Skill4Agent
Skill4Agent
All SkillsSearchTools
|
Explore
Skill4Agent
Skill4Agent

AI Agent Skills Directory with categorization, English/Chinese translation, and script security checks.

Sitemap

  • Home
  • All Skills
  • Search
  • Tools

About

  • About Us
  • Disclaimer
  • Copyright

Help

  • FAQ
  • Privacy
  • Terms
Contact Us:osulivan147@qq.com

© 2026 Skill4Agent. All rights reserved.

All Skills

Total 50,504 skills, Security & Compliance has 1972 skills

Categories

Showing 12 of 1972 skills

Per page
Downloads
Sort
Security & Complianceunitoneai/securityskills

log-analysis

Guides structured security log analysis across authentication, network, endpoint, and cloud audit log sources. Auto-invoked when the user shares log data, asks about suspicious events, needs help interpreting Windows Event IDs or Linux auth logs, or is establishing baselines for anomaly detection. Produces log source taxonomy, anomaly identification, baseline recommendations, and correlation findings mapped to MITRE ATT&CK v16 techniques.

🇺🇸|EnglishTranslated
10
Security & Compliancearadotso/security-skills

slowmist-agent-security-framework

Comprehensive security review framework for AI agents to audit skills, repositories, URLs, on-chain addresses, and services in adversarial environments

🇺🇸|EnglishTranslated
10
Security & Compliancemukul975/privacy-data-pro...

brazil-lgpd

Guides compliance with Brazil's Lei Geral de Proteção de Dados (LGPD, Lei 13.709/2018). Covers the 10 lawful bases under Art. 7, DPO appointment, ANPD enforcement, data subject rights under Arts. 17-22, and international transfer mechanisms. Keywords: LGPD, Brazil data protection, ANPD, lawful bases, data subject rights, international transfers.

🇺🇸|EnglishTranslated
10
1 scripts/Checked
Security & Complianceinfisical/ai-skills

infisical-api

Interact with the Infisical REST API to manage secrets, projects, environments, machine identities, and more. Supports secret CRUD operations, machine identity authentication, pagination, and rate limiting on cloud deployments.

🇺🇸|EnglishTranslated
10
Security & Compliancejoellewis/finance_skills

operational-risk

Guide identification, measurement, and management of operational risk in trading and brokerage operations. Use when designing trade error detection and correction procedures, investigating trade breaks and reconciliation failures, classifying loss events under Basel taxonomy, developing key risk indicators (KRIs) and dashboards, responding to system outages or data feed failures or order routing errors, conducting root cause analysis after a trade error or settlement fail, planning business continuity and disaster recovery for trading desks, preparing for FINRA or SEC operational risk examinations, or assessing technology risk in OMS and market data systems. Also covers fat-finger errors, error account P&L, and corrective action tracking.

🇺🇸|EnglishTranslated
10
Security & Complianceallthingsida/idasql-skill...

re-source

Re-source IDA binaries. Use when asked for recursive annotation, structure recovery, type reconstruction, or bottom-up program understanding.

🇺🇸|EnglishTranslated
10
Security & Complianceallthingsida/idasql-skill...

analysis

Triage and audit IDA binaries. Use when asked to analyze a binary, find suspicious behavior, detect crypto/network activity, review decompiled code against source, or run multi-table queries.

🇺🇸|EnglishTranslated
10
Security & Compliancedaemon-blockint-tech/agen...

scada-ics-cyber-security-specialist

Guides OT/ICS and SCADA cyber security—Purdue zones, IEC 62443 and NIST SP 800-82 (practitioner), OT asset inventory (PLCs, RTUs, HMIs, historians), secure remote access, OT patch/vuln management, ICS protocol monitoring (Modbus, DNP3, OPC, BACnet high level), safety-first IR, OT threat classes (TRITON, Industroyer), hardening roadmaps, IT/OT convergence. Use for OT program scope, ICS segmentation, OT vuln/patch, detection/IR playbooks, vendor remote access, IEC 62443 or NIST 800-82 gaps—not IT network pentest (network-pentester), web apps (web-pentester), HIL bench only (hardware-in-the-loop-security-tester), GRC only (compliance-specialist), SOC triage (soc-analyst), or IT IR without OT safety (incident-responder). Safety over aggressive testing; no unsafe live-plant steps.

🇺🇸|EnglishTranslated
10
Security & Compliancedaemon-blockint-tech/agen...

cloud-compliance-specialist

Guides cloud compliance—mapping SOC 2, ISO 27001, HIPAA, PCI DSS, FedRAMP, and data-residency requirements to cloud controls; collecting audit evidence from AWS, GCP, and Azure APIs; shared-responsibility narratives; CSPM/Config continuous monitoring; customer assurance questionnaires (CAIQ/SIG); and cloud-specific gap remediation before attestations. Use when scoping regulated workloads in cloud, preparing cloud control evidence for auditors, interpreting provider compliance artifacts (BAA, PCI AOC, FedRAMP packages), or proving residency and logging in multi-account estates—not for org-wide GRC programs and audit coordination without cloud evidence (compliance-specialist), non-cloud systems evidence automation (compliance-engineer), implementing security guardrails (cloud-security-engineer), legal DPAs or contract redlines (commercial-counsel), security strategy (cybersecurity), or CI pipeline gates only (devsecops).

🇺🇸|EnglishTranslated
10
Security & Compliancedaemon-blockint-tech/agen...

str-report

This skill should be used when the user asks to draft or structure STR reports, suspicious transaction reports, SAR, suspicious activity reports, draft STR, STR narrative, file suspicious activity, AML STR, goAML, FinCEN SAR, suspicion narrative, or MLRO report. Guides jurisdiction-agnostic STR/SAR drafting—narrative structure (who, what, when, where, why suspicious), red flags and typologies, transaction aggregation and chronology, subject identification fields, supporting documentation checklists, quality review before filing, and escalation to MLRO/compliance—not TM rule building (aml-compliance), full LE case management, legal filing duty determination (commercial-counsel), or deep blockchain tracing (blockint skills). Complements aml-compliance, aml-cft, auditor, compliance-engineer, and commercial-counsel.

🇺🇸|EnglishTranslated
10
Security & Compliancedaemon-blockint-tech/agen...

hardware-in-the-loop-security-tester

Guides security assessment of embedded and cyber-physical systems on hardware-in-the-loop (HIL) test benches—bench setup, ECU/ECM or PLC targets, bus interfaces (CAN/CAN-FD, LIN, automotive Ethernet, Modbus at high level), fault injection and stimulus design, simulated plant/environment integration, attack-surface monitoring on real hardware, reproducible test cases, lab safety interlocks, and evidence capture for firmware and vehicle security teams. Use for HIL security testing, ECU security assessment, CAN bus security, PLC HIL test, fault injection lab, embedded hardware security—not web/API pentest (web-pentester), network-only pentest (network-pentester), malware/binary RE only (reverse-engineer), SOC operations (soc-analyst), AI red team (ai-redteam), classified ISSO paperwork (information-systems-security-officer-classified-specialist), or pure software CI without hardware (build-validator).

🇺🇸|EnglishTranslated
10
Security & Compliancedaemon-blockint-tech/agen...

classified-software-devsecops-engineer

Guides secure software delivery and DevSecOps for cleared/classified or high-side programs—disconnected or air-gapped CI/CD, artifact promotion across classification boundaries (conceptual), SBOM/signing/ provenance, SAST/DAST/secrets/IaC/container gates, supply-chain controls, STIG/CIS deploy baselines, IaC for classified landing zones, cleared developer workstations, build/deploy audit logging, and ATO/RMF pipeline evidence (not SSP ownership). Use for classified DevSecOps, cleared pipeline, high-side CI/CD, air-gapped build, cross-domain release, classified software delivery, STIG pipeline, ATO evidence CI, SBOM classified, secure software factory—not portfolio cyber governance (classified-cyber-security-senior-manager), ISSO/SSP (information-systems-security-officer-classified-specialist), commercial-only DevSecOps (devsecops), general DevOps (devops), build-only validation (build-validator), pentest (penetration-tester), or enterprise GRC-only (compliance-specialist).

🇺🇸|EnglishTranslated
10
1...6162636465...165
Page