Total 30,695 skills, Security & Compliance has 1088 skills
Showing 12 of 1088 skills
Validate and implement HTTP security headers to protect web applications.
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
Verify compliance with OWASP Top 10 2021 security standards. Use when performing OWASP compliance checks and security certification.
Data classification framework including sensitivity levels, handling requirements, labeling, and data lifecycle management
Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.
Analyze Flutter and mobile applications for OWASP Mobile Top 10 (2024) security compliance. Use this skill when performing security audits, vulnerability assessments, or compliance checks on mobile applications. Performs automated scans for hardcoded secrets, insecure storage, weak cryptography, network security issues, and provides detailed remediation guidance.
Performs comprehensive security audit of any codebase against OWASP Top 10 2025. Use when user asks for OWASP audit, OWASP Top 10 review, OWASP security check, or wants to audit code against OWASP categories. Do not trigger for PR review, npm/pip audit, SOC2 compliance, general security questions, or threat modeling.
[Architecture] Use when reviewing code for security vulnerabilities, implementing authorization, or ensuring data protection.
Calculate cryptographic hashes (MD5, SHA1, SHA256, SHA512) for text and files. Compare hashes, verify integrity, and batch process directories.
Expert knowledge of research grant compliance requirements, deliverables tracking, and funder expectations. Use when reviewing work against grant specifications, preparing progress reports, or ensuring alignment with funding requirements from NSF, NIH, EU, and other agencies.
Keycloak identity and access management. Use for SSO.
Run an OWASP ZAP baseline security scan locally using Docker. Checks for the ZAP baseline script, executes the scan, and summarizes findings by risk level with remediation recommendations.