Total 43,811 skills, Security & Compliance has 1635 skills
Showing 12 of 1635 skills
This skill should be used when the user asks to "follow red team methodology", "perform bug bounty hunting", "automate reconnaissance", "hunt for XSS vulnerabilities", "enumerate su...
Triage and remediation workflow for Conviso vulnerabilities using conviso-cli, with safe defaults (read-only and preview-first) and explicit human approval for apply mode.
Assign vulnerability owners at scale using conviso-cli with mapping-driven rules, preview-first execution, and explicit apply confirmation.
Security baseline for AAVE integration and execution scripts. Use when user asks for AAVE security review, pre-trade checks, liquidation safety, allowance minimization, or execution hardening.
Generate security fixes from detect-dev findings with regression tests. Use when remediating security vulnerabilities.
Red-team security review for code changes. Use when reviewing pending git changes, branch diffs, or new features for security vulnerabilities, permission gaps, injection risks, and attack vectors. Acts as a pen-tester analyzing code.
Use this skill when working with the field-guard library (TypeScript field-level access control). Provides patterns for defineGuard, withCheck, withDerive, combineGuards, and mergeFieldVerdicts.
Ghost Security - Software Composition Analysis (SCA) scanner. Scans dependency lockfiles for known vulnerabilities, identifies CVEs, and generates findings with severity levels and remediation guidance. Use when the user asks about dependency vulnerabilities, vulnerable packages, CVE checks, security audits of dependencies, or wants to scan lockfiles like package-lock.json, yarn.lock, go.sum, or Gemfile.lock.
Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.
Hardens designs and implementations with structured security reviews.
Harden configuration and defaults for safer deployment. Use when a mid-level developer needs to reduce misconfig risks.
Senior Data Security Architect & Forensic Auditor for 2026. Specialized in Row Level Security (RLS) enforcement, Zero-Trust database architecture, and automated data access auditing. Expert in neutralizing unauthorized access in Convex, Supabase, and Postgres environments through strict policy validation, JIT (Just-in-Time) access controls, and forensic trace analysis.