Total 50,537 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Professional Skills and Methodologies for Container Security Testing
OWASP Top 10, CSP, CORS, XSS/CSRF prevention, auth patterns, dependency scanning
Application security covering input validation, auth, headers, secrets management, and dependency auditing
Process use when you need to track database changes for compliance and security monitoring. This skill implements audit logging using triggers, application-level logging, CDC, or native logs. Trigger with phrases like "implement database audit logging", "add audit trails", "track database changes", or "monitor database activity for compliance".
Use when testing a web application for security vulnerabilities, before deployment or during security review — guides through a structured 10-phase penetration testing methodology covering mapping, authentication, session management, access controls, injection, logic flaws, and server configuration.
Concurrency exploitation — race conditions, TOCTOU vulnerabilities, and parallel request abuse in web applications.
Apply CIS benchmarks and secure Linux servers. Configure SSH, manage users, implement firewall rules, and enable security features. Use when hardening Linux systems for production or meeting security compliance requirements.
Comprehensive security and privacy evaluation system for MCP (Model Context Protocol) servers. Use when users provide GitHub URLs to MCP servers and request security assessment, privacy evaluation, or ask "is this MCP safe to use." Evaluates security vulnerabilities, privacy risks, code quality, community feedback, and provides actionable recommendations with risk scoring.
Test skill for security scanning
Generate SOX sample selections, testing workpapers, and control assessments. Use when planning quarterly or annual SOX 404 testing, pulling a sample for a control (revenue, P2P, ITGC, close), building a testing workpaper template, or evaluating and classifying a control deficiency.
Legal and compliance expertise for corporate governance, contract analysis, regulatory compliance (SOX, GDPR, HIPAA), risk assessment, intellectual property, and litigation management. Use when reviewing contracts, ensuring compliance, or managing legal risk.
Real-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.