Total 43,935 skills, Security & Compliance has 1637 skills
Showing 12 of 1637 skills
Manage regulatory requirements, number bundles, supporting documents, and verified numbers for compliance. This skill provides REST API (curl) examples.
10DLC brand and campaign registration for US A2P messaging compliance. Assign phone numbers to campaigns.
Audit and harden authentication code for security best practices. Use when the user wants to check their auth implementation for vulnerabilities, harden session handling, fix credential storage, or apply OWASP-recommended security patterns.
Open Source Intelligence gathering and attack surface management for external reconnaissance.
Produce a report-only HIPAA, PHI, and PII audit for healthcare codebases and delivery systems. Inspects code, configs, data flows, integrations, logging, and deployment boundaries for privacy and security gaps without modifying code.
Safety guardrails that warn before destructive commands. Use to protect beginners from accidentally running dangerous operations like rm -rf, DROP TABLE, git push --force, or git reset --hard. Provides beginner-friendly explanations of WHY a command is dangerous and suggests safer alternatives. Activate when the user mentions safety, careful mode, guardrails, protection, or when working with beginners on tasks involving file deletion, database changes, or git operations.
Triage GitHub security advisories for OpenClaw with high-confidence close/keep decisions, exact tag and commit verification, trust-model checks, optional hardening notes, and a final reply ready to post and copy to clipboard.
Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.
Use when designing, planning, implementing, or reviewing any non-trivial change — enforces defense in depth, input validation, secure defaults, and OWASP best practices to prevent vulnerabilities before they ship
Use when managing Alibaba Cloud Key Management Service (KMS) via OpenAPI/SDK, including the user needs key lifecycle/resource operations, policy/configuration changes, status inspection, or troubleshooting KMS API workflows.
PHP Web source code CRLF/response splitting audit tool. Identifies user input that enters HTTP response headers, analyzes filtering and encoding of newlines/control characters, and outputs severity ratings, PoCs and fix suggestions (omission is prohibited).
Chef InSpec integration. Manage data, records, and automate workflows. Use when the user wants to interact with Chef InSpec data.