Total 50,525 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Smart contract security best practices for Solidity development. Use when writing, reviewing, or auditing Solidity code. Covers reentrancy prevention, access control patterns, safe external calls, input validation, upgrade safety, and OWASP Smart Contract Top 10 vulnerabilities. Triggers on tasks involving security, vulnerability detection, access control, CEI pattern, ReentrancyGuard, SafeERC20, or smart contract auditing.
Implements authentication, authorization, encryption, secrets management, and security hardening patterns. Use when designing auth flows, managing secrets, configuring CORS, implementing rate limiting, or when asked about JWT, OAuth, password hashing, API keys, RBAC, or security best practices.
Static security analysis for code, auditing for OWASP Top 10 risks. Triggers: "security audit", "is this secure", "check for vulnerabilities". Capabilities: - Static analysis of code snippets. - Mapping findings to OWASP Top 10 (2021). - Providing remediation code patterns.
Solidity smart contract security: vulnerability prevention, secure coding patterns, gas-safe optimizations, and audit preparation. Use when writing or reviewing Solidity code for security, auditing contracts, preventing reentrancy/overflow/access-control issues, optimizing gas safely, or preparing contracts for professional audits. Keywords: solidity security, smart contract audit, reentrancy, access control, CEI pattern, front-running, slither, invariant, vulnerability, exploit, secure solidity.
Verify phone numbers via SMS, Flashcall, Phone Call, Data (seamless carrier-level), or WhatsApp with Sinch Verification API. Use when implementing user phone verification, OTP, two-factor authentication, or number ownership confirmation flows.
Triage GitHub security advisories for OpenClaw with high-confidence close/keep decisions, exact tag and commit verification, trust-model checks, optional hardening notes, and a final reply ready to post and copy to clipboard.
Threat modeling using STRIDE methodology. Data flow diagrams, trust boundaries, attack surface mapping, and risk assessment. Use when analyzing system security, designing secure architectures, or conducting security reviews.
Query and analyze security events and alerts detected by Alibaba Cloud Firewall IPS (Intrusion Prevention System), helping quickly locate threats and provide remediation recommendations. Triggers when user mentions IPS alerts, intrusion detection, intrusion prevention, attack events, security alerts, threat detection, attack analysis, IDS/IPS, being attacked, any attacks, security incidents, security warnings, server under attack, machine alarms. Also triggers when user asks about "any recent attacks", "which assets were attacked", "does this IP have attack behavior", "security alerts for a specific server/machine", "which IPs attacked a specific IP", even without explicitly saying "IPS".
Alibaba Cloud Firewall Status Overview Skill. One-click query of overall cloud firewall status including asset management, border firewall switch status, and traffic overview. Triggers: "cloud firewall status", "firewall overview", "firewall status overview", "asset management", "protection coverage", "what is the overall cloud firewall status", "how many assets are not managed", "what is the protection coverage for each boundary", "CFW status", "cloud firewall overview"
Security rules for code generation including secret handling, credential storage, and environment files. Follow when generating code that handles secrets, credentials, or environment configuration.
Identify, disclose, and mitigate conflicts of interest in advisory and brokerage relationships under Reg BI and fiduciary duty. Use when the user asks about compensation-based conflicts, proprietary product incentives, revenue sharing disclosure, principal trading consent, soft dollar arrangements, pay-to-play restrictions, gifts and entertainment limits, personal trading policies, or code of ethics requirements. Also trigger when users mention 'is this a conflict', 'recommending our own funds', 'higher payout on annuities', 'outside business activity conflicts', 'allocation fairness across accounts', 'political contribution to a pension board member', or ask how to disclose or eliminate a conflict.
Apisec.ai integration. Manage data, records, and automate workflows. Use when the user wants to interact with Apisec.ai data.