Total 50,543 skills, Security & Compliance has 1973 skills
Showing 12 of 1973 skills
Example security audit skill demonstrating how to audit code for security vulnerabilities. Use when the user asks to perform security reviews, check for vulnerabilities, or audit code security.
Expert knowledge of research grant compliance requirements, deliverables tracking, and funder expectations. Use when reviewing work against grant specifications, preparing progress reports, or ensuring alignment with funding requirements from NSF, NIH, EU, and other agencies.
Create comprehensive forensic timelines from multiple data sources. Use when reconstructing event sequences, correlating activities across sources, or visualizing incident progression. Supports super timeline creation and analysis.
Create diagrams, charts, and visual assets for security documentation. Generate network diagrams, architecture visuals, and data visualizations. Use when creating visual content for reports or presentations.
Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.
Run MobSF (Mobile Security Framework) for automated static and dynamic analysis of Android and iOS apps. Detects insecure storage, weak crypto, hardcoded secrets, and permission issues.
Expertise in binary lifting techniques - converting machine code to LLVM IR for analysis, decompilation, and recompilation. Use this skill when working on reverse engineering, binary analysis, deobfuscation, or converting binaries to higher-level representations.
Repository pattern for pre-approved financial disclosures and claim language.
Authentication and authorization specialist covering Auth0, Clerk, and Firebase Auth. Use when implementing authentication, authorization, MFA, SSO, passkeys, WebAuthn, social login, or security features. Supports enterprise (Auth0), modern UX (Clerk), and mobile-first (Firebase) patterns.
Guidance for extracting secrets from protected or obfuscated binaries through systematic static and dynamic analysis. This skill should be used when tasks involve reverse engineering executables, extracting hidden flags or keys, analyzing binary protections, or decoding obfuscated data within compiled programs.
Enforce safe Frida 17 MCP operations with strict phase gating. Use when attaching/spawning sessions, writing or loading scripts, applying Java/native hooks, troubleshooting instrumentation failures, or interpreting Frida MCP output. Require docs-first usage and run the mandatory workflow: Idea -> Scripting -> Execution -> Notes.
Defense techniques against prompt injection attacks including direct injection, indirect injection, and jailbreaks - theUse when "prompt injection, jailbreak prevention, input sanitization, llm security, injection attack, security, prompt-injection, llm, owasp, jailbreak, ai-safety" mentioned.