Total 50,503 skills, Security & Compliance has 1972 skills
Showing 12 of 1972 skills
ICS/SCADA protocol analysis and exploitation using Ettercap MITM, Scapy packet crafting, for Modbus/TCP, IEC 104, and DNP3 protocols. Trigger: When analyzing ICS protocols, MITM attacks, Modbus, IEC 104, or DNP3.
Implement identity and access management. Use when designing authentication, authorization, or user management. Covers OAuth2, OIDC, and RBAC.
防火墙配置
Use when reviewing OpenHarmony C++ system service code for security vulnerabilities, particularly IPC handlers, multithreaded components, or code handling sensitive user data
A dedicated skill for security code review of OpenHarmony distributed systems. Triggered when users make requests such as "review code security implementation", "code security audit", "security code review" or similar distributed system code security review requests. This skill provides detailed review guidance for 18 security design rules for OpenHarmony distributed services, covering security areas such as authorization control, state machines, data transmission, permission management, and trusted relationships. Using this skill, you can conduct specialized security reviews for OpenHarmony distributed systems based on general cybersecurity rules.
UK taxation expert for HMRC compliance, Making Tax Digital (MTD ITSA/VAT) and Self-Assessment: explain tax treatment; compute income tax/NI/dividend/CGT with band-by-band breakdown; advise on deadlines/forms/penalties; and support MTD developer integration + tax software UX/flows. Use WebSearch (gov.uk/HMRC) to verify current rates and mandation timelines. (project)
Operate the Prelude Security platform CLI for continuous security testing (Detect) and endpoint posture monitoring (SCM). Manages endpoints, schedules tests, evaluates security control policies, integrates with EDR/XDR partners, and generates reports. Use when working with the `prelude` CLI or managing security infrastructure.
Run SpotBugs with Find Security Bugs plugin on Java code. Detects injection flaws, XXE, insecure crypto, SSRF, deserialization, and other JVM security bugs.
Run cargo-audit and cargo-geiger on Rust code. Audits dependencies for known vulnerabilities and detects unsafe code usage for memory safety review.
Run gosec SAST scans on Go code. Detects SQL injection, hardcoded credentials, insecure TLS, command injection, and other Go security issues.
Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.
Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.