Loading...
Loading...
Found 21 Skills
Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and bastion hosts. Use when exposing services, hardening servers, or implementing network segmentation with defense-in-depth strategies.
Reduces attack surface across OS, container, cloud, network, and database layers using CIS Benchmarks and zero-trust principles. Use when hardening production infrastructure, meeting compliance requirements, or implementing defense-in-depth security.
Refactor Kubernetes configurations to improve security, reliability, and maintainability. This skill applies defense-in-depth security principles, proper resource constraints, and GitOps patterns using Kustomize or Helm. It addresses containers running as root, missing health probes, hardcoded configs, and duplicate YAML across environments. Apply when you notice security vulnerabilities, missing Pod Disruption Budgets, or :latest image tags in production.
Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.
Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.
Defense-in-depth verification before declaring any task complete. Run tests, check build, validate changed files, verify no regressions. Applies 4-level adversarial artifact verification (EXISTS > SUBSTANTIVE > WIRED > DATA FLOWS) with goal-backward framing. Use before saying "done", "fixed", or "complete" on any code change. Use for "verify", "make sure it works", "check before committing", or "validate changes". Do NOT use for debugging (use systematic-debugging) or code review (use systematic-code-review).
ALWAYS use before attempting any fix. Never jump to solutions - investigate root cause first. Use when encountering any technical issue, bug, test failure, or unexpected behavior.
The drum sounds. Spider, Raccoon, and Turtle gather for complete security work. Use when implementing auth, auditing security, or hardening code end-to-end.
Multi-layer validation pattern - validates data at EVERY layer it passes through to make bugs structurally impossible, not just caught.