Total 50,523 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Guide regulatory filing obligations and deadlines for investment advisers, broker-dealers, and large traders. Use when the user asks about Form PF filing thresholds, 13F institutional holdings reports, 13H large trader filings, Form ADV amendment timing, FOCUS report preparation, blue sheet requests, CAT reporting infrastructure, or FINRA short interest and TRACE reporting. Also trigger when users mention 'filing deadline calendar', 'do we need to file Form PF', 'crossed the $100M 13F threshold', 'annual updating amendment', 'CAT clock synchronization', 'how to respond to a blue sheet request', 'FOCUS report errors', or ask which regulatory filings a firm must make and when.
Install, configure, and operate Strix for AI-driven application security testing. Use when you need to run authorized vulnerability scans against local codebases, GitHub repositories, staging URLs, domains, or CI pipelines; configure Docker and LLM providers; choose quick, standard, or deep scan depth; or pass authenticated testing instructions to Strix. Triggers on: strix, ai pentest, vulnerability scan cli, appsec scan, bug bounty automation, strix ci, strix docker, strix scan mode, strix instruction file, headless security scan.
Google reCAPTCHA integration. Manage data, records, and automate workflows. Use when the user wants to interact with Google reCAPTCHA data.
Think and act like an attacker to identify security vulnerabilities, weaknesses, and penetration vectors through adversarial security testing
Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate and audit workflows. Locks down install-time scripts, registries, version ranges, and CI checks.
Alert Logic integration. Manage data, records, and automate workflows. Use when the user wants to interact with Alert Logic data.
Dope.security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Dope.security data.
Solution skill for using WAF to protect web applications on ECS. Used for quickly deploying network environments including VPC, security groups, and ECS instances, and integrating WAF for web application protection. Trigger words: "WAF protection", "ECS web protection", "Web Application Firewall", "website security"
Query and handle security risk events from Alibaba Cloud Data Security Center. Supports viewing the list of unprocessed risk events and performing manual handling operations on risk events. Trigger words: "Data Security Center", "security risk events", "DSC", "risk handling", "DescribeRiskRules", "PreHandleAuditRisk"
Open redirect playbook. Use when URL parameters, form actions, or JavaScript sinks control navigation targets and may redirect users to attacker-controlled destinations.
Verify supply chain integrity for AI agent plugins, tools, and dependencies. Use this skill when: - Generating SHA-256 integrity manifests for agent plugins or tool packages - Verifying that installed plugins match their published manifests - Detecting tampered, modified, or untracked files in agent tool directories - Auditing dependency pinning and version policies for agent components - Building provenance chains for agent plugin promotion (dev → staging → production) - Any request like "verify plugin integrity", "generate manifest", "check supply chain", or "sign this plugin"
Faraday integration. Manage Organizations. Use when the user wants to interact with Faraday data.