Total 50,540 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Recognize and report malicious software distribution repositories masquerading as legitimate security tools
Identify, analyze, and report malicious software distribution repositories masquerading as legitimate security tools
Query Alibaba Cloud DDoS Pro (ddoscoo) block/intercept reasons via SLS full logs and ddoscoo CLI. Analyzes detailed information about intercepted requests including CC protection rules, precise access control rules, region blocking, and IP blacklist policies. Use when users report being blocked by DDoS Pro, encounter block pages, or need to investigate and remediate DDoS protection rules. Trigger words: "DDoS block query", "blocked by DDoS Pro", "DDoS intercept", "ddoscoo intercept query", "CC block", "precise access control block", "高防拦截查询", "request blocked by anti-ddos"
This skill should be used when the user asks to "add turnstile", "implement bot protection", "validate turnstile token", "fix turnstile error", "setup captcha alternative", or encounters error codes 100*/300*/600*, CSP errors, or token validation failures. Provides CAPTCHA-alternative protection for Cloudflare Workers, React, Next.js, and Hono.
Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and build investigation timelines.
Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules), rkhunter system scanning, and /proc vs /sys discrepancy analysis to identify hooked syscalls, hidden kernel modules, and tampered system structures.
Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or group is responsible for a cyber operation. This skill covers collecting and weighting attr
Draft or update the privileged investigation memo from the investigation log. Use when an investigation is far enough along to write the first memo cut, or when new data has been added and the existing draft needs updating.
Triage a subpoena served on the company — classify it, analyze scope/burden/privilege, cross-check the portfolio, and produce an objections framework, compliance plan, and deadline calendar. Use when the user says "we got a subpoena", "served with a subpoena", or shares a subpoena, CID, or third-party document request to evaluate.
Generate security compliance reports using Harness SCS and STO via MCP. Analyze vulnerabilities, SBOMs, and manage exemptions. Use when user says "security report", "vulnerabilities", "SBOM", "security scan", "compliance check", or asks about application security.
Handle Chainlink ACE (Automated Compliance Engine) work using the public smartcontractkit/chainlink-ace repository and official docs.chain.link ACE Platform docs. Use for audited ACE core contracts, managed Platform/Beta scope, Coordinator API, Reporting API, Policy Management, PolicyEngine, PolicyProtected, policy chains, custom policies, extractors, mappers, Cross-Chain Identity (CCIDs), credential registries, KYC/AML credentials, sanctions screening, regulated tokens, ERC-20 and ERC-3643 compliance token examples, upgrade guidance, and BUSL licensing. Trigger on any mention of ACE, Automated Compliance Engine, chainlink-ace, Chainlink compliance, policy enforcement, ERC-3643, or onchain compliance rules, even if the user does not explicitly say 'ACE'.
Performs runtime mobile security exploration of iOS applications using Objection, a Frida-powered toolkit that enables security testers to interact with app internals without jailbreaking. Use when assessing iOS app security posture, bypassing client-side protections, dumping keychain items, inspecting filesystem storage, and evaluating runtime behavior. Activates for requests involving iOS security testing, Objection runtime analysis, Frida-based iOS assessment, or mobile runtime exploration.