Total 30,167 skills, Security & Compliance has 1070 skills
Showing 12 of 1070 skills
Guidelines and workflows for community moderation, trust & safety, and escalation.
Repository pattern for pre-approved financial disclosures and claim language.
系统加固
Comprehensive guide for Dependency-Track - Software Composition Analysis (SCA) and SBOM management platform. USE WHEN deploying Dependency-Track, integrating with CI/CD pipelines, configuring vulnerability scanning, managing SBOMs, setting up policy compliance, troubleshooting installation issues, or working with the REST API.
Maps security requirements to implementation. Coordinates compliance against FIPS 140-3, OCF, CommonCriteria, and Tizen specification.
Audits codebases for quantum-vulnerable cryptography and plans migration to Post-Quantum Cryptography (PQC) standards to ensure long-term data security.
Authentication and authorization expert specializing in JWT, OAuth 2.0, session management, RBAC, password security. Use for auth implementation, token management, or security issues.
Maps technical state to regulatory standards (SOC2, ISO27001, etc.). Generates real-time compliance scores and audit-ready evidence reports.
Performs active security "war gaming" by attempting to exploit identified vulnerabilities in a sandbox. Validates threat reality beyond static scans.
Manage IAM users, roles, and policies. Implement least-privilege access and security best practices. Use when configuring AWS identity and access management.
YC SAFE Agreement review and advisory skill for startup founders and lawyers. Use when user (1) uploads a SAFE agreement for review/comparison, (2) asks questions about how SAFEs work, or (3) requests to draft a standard YC SAFE. Triggers on keywords like SAFE, Simple Agreement for Future Equity, YC SAFE, valuation cap, discount, MFN, pro rata, convertible instrument.
Security auditing for Rust/WebAssembly applications. Identifies vulnerabilities, reviews unsafe code, validates input handling, and ensures secure defaults. Follows OWASP guidelines and Rust security best practices.