Loading...
Loading...
Found 56 Skills
Provides comprehensive guidance for Tencent Cloud COS including bucket creation, object storage, access control, and COS management. Use when the user asks about Tencent Cloud COS, needs to store files in COS, configure COS buckets, or work with Tencent Cloud storage.
Upgrade Cairo smart contracts using OpenZeppelin's UpgradeableComponent on Starknet. Use when users need to: (1) make Cairo contracts upgradeable via replace_class_syscall, (2) integrate the OpenZeppelin UpgradeableComponent, (3) understand Starknet's class-based upgrade model vs EVM proxy patterns, (4) ensure storage compatibility across upgrades, (5) guard upgrade functions with access control, or (6) test upgrade paths for Cairo contracts.
Cross-cutting infrastructure security audit skill that checks cloud infrastructure, DNS, TLS, endpoints, access control, network security, containers, CI/CD pipelines, secrets management, logging, and physical security against ALL major compliance frameworks. Use for infrastructure audit, cloud security audit, infrastructure compliance, DNS security audit, TLS audit, endpoint security, access control audit, network security assessment, infrastructure security, cloud compliance, Vanta alternative, compliance automation, security posture assessment, hardware security keys, YubiKey compliance.
This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or obje...
Manage container registries (Docker Hub, ECR, GCR) with image scanning, retention policies, and access control.
Attempt to list and read files from storage buckets to verify access controls.
Implements role-based access control with permission matrix, route guards, policy functions, and UI permission hints. Provides middleware/guards, helper utilities, test suggestions, and permission checking patterns. Use when building "RBAC", "permissions", "access control", or "authorization".
Professional Skills and Methodologies for Insecure Direct Object Reference (IDOR) Testing
Database security, access control, and data protection
Provides comprehensive guidance for Alibaba Cloud OSS including bucket creation, object storage, access control, and OSS management. Use when the user asks about Alibaba Cloud OSS, needs to store files in OSS, configure OSS buckets, or work with Alibaba Cloud storage.
Debug and fix polizy authorization issues. Use when permission checks fail unexpectedly, errors occur, or authorization behavior is confusing. Covers check algorithm, common issues, and anti-patterns.
Implementation patterns for polizy authorization. Use when implementing team access, folder inheritance, field-level permissions, temporary access, revocation, or any specific authorization scenario.