Total 43,574 skills, Security & Compliance has 1631 skills
Showing 12 of 1631 skills
Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).
Secure credential management for trading platforms
Enforce secure secrets management across all platforms. Never hardcode OAuth2 secrets, API keys, tokens, passwords, or credentials in source code. Store all secrets in .env files, load from environment variables, and ensure .env is gitignored. Use this skill when: (1) writing any code that uses API keys, OAuth2 client secrets, tokens, or credentials, (2) setting up authentication or third-party integrations, (3) creating new projects that need environment configuration, (4) reviewing code for security issues related to secrets, (5) configuring CI/CD pipelines or Docker deployments with secrets. Triggers: API key, OAuth, client secret, token, credentials, .env, environment variables, secret, password, authentication setup, third-party integration.
Security best practices, API key management, input validation. Use when handling secrets, user input, or security-sensitive code.
Security guidelines for API route development
Privacy and shielded transactions on Base via Veil Cash - ZK-based anonymous transfers
Secret detection and credential scanning using gitleaks. Use when scanning repositories for leaked secrets, API keys, passwords, tokens, or implementing pre-commit security checks.
Security analysis, vulnerability assessment, and security code reviews
Conduct threat modeling using STRIDE methodology. Identify threats, assess risks, and design security controls. Use when designing secure systems or assessing application security.
Analyze project dependencies for vulnerabilities, updates, and optimization opportunities. Use when auditing dependencies or managing package versions.
Perform security audits detecting OWASP Top 10 vulnerabilities, insecure dependencies, and security misconfigurations. Use when auditing applications for security vulnerabilities.
Perform security-focused review of code diffs and pull requests, identifying newly introduced vulnerabilities, security regressions, and unsafe patterns in changed code.