Total 50,341 skills, Security & Compliance has 1967 skills
Showing 12 of 1967 skills
Query and analyze Alibaba Cloud public network exposure, identify unnecessary exposed assets and ports, assess exposure risks, and generate remediation recommendations. Triggers when user mentions public network exposure, exposed assets, exposed ports, public IP security, port scan results, attack surface analysis, internet reachability, high-risk port detection. Also triggers when user asks about "which IPs/ports are exposed to the internet", "public asset inventory", "security baseline check", even without explicitly saying "exposure".
Alibaba Cloud Firewall Status Overview Skill. One-click query of overall cloud firewall status including asset management, border firewall switch status, and traffic overview. Triggers: "cloud firewall status", "firewall overview", "firewall status overview", "asset management", "protection coverage", "what is the overall cloud firewall status", "how many assets are not managed", "what is the protection coverage for each boundary", "CFW status", "cloud firewall overview"
Phase skill for evidence extraction, replay expectations, and audit of generated planning artifacts.
Security rules for code generation including secret handling, credential storage, and environment files. Follow when generating code that handles secrets, credentials, or environment configuration.
Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify malicious functionality including data theft, C2 communication, privilege escalation, and overlay attacks. Examines manifest permissions, receivers, services, and native libraries. Activates for requests involving Android malware analysis, APK reverse engineering, mobile malware investigation, or Android threat analysis.
Guide the design and maintenance of recordkeeping programs under SEC Rules 17a-3, 17a-4, and 204-2. Use when the user asks about document retention schedules, how long to keep trade records or customer complaints, WORM storage requirements, email or text message archiving, social media capture, BYOD compliance policies, or electronic storage audit trails. Also trigger when users mention 'we got an exam request for records', 'migrating to a new archiving vendor', 'blotter retention', 'order ticket requirements', 'off-channel communications', 'WhatsApp archiving', or ask how long specific records must be kept.
Identify, disclose, and mitigate conflicts of interest in advisory and brokerage relationships under Reg BI and fiduciary duty. Use when the user asks about compensation-based conflicts, proprietary product incentives, revenue sharing disclosure, principal trading consent, soft dollar arrangements, pay-to-play restrictions, gifts and entertainment limits, personal trading policies, or code of ethics requirements. Also trigger when users mention 'is this a conflict', 'recommending our own funds', 'higher payout on annuities', 'outside business activity conflicts', 'allocation fairness across accounts', 'political contribution to a pension board member', or ask how to disclose or eliminate a conflict.
Think and act like an attacker to identify security vulnerabilities, weaknesses, and penetration vectors through adversarial security testing
Apisec.ai integration. Manage data, records, and automate workflows. Use when the user wants to interact with Apisec.ai data.
Find SSRF (Server-Side Request Forgery) vulnerabilities in captured traffic. Use when user asks about URL fetching, webhooks, integrations, or internal network access.
Patent prior-art search and novelty check guidance focused on China and the United States (CNIPA, USPTO, Google Patents, WIPO). Use when asked to plan or run CN/US patent searches, draft search strategies, or produce a preliminary novelty search report.
Signal Sciences integration. Manage data, records, and automate workflows. Use when the user wants to interact with Signal Sciences data.