Search Skills
Search across 54932 indexed skills
auditing-access-control
Audit access control implementations across codebases, cloud configurations, and application layers for security vulnerabilities and policy violations...
scanning-for-secrets
Detect exposed API keys, passwords, tokens, and private keys in source code using pattern matching and entropy analysis, with remediation guidance for...
analyzing-dependencies
Analyze project dependencies for known security vulnerabilities, outdated versions, and license compliance issues across multiple package ecosystems. ...
validating-pci-dss-compliance
Validate payment systems against PCI DSS requirements, checking cardholder data storage, network segmentation, encryption standards, access controls, ...
checking-session-security
Audit session management implementations in web applications to identify vulnerabilities including session fixation (CWE-384), insufficient session ex...
responding-to-security-incidents
Guide the full NIST SP 800-61 incident response lifecycle: detection, containment, eradication, recovery, and post-incident analysis. Classify inciden...
auditing-wallet-security
Security analysis tool for cryptocurrency wallets. Scans ERC20 token approvals, analyzes transaction patterns, calculates security risk scores, and pr...
performing-penetration-testing
Security testing toolkit with three specialized scanners for web applications, dependency chains, and source code. This skill provides three real, wor...
scanning-container-security
Scan container images and Dockerfiles for vulnerabilities, misconfigurations, and compliance violations using Trivy, Grype, Snyk Container, and Hadoli...
encrypting-and-decrypting-data
Validate encryption implementations, audit cryptographic algorithm choices, and verify key management practices across codebases and configuration fil...
validating-csrf-protection
Validate Cross-Site Request Forgery protection across web application endpoints, forms, and API routes. This skill examines synchronizer token pattern...
http-header-security-audit
This skill provides automated assistance for http header security audit tasks within the Security Fundamentals domain. This skill activates automatica...