Total 43,502 skills, Security & Compliance has 1627 skills
Showing 12 of 1627 skills
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
Test for user enumeration vulnerabilities through various authentication endpoints.
Discover and test Supabase Edge Functions for security vulnerabilities and misconfigurations.
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
Blockchain smart contract specialist for Solidity, EVM, security patterns, and gas optimizationUse when "smart contract, solidity, ethereum, evm, contract, web3, gas optimization, upgradeable contract, reentrancy, solidity, ethereum, smart-contracts, evm, web3, blockchain, defi, nft, security, gas" mentioned.
Enforces explicit user permission before any file deletion. Activates when you're about to use rm, unlink, fs.rm, or any operation that removes files from disk. MUST be followed for all delete operations.
Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service communication.
Attempt to list and read files from storage buckets to verify access controls.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Identify storage buckets that are publicly accessible and may contain sensitive data.
Generate institutional-grade investment suitability reports including rationale, risk disclosure, and client suitability assessment. Use when the user asks to document investment decisions, create compliance reports, generate risk disclosures, prepare client-facing investment justifications, write suitability assessments, or produce fiduciary documentation for an investment recommendation or portfolio.