Loading...
Loading...
Found 2,247 Skills
Use when you need comprehensive security scanning across applications, infrastructure, and dependencies with LLM-based analysis
Configures VPC endpoints (interface and gateway) for private AWS service access using AWS PrivateLink. Use when setting up secure private connectivity to S3, DynamoDB, and other AWS services without internet gateway, NAT device, or public IP addresses. Covers endpoint creation, security groups, route tables, and DNS configuration.
Launches an EC2 instance with secure, cost-efficient defaults including AMI selection, burstable instance sizing, least-privilege IAM roles, hardened security groups, encrypted EBS volumes, and comprehensive tagging. Use when deploying new EC2 instances following AWS best practices for security and cost optimization.
Use this skill first for any SpacetimeDB task; it routes to focused skills for modules, tables, reducers, procedures, views, clients, subscriptions, CLI commands, auth, RLS, HTTP APIs, SQL, deployment, serialization, tutorials, quickstarts, and upgrades. Triggers on: spacetime, spacetimedb, SpacetimeDB, stdb, module, reducer, table, procedure, view, subscription, DbConnection, spacetime generate, spacetime publish, spacetime sql, BSATN, SATS, row-level security, RLS, Maincloud, standalone, Unity, Unreal.
Use when reviewing code, pull requests, branches, diffs, or changed files for quality, correctness, security, performance, and style issues.
Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIPAA/GDPR), security architecture strategy, incident response leadership, and board-level security reporting. Use when building security programs, justifying security budget, selecting compliance frameworks, managing incidents, assessing vendor risk, or when user mentions CISO, security strategy, compliance roadmap, zero trust, or board security reporting.
Tests authentication and authorization mechanisms in mobile application APIs to identify broken authentication, insecure token management, session fixation, privilege escalation, and IDOR vulnerabilities. Use when performing API security assessments against mobile app backends, testing JWT implementations, evaluating OAuth flows, or assessing session management. Activates for requests involving mobile API auth testing, token security assessment, OAuth mobile flow testing, or API authorization bypass.
Execute a wireless network penetration test to assess WiFi security by capturing handshakes, cracking WPA2/WPA3 keys, detecting rogue access points, and testing wireless segmentation using Aircrack-ng and related tools.
Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG) methodology to identify vulnerabilities in authentication, authorization, input validation, session management, and business logic. The tester uses Burp Suite as the primary interception proxy alongside manual testing techniques to find flaws that automated scanners miss. Activates for requests involving web app pentest, OWASP testing, application security assessment, or web vulnerability testing.
Israeli Privacy Protection Law compliance guidance including Amendment 13 (effective August 14, 2025), database registration, consent requirements, data security, cross-border transfers, breach notification, privacy protection officer appointment, and AI governance. Use when user asks about Israeli privacy law, "haganat pratiut", "tikun 13", data protection in Israel, GDPR compliance for Israeli companies, privacy policy requirements, or database registration. Covers the Privacy Protection Law 1981, Amendment 13, and 2017 Security Regulations. Do NOT use for EU GDPR-only questions without Israeli context.
Use when you need to design, review, or improve security in Spring Boot applications — including SecurityFilterChain, OAuth2/JWT resource server patterns, form login basics, method security (@PreAuthorize), CSRF and CORS for APIs, session fixation, security headers, exception handling, password encoding, and sensitive-data-safe logging. This should trigger for requests such as Add Spring Boot security support; Review Spring Boot security configuration; Improve API authorization in Spring Boot; Add JWT resource server security in Spring Boot; Harden Spring Boot security headers and CSRF settings. Part of cursor-rules-java project
Guides VP-level cloud program leadership—multi-year cloud strategy and migration/modernization portfolio, landing zone and CCoE operating model at org scale, hyperscaler enterprise agreement and commit governance, hybrid/multi-cloud posture, cloud center of excellence and talent, and board/CFO/CTO cloud narratives. Use when setting cloud direction, prioritizing migration waves, governing EA/MACC and cloud spend envelope, designing federated cloud org model, steering CCoE and standards adoption, preparing executive or board cloud updates, or adjudicating product vs platform vs security cloud trade-offs—not for Terraform/K8s implementation (cloud-engineer, infrastructure-engineer), landing zone technical design (enterprise-cloud-architect, cloud-architect), monthly CUR FinOps (finops-analyst), TCO/NPV modeling (cloud-economist), full infra portfolio including DC capex (vp-of-infrastructure), or GL close (compute-accounting-manager).