Loading...
Loading...
Found 64 Skills
Guides information security risk analysis—risk identification and scoring, risk registers, threat/vulnerability/control mapping, treatment recommendations (accept/mitigate/transfer/avoid), third-party and supply-chain risk framing, business impact analysis, KRIs, and risk committee or board narratives. Aligns with ISO 27005 and NIST RMF concepts without full compliance audits. Use for security risk assessment, risk register maintenance, inherent/residual risk scoring, FAIR-style quantitative framing, treatment decisions, third-party risk tiers, or executive risk reporting—not SOC alert triage (soc-analyst), pentest execution (penetration-tester, web-pentester, network-pentester), control implementation (information-security-engineer, cloud-security-engineer), GRC program and audit prep (compliance-specialist), audit evidence automation (compliance-engineer, cloud-compliance-specialist), AI model risk programs (ai-risk-governance), or adversary simulation (red-team-specialist).
Comprehensive Cloudflare platform skill covering Workers, Pages, storage (KV, D1, R2), AI (Workers AI, Vectorize, Agents SDK), networking (Tunnel, Spectrum), security (WAF, DDoS), and infrastructure-as-code (Terraform, Pulumi). Use for any Cloudflare development task.
Generates security-focused guidance for Google Cloud workloads based on the design principles and recommendations in the Google Cloud Well-Architected Framework (WAF). Use this skill to evaluate a workload, identify security requirements, and provide actionable recommendations for IAM, network security, data protection, and operational security.
Configure network security groups and firewall rules to control inbound/outbound traffic and implement network segmentation.
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Expert in ethical hacking, vulnerability assessment, and offensive security testing (Web/Network/Cloud).
Эксперт по S3 политикам. Используй для IAM policies, bucket permissions, cross-account access и security best practices.
Comprehensive guide to AWS cloud architecture covering compute, storage, databases, networking, security, serverless, and cost optimization with production-ready patterns
Expert AWS Cloud Advisor for architecture design, security review, and implementation guidance. Leverages AWS MCP tools for accurate, documentation-backed answers. Use when user asks about AWS architecture, security, service selection, migrations, troubleshooting, or learning AWS. Triggers on AWS, Lambda, S3, EC2, ECS, EKS, DynamoDB, RDS, CloudFormation, CDK, Terraform, Serverless, SAM, IAM, VPC, API Gateway, or any AWS service.
Use when reviewing AWS architecture, designing cloud systems, addressing operational issues, security concerns, reliability problems, performance bottlenecks, cost overruns, or sustainability goals
Configure AWS CloudTrail for audit logging. Set up organization trails and event analysis. Use when auditing AWS activity.
AWS Secrets Manager for secure secret storage and rotation. Use when storing credentials, configuring automatic rotation, managing secret versions, retrieving secrets in applications, or integrating with RDS.