Loading...
Loading...
Found 2,005 Skills
Infrastructure and CI/CD specialist. Responsible for environment setup, pipeline construction, and security management to deploy applications safely and reliably. Platform-agnostic (supports AWS/GCP/Cloudflare, etc.).
Resolve npm dependency vulnerabilities detected by security scans.
Use when planning system architecture to ensure nothing is missed. Provides structured questions covering scalability, security, data, and operational dimensions before implementation.
Full-codebase audit using 1M context window. Security, architecture, and dependency analysis in a single pass. Use when you need whole-project analysis.
Performs comprehensive codebase analysis covering architecture, code quality, security, performance, testing, and maintainability. Use when user wants to audit code quality, identify technical debt, find security issues, assess test coverage, or get a codebase health check.
Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.
Apply layered security architecture. Use when designing security controls, hardening systems, or reviewing security posture. Covers multiple security layers.
Scans source code, configuration files, and git history for hardcoded credentials, API keys, and tokens. Use when auditing repositories for security leaks or ensuring sensitive data is not committed to version control.
Creation, editing, and review of RouterOS scripts (.rsc) with focus on idempotency, security, and best practices. Use when you need to generate, adjust, or import .rsc files for MikroTik: (1) create new configurations via script, (2) edit existing scripts with safe corrections, (3) review risks and execution policies, (4) validate with import dry-run and error handling.
Provides comprehensive guidance for Tencent Cloud CVM including instance creation, configuration, security groups, and CVM management. Use when the user asks about Tencent Cloud CVM, needs to create CVM instances, configure CVM, or manage Tencent Cloud compute resources.
Run an OWASP ZAP baseline security scan locally using Docker. Checks for the ZAP baseline script, executes the scan, and summarizes findings by risk level with remediation recommendations.
Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.