Total 50,524 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Guide BSA/AML compliance program design and operation for broker-dealers, banks, and investment advisers. Use when the user asks about suspicious activity reports, currency transaction reports, OFAC screening, structuring detection, or FinCEN requirements. Also trigger when users mention 'large cash deposit', 'sanctions check', 'money laundering red flags', 'customer risk rating', 'unusual transaction patterns', 'wire to a foreign country', 'SDN list', 'tipping off a client about a SAR', 'AML audit', 'correspondent account due diligence', or ask whether a transaction needs to be reported.
Generate TonConnect TonProof signatures for third-party authentication. Use when the user wants to log in with a TON wallet, prove wallet ownership, authenticate to an API such as GetGems, or generate a TonProof for a domain and challenge payload.
Hardens CockroachDB user privileges by auditing and tightening role-based access control, reducing admin grants, restricting PUBLIC role permissions, and applying least-privilege principles. Use when reducing excessive privileges, cleaning up admin access, or implementing RBAC best practices.
Configures and enforces password policies on CockroachDB clusters including minimum length, complexity requirements, and hash cost settings. Use when strengthening authentication requirements, setting up password policies for a new cluster, or meeting compliance password standards.
Configures and hardens IP allowlists for CockroachDB Cloud clusters to restrict network access to authorized CIDR ranges. Use when tightening network security, removing overly permissive allowlist entries like 0.0.0.0/0, or setting up allowlists for a new cluster.
Use when user asks about fixing security vulnerabilities, composer audit failures, vulnerable Drupal packages, or CVE advisories in a Drupal codebase.
Detector and proof-of-concept LPE toolkit for CVE-2026-31431 ("Copy Fail"), a Linux kernel algif_aead page-cache scratch-write vulnerability enabling local privilege escalation.
Expert application security engineer specializing in threat modeling, vulnerability assessment, secure code review, and security architecture design for modern web and cloud-native applications.
Use when planning or executing authorized red team engagements, attack path analysis, or offensive security simulations. Covers MITRE ATT&CK kill-chain planning, technique scoring, choke point identification, OPSEC risk assessment, and crown jewel targeting.
AI-first security scanning with Medusa. 3,000+ detection patterns covering AI/ML, agents, MCP, RAG, prompt injection, and traditional SAST vulnerabilities. Wraps Medusa CLI with SARIF/JSON parsing, structured finding output, OWASP mapping, and remediation guidance.
Cloud Security Posture - Auto-activating skill for Security Advanced. Triggers on: cloud security posture, cloud security posture Part of the Security Advanced skill category.
Enterprise role-based access control for Granola. Use when configuring user roles, setting permissions, or implementing access control policies. Trigger with phrases like "granola roles", "granola permissions", "granola access control", "granola RBAC", "granola admin".