Total 50,523 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Identify and prevent sales practice violations under FINRA and SEC rules governing broker-dealer conduct. Use when the user asks about churning or excessive trading metrics, mutual fund breakpoint discounts, selling away or private securities transactions, outside business activities, unauthorized trading, supervisory procedure design, senior investor protections, trusted contact persons, variable annuity suitability, or options account approval. Also trigger when users mention 'turnover ratio is high', 'rep did trades without authorization', 'breakpoint abuse', 'trusted contact for elderly client', 'selling away from the firm', 'supervision failure', '1035 exchange review', 'marking the close', or ask whether a broker's conduct violates FINRA rules.
Use when you need to design, review, or improve security in Micronaut applications — including micronaut-security authentication, @Secured and intercept-url-map rules, JWT/session strategies, SecurityService checks, CORS, CSRF awareness for browser apps, rejection handlers, and sensitive-data-safe logging. This should trigger for requests such as Add Micronaut security support; Review Micronaut security configuration; Improve API authorization in Micronaut; Add JWT security in Micronaut; Harden Micronaut route authorization rules. Part of cursor-rules-java project
Edit IDA databases. Use when asked to add comments, rename symbols, apply types, create bookmarks, or clean up decompiled code for review.
IDA type system. Use when asked to create, modify, or apply structs, unions, enums, typedefs, or parse C declarations.
Write and execute Python scripts using the IDA Domain API for reverse engineering. Analyze binaries, extract functions, strings, cross-references, decompile code, work with IDA Pro databases (.i64/.idb). Use when user wants to analyze binaries, reverse engineer executables, or automate IDA Pro tasks.
Guides proactive threat hunting for advanced SOC—hypothesis-driven hunt campaigns, advanced SIEM/query workflows, baseline and anomaly analysis, MITRE ATT&CK–aligned techniques, threat intel fusion, detection engineering feedback, and hunt reporting with IR handoff. Use for threat hunting, proactive hunt, hypothesis-driven detection, advanced SOC, hunt campaign, detection engineering, MITRE ATT&CK hunt, anomaly hunting—not routine SOC alert triage (soc-analyst), declared incident command (incident-responder), adversary simulation campaigns (red-team-specialist), disk forensics acquisition (digital-forensics-analyst), authorized pentest (penetration-tester), or binary RE lab work (reverse-engineer).
Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).
Guides cybersecurity isolation controls using MITRE D3FEND—access mediation, content filtering, execution isolation, and network segmentation. Covers access policies, permissions, content validation, process isolation, allowlisting, and traffic filtering. Use when segmenting networks, restricting access, filtering content, or isolating execution—not for detection (d3fend-detect), hardening (d3fend-harden), or deception (d3fend-deceive).
Verifies identity documents via the Didit standalone API. Use when verifying a passport, ID card, driver's license, or residence permit, performing OCR extraction, MRZ parsing, document authenticity checks, or KYC document validation. Supports 4000+ document types across 220+ countries.
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
OpenClaw security scanning skill that performs comprehensive system security audits and generates human-friendly reports
WireGuard-based rapid VPN networking software for Linux with HTTP API and utility tools