Search Results: soc2

Found 20 Skills

Security & Complianceoakoss/agent-skills

application-security

Application security covering threat modeling (STRIDE), OWASP Top 10 (2025), OWASP API Security Top 10 (2023), secure coding review, authentication/authorization patterns, input validation, encryption, security headers, supply chain security, compliance (GDPR/HIPAA/SOC2/PCI-DSS), and security monitoring. Use when reviewing code for vulnerabilities, implementing auth patterns, securing APIs, configuring security headers, hardening supply chain, preventing injection attacks, or preparing for compliance audits.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicessamhvw8/dotfiles

infra-engineer

Comprehensive infrastructure engineering covering DevOps, cloud platforms, FinOps, and DevSecOps. Platforms: AWS (EC2, Lambda, S3, ECS, EKS, RDS, CloudFormation), Azure basics, Cloudflare (Workers, R2, D1, Pages), GCP (GKE, Cloud Run, Cloud Storage), Docker, Kubernetes. Capabilities: CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins), GitOps, infrastructure as code (Terraform, CloudFormation), container orchestration, cost optimization, security scanning, vulnerability management, secrets management, compliance (SOC2, HIPAA). Actions: deploy, configure, manage, scale, monitor, secure, optimize cloud infrastructure. Keywords: AWS, EC2, Lambda, S3, ECS, EKS, RDS, CloudFormation, Azure, Kubernetes, k8s, Docker, Terraform, CI/CD, GitHub Actions, GitLab CI, Jenkins, ArgoCD, Flux, cost optimization, FinOps, reserved instances, spot instances, security scanning, SAST, DAST, vulnerability management, secrets management, Vault, compliance, monitoring, observability. Use when: deploying to AWS/Azure/GCP/Cloudflare, setting up CI/CD pipelines, implementing GitOps workflows, managing Kubernetes clusters, optimizing cloud costs, implementing security best practices, managing infrastructure as code, container orchestration, compliance requirements, cost analysis and optimization.

🇺🇸|EnglishTranslated

4 scripts/Attention

Security & Compliancewalletconnect/skills

security-audit-owasp-top-10

Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling.

🇺🇸|EnglishTranslated

Security & Compliancecuriositech/some_claude_s...

security-auditor

Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).

🇺🇸|EnglishTranslated

3 scripts/Attention

Security & Complianceaj-geddes/useful-ai-promp...

security-compliance-audit

Conduct comprehensive security compliance audits for SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001. Use when preparing for certification, annual audits, or compliance validation.

🇺🇸|EnglishTranslated

Security & Compliancejeremylongshore/claude-co...

penetration-test-planner

Penetration Test Planner - Auto-activating skill for Security Advanced. Triggers on: penetration test planner, penetration test planner Part of the Security Advanced skill category.

🇺🇸|EnglishTranslated

Security & Compliancejg-chalk-io/nora-livekit

moai-security-compliance

Enterprise Skill for advanced development

🇺🇸|EnglishTranslated

Security & Complianceopen-agreements/open-agre...

iso-27001-evidence-collection

Collect, organize, and validate evidence for ISO 27001 and SOC 2 audits. API-first approach with CLI commands for major cloud platforms. Produces timestamped, auditor-ready evidence packages.

🇺🇸|EnglishTranslated