Total 50,402 skills, Security & Compliance has 1967 skills
Showing 12 of 1967 skills
Safely package codebases with repomix by automatically detecting and removing hardcoded credentials before packing. Use when packaging code for distribution, creating reference packages, or when the user mentions security concerns about sharing code with repomix.
Java "Ghost Bits" / Cast Attack playbook (Black Hat Asia 2026). Use when attacking Java services where 16-bit char is silently narrowed to 8-bit byte to bypass WAF/IDS for SQL injection, deserialization RCE, file upload (Webshell), path traversal, CRLF injection, request smuggling, and SMTP injection. Affects Tomcat, Spring, Jetty, Undertow, Vert.x, Jackson, Fastjson, Apache Commons BCEL, Apache HttpClient, Angus Mail, JDK HttpServer, Lettuce, Jodd, XMLWriter and re-enables many "patched" CVEs through WAF bypass.
Deploy and configure BitDefender Total Security 2026 with advanced threat detection, sandboxing, VPN integration, and AI-powered heuristic analysis
Performs proactive threat hunting in Elastic Security SIEM using KQL/EQL queries, detection rules, and Timeline investigation to identify threats that evade automated detection. Use when SOC teams need to hunt for specific ATT&CK techniques, investigate anomalous behaviors, or validate detection coverage gaps using Elasticsearch and Kibana Security.
Gdpr Compliance Scanner - Auto-activating skill for Security Advanced. Triggers on: gdpr compliance scanner, gdpr compliance scanner Part of the Security Advanced skill category.
Test skill for security scanning
Audit, implement, and remediate Digital Personal Data Protection Act 2023 (DPDPA) compliance in any application codebase. Use this skill whenever the user mentions DPDPA, Indian data protection, personal data handling for Indian users, consent management, data breach notification, children's data protection in India, cross-border data transfer from India, privacy policy for Indian apps, Data Fiduciary obligations, Data Principal rights, or compliance auditing for Indian privacy law. Also trigger when the user asks to "audit my app for privacy", "check data protection compliance", "implement consent flows", "add breach notification", "handle children's data", "add data deletion/erasure", "implement right to access", "GDPR equivalent in India", or any task involving personal data processing for users in India. This skill covers code-level implementation, architecture review, compliance auditing with remediation, and organizational/process guidelines that fall outside application code.
Comprehensive Perl security covering taint mode, input validation, safe process execution, DBI parameterized queries, web security (XSS/SQLi/CSRF), and perlcritic security policies.
Assess and classify legal risks using a severity-by-likelihood framework with escalation criteria. Use when evaluating contract risk, assessing deal exposure, classifying issues by severity, or determining whether a matter needs senior counsel or outside legal review.
Generate sample security events, attack scenarios, and synthetic alerts for Elastic Security. Use when demoing, populating dashboards, testing detection rules, or setting up a POC.
Laravel security best practices for authn/authz, validation, CSRF, mass assignment, file uploads, secrets, rate limiting, and secure deployment.
Use when configuring Fnox secrets management with fnox.toml. Covers file structure, secrets definition, profiles, and hierarchical configurations.