Total 43,771 skills, Security & Compliance has 1633 skills
Showing 12 of 1633 skills
Drafts U.S. regulatory client advisory summaries translating legal developments into actionable risk and compliance guidance. Use when a client needs a proactive memo, client alert, or legal-update brief for a new law, case, rulemaking, agency guidance, or pending reform. Trigger on requests for "client advisory," "regulatory update," "legal alert," "compliance briefing," "new law summary," or "quarterly advisory."
Security audit patterns for PHP/OWASP. Use when conducting security assessments, identifying vulnerabilities (XXE, SQL injection, XSS), or CVSS scoring.
Design security testing solutions, including OWASP Top 10, penetration testing, and vulnerability scanning. Default output is Markdown, and Excel/CSV/JSON output is available upon request. Use for security testing or security-testing.
Profile a website for bot detection vendors using stealth vs non-stealth Kernel browsers. Use when analyzing bot detection on a website, comparing stealth effectiveness, identifying anti-bot vendors and products, or detecting challenge types.
Эксперт по защите от SQL injection. Используй для parameterized queries, input validation и database security.
Application security principles and OWASP Top 10. Covers injection prevention, authentication, authorization, data protection, secrets management, and security review practices.
Use this skill whenever writing, reviewing, or refactoring Terraform code that provisions Azure resources. The skill enforces Microsoft Cloud Security Benchmark (MCSB) controls, CIS Azure Foundations Benchmark v2.0 rules, Azure Well-Architected Framework Security Pillar recommendations, and all Terraform IaC best practices that prevent Microsoft Defender for Cloud security recommendations from being raised. Activate whenever the user mentions Azure, azurerm provider, ARM, Defender for Cloud, Terraform on Azure, AKS, App Service, Storage, Key Vault, SQL, PostgreSQL, MySQL, Redis, Service Bus, Event Hub, Cosmos DB, API Management, or any Azure PaaS in a Terraform context — even if they don't explicitly ask about security or MDC.
Solidity security patterns, common vulnerabilities, and pre-deploy audit checklist. The specific code patterns that prevent real losses — not just warnings, but defensive implementations. Use before deploying any contract, when reviewing code, or when building anything that holds or moves value.
Analyzes system and application logs to detect anomalies and security threats in blue-team operations.
Orchestrates Tizen certification workflow. Coordinates TCT test execution, compliance verification, and certification documentation.
Audit content and assets for brand compliance — style guide validation, tone of voice checking, visual identity consistency, brand asset management, and cross-channel coherence.
Security best practices and threat mitigation patterns for PACT framework development. Use when: implementing authentication or authorization, handling API credentials, integrating external APIs, processing sensitive data (PII, financial, health), reviewing code for vulnerabilities, or enforcing SACROSANCT security rules. Triggers on: security audit, credential handling, OWASP, auth flows, encryption, data protection, backend proxy pattern, frontend credential exposure.