Total 50,540 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Kiwi-user authentication integration for frontend (login flows, token storage, refresh) and backend (token verification via API or public key, auth middleware, user ID extraction).
Conduct threat modeling using STRIDE methodology. Identify threats, assess risks, and design security controls. Use when designing secure systems or assessing application security.
Security audit workflow - vulnerability scan → verification
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug b...
User pairing, authentication, and trust management
Security audit checklist based on OWASP Top 10 and best practices. Covers authentication, injection, XSS, CSRF, secrets management, and more. Use when reviewing security, before deploy, asking "is this secure", "security check", "vulnerability".
This skill should be used when the user asks to "follow red team methodology", "perform bug bounty hunting", "automate reconnaissance", "hunt for XSS vulnerabilities", "enumerate su...
Use this skill when working with the field-guard library (TypeScript field-level access control). Provides patterns for defineGuard, withCheck, withDerive, combineGuards, and mergeFieldVerdicts.
Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.
A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
Technical safeguards and architectural patterns for building HIPAA-compliant software on AWS. Use when building healthcare SaaS, handling PHI (Protected Health Information), designing patient data systems, implementing healthcare APIs, setting up HIPAA-eligible AWS infrastructure, reviewing code for PHI exposure, designing audit logging, or when the user mentions patients, medical records, EHR/EMR, health data, HL7, FHIR, or covered entities. Essential for founders and developers building in healthcare or digital health space.
This skill should be used when the user asks to "perform vulnerability scanning", "scan networks for open ports", "assess web application security", "scan wireless networks", "detec...