Total 50,503 skills, Security & Compliance has 1972 skills
Showing 12 of 1972 skills
HaveIBeenPwned API Documentation - Check if email accounts or passwords have been compromised in data breaches
Risk management specialist who assesses, analyzes, and mitigates financial and operational risks with expertise in quantitative risk modeling, compliance frameworks, and enterprise risk assessment
Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/report, or secure-by-default coding help. Trigger only for supported languages (python, javascript/typescript, go). Do not trigger for general code review, debugging, or non-security tasks.
Authentication and authorization patterns. Use when implementing login flows, JWT tokens, session management, password security, OAuth 2.1, Passkeys/WebAuthn, or role-based access control.
REST API security hardening with authentication, rate limiting, input validation, security headers. Use for production APIs, security audits, defense-in-depth, or encountering vulnerabilities, injection attacks, CORS issues.
Audits web applications to ensure declared privacy policies match actual technical data collection practices. Use to identify discrepancies in cookie usage, tracking scripts, and user data handling.
Эксперт по compliance отчётам. Используй для SOX, GDPR, HIPAA, SOC 2 аудитов и документации соответствия.
Review code for security: injection, sensitive data, authentication and authorization, dependencies and CVEs, configuration and secrets, and crypto. Cognitive-only atomic skill; output is a findings list.
Universal security and robustness scanner for any codebase. Use when auditing code for vulnerabilities, security issues, bugs, or robustness problems. Automatically detects tech stack, creates custom audit plans, and performs recursive deep analysis.
Expert at package management and supply chain security. Use when managing dependencies, updating packages, resolving version conflicts, ensuring supply chain security, or auditing vulnerabilities in project dependencies.
Use when the user requests a security audit workflow (vulnerability scan and verification) for sensitive code.
Write, test, and iterate on CTF exploit scripts. Use when you need to develop a working exploit with a test-debug-fix loop against a live target.