Total 50,542 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Secure environment variable management with Varlock. Use when handling secrets, API keys, credentials, or any sensitive configuration. Ensures secrets are never exposed in terminals, logs, traces, or Claude's context. Trigger phrases include "environment variables", "secrets", ".env", "API key", "credentials", "sensitive", "Varlock".
Implement MFA login providers for Umbraco backoffice using official docs
Miscellaneous CTF tools for programming challenges, esoteric languages, QR/barcode scanning, and audio/video analysis. Trigger: When solving misc challenges, esoteric languages, QR codes, or media files.
Detect accidentally committed secrets, credentials, and sensitive information in code.
Validate and implement HTTP security headers to protect web applications.
Analyze network traffic captures and artifacts for forensic investigation. Use when investigating data exfiltration, command and control communications, lateral movement, or network-based attacks. Supports PCAP, PCAPNG, and NetFlow analysis.
Run ScanCode Toolkit for comprehensive license and copyright detection. Identifies license types, copyright holders, and compliance obligations across codebases.
Run Trivy to scan container images for OS and library vulnerabilities, misconfigurations, and secrets. Comprehensive multi-target security scanner.
Authentication and security patterns for EFT-Tracker using NextAuth. Covers password reset, session management, CSRF protection, and security reviews. Activates when user mentions: auth, authentication, password, NextAuth, session, security, login, logout, CSRF, rate limit, token, JWT.
Guidelines and workflows for community moderation, trust & safety, and escalation.
系统加固
使用 @aptx/api-plugin-csrf 添加 CSRF 保护。触发条件:当代码需要在请求中添加 CSRF token、配置 cookie/header 名称、处理 SSR/Node 环境的 cookie 读取、或使用 createCsrfMiddleware 时使用。