Loading...
Loading...
Found 2,245 Skills
Alibaba Cloud Security Center (SAS) CWPP host security alert handling skill. Used for querying, analyzing, and handling security alerts from Cloud Security Center. Triggers: "security alert", "alert handling", "CWPP alert", "Cloud Security Center alert", "SAS alert", "Aegis alert", "view alerts", "handle alerts"
SecurityTrails integration. Manage data, records, and automate workflows. Use when the user wants to interact with SecurityTrails data.
Duo Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Duo Security data.
Use this skill whenever performing security threat modeling, attack surface mapping, or trust boundary analysis on a codebase. Triggers on 'threat model', 'security review', 'attack surface', 'trust boundaries', or when assessing a project's security posture. Also trigger when the user is about to build security-sensitive features (auth, crypto, file I/O, network services, native bridges) and needs to understand the threat landscape first — even if they don't explicitly say "threat model." Also triggers on 'what changed' or 'diff analysis' for incremental security review of recent commits.
Automated code review and analysis. Use when: user wants to review code changes, check for issues, analyze complexity, or perform security scans.
Orchestrates the Security Ecosystem by running security-auditor and adaptive-guard in the correct order. Manages audit phases, trust scoring, guard activation, incident response, and calibration. Trigger on 'security orchestrator', 'run security', 'audit and guard', or 'security workflow'.
Scans code for security vulnerabilities — injection flaws, authentication gaps, XSS vectors, mass assignment, CSRF, insecure deserialization, sensitive data exposure, broken access control, and misconfigurations. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "security scan", "security audit", "vulnerability check", "find security issues".
Reviews code for quality, security, tests, and project standards (PEP 8, type hints, VERSION, Docker, funcoes.md). Use when reviewing pull requests, code changes, or when the user asks for a code review or quality check.
Code review and audit system with specialized sub-skills covering SOLID principles, security, performance, architecture, error handling, testing, code smells, design patterns, and framework best practices. Generates severity-scored findings with copy-pasteable fix prompts. Strictly read-only — never modifies user code. Use when user says "review", "audit", "code review", "check my code", "security scan", "code smells", "SOLID check".
WhiteHat Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with WhiteHat Security data.
Configures SQL audit logging on CockroachDB clusters to capture security-relevant events including authentication, privilege changes, and sensitive data access. Use when enabling audit logging for compliance, setting up role-based audit policies, or verifying audit configuration.
Picoclaw security posture skill with advisory awareness, configuration drift detection, and supply-chain verification guidance.