Total 50,476 skills, Security & Compliance has 1971 skills
Showing 12 of 1971 skills
Detect and flag personally identifiable information (PII) in text, code, and configurations
When the user wants to optimize pharmacy supply chain operations, manage medication distribution, ensure pharmaceutical compliance, or handle controlled substances. Also use when the user mentions "pharmacy logistics," "drug distribution," "controlled substances," "340B program," "formulary management," "medication safety," "specialty pharmacy," "drug shortages," "DEA compliance," "pharmaceutical traceability," or "DSCSA compliance." For hospital materials management, see hospital-logistics. For clinical trial drugs, see clinical-trial-logistics.
Diff a new AI regulation or guidance against your current governance posture — surfaces gaps, priorities, and a remediation plan with owners and deadlines. Use when an AI regulation moves (or you learn about one you missed), or when user says "new reg just dropped", "does [regulation] affect us", "gap analysis for EU AI Act", "compliance check against [AI law or guidance]", or pastes regulatory text.
Guide for (a) auditing an existing whistleblower system or (b) drafting a compliant reporting policy from a provided template. Covers EU Directive 2019/1937, the amended Sapin II law (Waserman 2022), Decree 2022-1284, CNIL guidelines, public sector requirements, and duty of vigilance.
Master network protocol reverse engineering including packet analysis, protocol dissection, and custom protocol documentation. Use when analyzing network traffic, understanding proprietary protocols, or debugging network communication.
Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service communication.
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.
Document control system management for medical device QMS. Covers document numbering, version control, change management, and 21 CFR Part 11 compliance. Use for document control procedures, change control workflow, document numbering, version management, electronic signature compliance, or regulatory documentation review.
CAPA system management for medical device QMS. Covers root cause analysis, corrective action planning, effectiveness verification, and CAPA metrics. Use for CAPA investigations, 5-Why analysis, fishbone diagrams, root cause determination, corrective action tracking, effectiveness verification, or CAPA program optimization.
GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.
ISO 13485 internal audit expertise for medical device QMS. Covers audit planning, execution, nonconformity classification, and CAPA verification. Use for internal audit planning, audit execution, finding classification, external audit preparation, or audit program management.