Total 30,768 skills, Security & Compliance has 1089 skills
Showing 12 of 1089 skills
Comprehensively evaluate the overall security of an application from two perspectives: attackers (Red Team) and defenders (Blue Team). Run two agents in parallel → output an integrated report via review-aggregator. Use this when you want to "understand the overall security status of the application", "identify vulnerabilities from an attacker's perspective", or "verify that there are no gaps in the defense system". Use security-hardening for addressing specific vulnerabilities, and security-audit-quick for fast detection of known patterns.
Analyze email messages and mailbox data for forensic investigation. Use when investigating phishing attacks, business email compromise, insider threats, or any scenario requiring email evidence analysis. Supports PST, OST, MBOX, EML, and MSG formats.
Comprehensive security and privacy evaluation system for MCP (Model Context Protocol) servers. Use when users provide GitHub URLs to MCP servers and request security assessment, privacy evaluation, or ask "is this MCP safe to use." Evaluates security vulnerabilities, privacy risks, code quality, community feedback, and provides actionable recommendations with risk scoring.
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Exploit development workflow. Use when: write exploit, PoC, payload, shellcode, bypass, buffer overflow, RCE, reverse shell.
Domain reconnaissance coordinator that orchestrates subdomain discovery and port scanning to build comprehensive domain attack surface inventory
Security detection use cases for identifying threats across network, endpoint, identity, cloud, application, and email vectors. Use for building detection rules, analyzing security events, and threat hunting operations.
Use when user needs security incident response, operational incident management, evidence collection, forensic analysis, or coordinated response for outages and breaches.
12 production-ready regulatory affairs and quality management skills for HealthTech/MedTech: ISO 13485 QMS, MDR 2017/745, FDA 510(k)/PMA, ISO 27001 ISMS, GDPR/DSGVO compliance, risk management (ISO 14971), CAPA, document control, and internal auditing. Python tools included (all stdlib-only). Works with Claude Code, Codex CLI, and OpenClaw.
Эксперт ISO 27001. Используй для ISMS, security controls и compliance implementation.
Test for security vulnerabilities using OWASP principles. Use when conducting security audits, testing auth, or implementing security practices.
Professional Skills and Methodologies for Cloud Security Audits