Loading...
Loading...
Found 11 Skills
Create security policies, guidelines, compliance documentation, and security best practices. Use when documenting security policies, compliance requirements, or security guidelines.
Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices. Includes security scanning, vulnerability assessment, compliance checking, and security automation. Use when implementing security controls, conducting security audits, responding to vulnerabilities, or ensuring compliance requirements.
Guides users through configuring Content Security Policy (CSP) in Tauri v2 applications to prevent XSS attacks and enhance security by restricting resource loading.
OWASP ASVS 5.0 Level 1 security audit with deterministic, evidence-based findings. Use this when asked for a security audit or asvs audit.
Apply Spatie's security guidelines when configuring applications, databases, or servers, or when reviewing code for security concerns; use for SSL setup, CSRF protection, password hashing, database permissions, and server hardening.
Secure coding practices and defensive programming patterns for building security-first applications. Use when implementing authentication, handling user input, managing sensitive data, or conducting secure code reviews.
Apply when deciding or implementing permissions and authorization boundaries for VTEX IO apps. Covers manifest policies, outbound-access rules, least-privilege design, and how service routes or integrations map to explicit permissions. Use for deciding who is authorized to call or consume a capability, adding new integrations, exposing protected routes, or reviewing app permissions for overreach or missing access.
OWASP Security Checklist
Apply when reviewing or designing security-sensitive boundaries in VTEX IO apps. Covers public versus private exposure, trust assumptions at route and integration boundaries, sensitive data handling, validating what crosses the app boundary, and avoiding leakage across accounts, workspaces, users, or integrations. Use for route hardening, data exposure review, or evaluating whether a service boundary is too permissive.
WhiteHat Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with WhiteHat Security data.
use this skill whenever the user wants to list and filter application security findings, discover applications and versions, and manage applications using Fortify Software Security Center (SSC). Triggers include: any mention of 'SSC', 'list vulnerabilities', 'list applications', and similar requests indicating interaction with Fortify SSC for application security tasks. OpenText Application Security is the new name for Fortify Software Security Center.