Loading...
Loading...
Found 91 Skills
Cloud security posture management and container security assessment for AWS, Azure, GCP, and Kubernetes.
Use this skill whenever writing, reviewing, or refactoring Terraform code that provisions Azure resources. The skill enforces Microsoft Cloud Security Benchmark (MCSB) controls, CIS Azure Foundations Benchmark v2.0 rules, Azure Well-Architected Framework Security Pillar recommendations, and all Terraform IaC best practices that prevent Microsoft Defender for Cloud security recommendations from being raised. Activate whenever the user mentions Azure, azurerm provider, ARM, Defender for Cloud, Terraform on Azure, AKS, App Service, Storage, Key Vault, SQL, PostgreSQL, MySQL, Redis, Service Bus, Event Hub, Cosmos DB, API Management, or any Azure PaaS in a Terraform context — even if they don't explicitly ask about security or MDC.
Эксперт по S3 политикам. Используй для IAM policies, bucket permissions, cross-account access и security best practices.
Expert knowledge for Azure Static Web Apps development including troubleshooting, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when wiring SWA APIs to Azure DBs, configuring custom domains/auth, CI/CD, preview slots, or Front Door/CDN, and other Azure Static Web Apps related development tasks. Not for Azure App Service (use azure-app-service), Azure Functions (use azure-functions), Azure Container Apps (use azure-container-apps), Azure Kubernetes Service (AKS) (use azure-kubernetes-service).
Subdomain takeover detection and exploitation playbook. Use when targets have dangling CNAME/NS/MX records pointing to deprovisioned cloud resources, expired third-party services, or unclaimed SaaS tenants that an attacker can register to serve content under the victim's domain.
Kubernetes penetration testing playbook. Use when targeting Kubernetes clusters via API server, RBAC enumeration, service account abuse, etcd access, Kubelet API, pod escape, cloud-specific metadata, admission webhook bypass, and registry secrets.
Use when designing cloud deployments, Dockerising applications, laying out AWS or GCP environments, choosing a deployment pattern, or moving a workload from a single VM to a resilient multi-AZ topology.