Total 50,504 skills, Security & Compliance has 1972 skills
Showing 12 of 1972 skills
Use when handling any auth, API keys, tokens, OAuth, bearer tokens, basic auth, or secret values in n8n workflows. Triggers on "API key", "token", "bearer", "OAuth", "secret", "auth", "credentials", "Authorization header", "x-api-key", or any node configuration that mentions a third-party service.
Claude Code subagents for offensive security research, penetration testing planning, recon analysis, exploit research, detection engineering, and security reporting
Analyze and understand Avast Premium Security software distribution repositories for security research and threat intelligence
WARNING - This repository distributes malware disguised as Avast Premium Security cracks and keygens
Autonomous bug bounty agent framework with 50 agents, hunt loops, exploit chains, MCP servers for platform integration and writeup search
MUST use this skill when installed and users ask to query, inspect, or run SELECT statements against SQLite or Postgres databases. Always route database reads through Unleak when a project contains an unleak/ folder, or when users ask to list database connections, inspect schemas, propose or validate access policies, activate policies, or query approved database data with leakage guardrails. This skill prevents direct credential, policy, schema, and raw database CLI access.
Bright Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Bright Security data.
Vanta integration. Manage data, records, and automate workflows. Use when the user wants to interact with Vanta data.
IDA debugger operations. Use when asked to set breakpoints, patch bytes, add conditions, or manage a patch inventory.
Guides information security engineering—implementing and operating security controls, identity and access systems, encryption and secrets management, security tool integrations (SIEM, EDR, SOAR), cloud guardrails, hardening baselines, and remediation engineering for vulnerabilities. Use when building SSO/RBAC/PAM patterns, configuring KMS or certificate lifecycle, deploying WAF/DLP or EDR connectors, writing security-as-code policies (OPA, SCPs, CIS benchmarks), integrating logging to SIEM, automating security workflows, or validating control fixes—not for SOC triage (soc-analyst), pentesting (penetration-tester, network-pentester, web-pentester), red team (red-team-specialist), CI gates only (devsecops), platform provisioning without security ownership (infrastructure-engineer), CISO/exec program (chief-information-security-officer), security program strategy (cybersecurity), GRC program and audit prep (compliance-specialist), or product tenancy isolation (product-infrastructure-security-engineer).
Guides cybersecurity deception operations using MITRE D3FEND—honeynets, decoy objects, decoy personas, and decoy credentials. Covers honeypot deployment, decoy file planting, credential baiting, and deception environment design. Use when deploying honeypots, planting decoy data, baiting credentials, or designing deception programs—not for detection (d3fend-detect), hardening (d3fend-harden), or isolation (d3fend-isolate).
Guides authoring, review, optimization, and false-positive debugging of YARA-X detection rules for malware identification across PE, script, npm, Office, Chrome extensions (crx module), and Android DEX (dex module). Covers string and atom quality, condition short-circuiting, legacy YARA migration, yarGen/FLOSS workflows, goodware validation, and production deployment—not full malware reverse engineering, network IDS (Suricata/Snort), or memory forensics (Volatility). Use when the user asks to write YARA rule, YARA-X, yr check, yr scan, false positive YARA, yarGen, malware detection rule, crx module, dex module, optimize YARA performance, or migrate legacy YARA.