud controls; collecting audit evidence from AWS, GCP, and Azure APIs; shared-responsibility narratives; CSPM/Config continuous monitoring; customer assurance questionnaires (CAIQ/SIG); and cloud-specific gap remediation before attestations. Use when scoping regulated workloads in cloud, preparing cloud control evidence for auditors, interpreting provider compliance artifacts (BAA, PCI AOC, FedRAMP packages), or proving residency and logging in multi-account estates—not for org-wide GRC programs and audit coordination without cloud evidence (compliance-specialist), non-cloud systems evidence automation (compliance-engineer), implementing security guardrails (cloud-security-engineer), legal DPAs or contract redlines (commercial-counsel), security strategy (cybersecurity), or CI pipeline gates only (devsecops).
Senior FDA consultant and specialist for medical device companies including HIPAA compliance and requirement management. Provides FDA pathway expertise, QSR compliance, cybersecurity guidance, and regulatory submission support. Use for FDA submission planning, QSR compliance assessments, HIPAA evaluations, and FDA regulatory strategy development.
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
C/C++/CAPL best practices for automotive embedded systems. This skill should be used when writing, reviewing, or refactoring embedded C/C++ code or CAPL scripts targeting automotive ECUs, following MISRA, AUTOSAR, ISO 26262, and ISO 21434 guidelines. Triggers on tasks involving embedded firmware, CAN/CAN FD/LIN/Ethernet communication, TCP/UDP/DoIP/SOME-IP protocols, RTOS programming, safety-critical code, cybersecurity, diagnostics (UDS), CAPL test automation, or calibration toolchain integration.
Guides information security engineering—implementing and operating security controls, identity and access systems, encryption and secrets management, security tool integrations (SIEM, EDR, SOAR), cloud guardrails, hardening baselines, and remediation engineering for vulnerabilities. Use when building SSO/RBAC/PAM patterns, configuring KMS or certificate lifecycle, deploying WAF/DLP or EDR connectors, writing security-as-code policies (OPA, SCPs, CIS benchmarks), integrating logging to SIEM, automating security workflows, or validating control fixes—not for SOC triage (soc-analyst), pentesting (penetration-tester, network-pentester, web-pentester), red team (red-team-specialist), CI gates only (devsecops), platform provisioning without security ownership (infrastructure-engineer), CISO/exec program (chief-information-security-officer), security program strategy (cybersecurity), GRC program and audit prep (compliance-specialist), or product tenancy isolation (product-infrastructure-security-engineer).
Guides data center design and build execution—site and tier selection, capacity and density planning (kW/rack, floor loading), power and cooling architecture, physical layout and containment, network meet-me and carrier connectivity, standards alignment (TIA-942, Uptime tiers), contractor coordination, commissioning, and operational handoff (DCIM, monitoring). Use when planning a new or expanded colo/on-prem facility, reviewing MEP and rack layouts, sizing power/cooling for GPU or HPC density, running DC build phases, or accepting a hall from design—not for cloud VPC/IaC (infrastructure-engineer), K8s deploy (cluster-deployment-engineer), ADRs (senior-system-architecture), GRC-only (cybersecurity), compute utilization (data-center-compute-supply-efficiency), DC portfolio (data-center-portfolio-planning-execution-lead), or capacity delivery schedule (senior-data-center-capacity-delivery-manager).
Guides technical program management for security coordinated vulnerability disclosure (CVD)— disclosure policy, intake and triage SLAs, researcher coordination, fix/remediation tracking, embargo and publication timelines, CVE/advisory coordination, bug bounty program operations, and cross-functional gates (security engineering, legal, comms, product). Use when running a CVD or responsible disclosure program, disclosure calendar, bounty ops, or unblocking multi-team remediation for reported vulnerabilities—not for hands-on pentest (offensive-security-analyst), SOC triage (defensive-security-analyst), vuln scanning in CI (devsecops), enterprise security strategy (cybersecurity), generic non-security programs (technical-program-manager), or contract redlines (commercial-counsel).
Guides SOC operations—alert triage, SIEM/EDR investigation, enrichment, playbook execution, false-positive closure, escalation decisions, and detection tuning feedback. Use when working SOC queues, investigating suspicious alerts, correlating events, documenting analyst notes, or deciding escalate vs close—not for declared incident command, timelines, evidence preservation, or regulatory comms (incident-responder), incident program design (incident-management-engineer), binary/firmware RE (reverse-engineer), red team operations (red-team-specialist), or enterprise security strategy (cybersecurity).
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Guides AI ops leadership—LLM SRE, model/prompt releases, eval/incidents, cost/capacity, vendors, and cross-functional cadence. Use for AI platform ops, LLM SLAs, incidents, rollout governance, unit economics, red-team/eval gates, and team rituals—not memory (ai-memory-developer), context code (ai-context-engineer), security programs (cybersecurity), token roadmaps (ai-token-improvement-plan-engineer), solution architecture (applied-ai-architect-commercial-enterprise), skills portfolio (ai-skill-manager), or vertical AI product eng management (engineering-manager-vertical-ai-products). Prompt/eval team management and golden-set release policy: engineering-manager-agent-prompts-evals. Safeguard inference platform: ml-infrastructure-engineer-safeguards. Safeguard model research: ml-research-engineer-safeguards.
Steganography detection and extraction playbook. Use when analyzing images (LSB, PNG chunks, JPEG DCT, EXIF), audio (spectrogram, DTMF), files (polyglots, appended data, ADS), and text (whitespace, zero-width, homoglyphs) for hidden data.
Solve CTF challenges by analyzing files, connecting to services, and applying exploitation techniques. Orchestrates category-specific CTF skills.