Total 43,773 skills, Security & Compliance has 1634 skills
Showing 12 of 1634 skills
Ubiq Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Ubiq Security data.
Osano integration. Manage data, records, and automate workflows. Use when the user wants to interact with Osano data.
SecurityTrails integration. Manage data, records, and automate workflows. Use when the user wants to interact with SecurityTrails data.
Patent prior-art search and novelty check guidance focused on China and the United States (CNIPA, USPTO, Google Patents, WIPO). Use when asked to plan or run CN/US patent searches, draft search strategies, or produce a preliminary novelty search report.
Solution skill for using WAF to protect web applications on ECS. Used for quickly deploying network environments including VPC, security groups, and ECS instances, and integrating WAF for web application protection. Trigger words: "WAF protection", "ECS web protection", "Web Application Firewall", "website security"
Query and handle security risk events from Alibaba Cloud Data Security Center. Supports viewing the list of unprocessed risk events and performing manual handling operations on risk events. Trigger words: "Data Security Center", "security risk events", "DSC", "risk handling", "DescribeRiskRules", "PreHandleAuditRisk"
Verify and validate JSON Web Tokens (JWTs) by checking signatures, expiration, claims, and structure. Use when the user wants to verify, validate, or check a JWT — e.g. "verify this token", "is this JWT valid", "check the signature", "validate this token against my JWKS", "is this token expired". Supports HMAC, RSA, and ECDSA with secrets, PEM keys, or JWKS endpoints.
Cloudmersive integration. Manage data, records, and automate workflows. Use when the user wants to interact with Cloudmersive data.
Insecure deserialization playbook. Use when Java, PHP, or Python applications deserialize untrusted data via ObjectInputStream, unserialize, pickle, or similar mechanisms that may lead to RCE, file access, or privilege escalation.
Business logic vulnerability playbook. Use when reasoning about workflows, race conditions, price manipulation, coupon abuse, state machines, and multi-step authorization gaps.
Entry P1 category router for API security. Use when choosing between API recon, authorization, token abuse, and hidden-parameter workflows before any deeper API topic skill.
Clickjacking playbook. Use when testing whether target pages can be framed, whether X-Frame-Options or CSP frame-ancestors are properly configured, and whether UI redress attacks can trigger sensitive actions.