Loading...
Loading...
Found 56 Skills
Handles sensitive data securely in Terraform. Use when managing passwords, API keys, database credentials, encryption keys, or other secrets. Covers Google Secret Manager integration, preventing secrets in state, IAM-based secret access, encryption, and security best practices.
Implement field-level encryption with @cipherstash/stack. Covers schema definition, encrypt/decrypt operations, searchable encryption (equality, free-text, range, JSON), bulk operations, model operations, identity-aware encryption with LockContext, multi-tenant keysets, and the full TypeScript type system. Use when adding encryption to a project, defining encrypted schemas, or working with the CipherStash Encryption API.
Manages environment variables and secrets securely with encryption, rotation, and provider integration. Use when users request "secrets management", "environment variables", "API keys", "credentials storage", or "secret rotation".
This skill should be used when the user asks to "check for cryptographic issues", "analyze encryption", "find weak hashing", "audit password storage", "check for hardcoded keys", or mentions "cryptography", "encryption", "hashing", "TLS", "certificates", or "random number generation" in a security context. Maps to OWASP Top 10 2021 A02: Cryptographic Failures.
SOPS and age encryption for secrets management in git repositories. Use when: (1) Setting up encrypted secrets in a project (initial .sops.yaml configuration) (2) Encrypting/decrypting YAML, JSON, ENV, or INI files with age keys (3) Managing age keys (generation, distribution, rotation) (4) Configuring path-based encryption rules for different environments (5) Integrating SOPS decryption in CI/CD pipelines (GitHub Actions, GitLab CI) (6) Troubleshooting SOPS decryption failures or key issues (7) Selective encryption with encrypted_regex patterns
Security best practices and threat mitigation patterns for PACT framework development. Use when: implementing authentication or authorization, handling API credentials, integrating external APIs, processing sensitive data (PII, financial, health), reviewing code for vulnerabilities, or enforcing SACROSANCT security rules. Triggers on: security audit, credential handling, OWASP, auth flows, encryption, data protection, backend proxy pattern, frontend credential exposure.
Implement PCI DSS compliance requirements for secure handling of payment card data and payment systems. Use when securing payment processing, achieving PCI compliance, or implementing payment card security measures.
This skill should be used when the user asks to "create BAP identity", "new BAP", "Type42 identity", "Legacy BAP identity", "generate BAP", "set up BAP identity", "initialize BAP", or needs to create Bitcoin Attestation Protocol identities using the bap CLI.