Security

API認証ドキュメント（OAuth 2.0/PKCE、API Key、JWT、トークン管理）の作成と図解を支援するスキル。認証フローの説明、トークン取得手順、セキュリティ注意点をわかりやすく整理します。Anchors:• OAuth 2.0 Simplified / 適用: フロー図解 / 目的: 正確な説明と用語整理• Web Application Security / 適用: セキュリティ注意点 / 目的: 安全な認証ドキュメント• API Documentation Best Practices / 適用: ドキュメント構成 / 目的: 読みやすさの担保Trigger:Use when writing authentication docs, creating OAuth flow diagrams, documenting token management, or preparing quickstart guides for API auth.

This skill allows Claude to conduct comprehensive security audits of code, infrastructure, and configurations. It leverages various tools within the security-pro-pack plugin, including vulnerability scanning, compliance checking, cryptography review, and infrastructure security analysis. Use this skill when a user requests a "security audit," "vulnerability assessment," "compliance review," or any task involving identifying and mitigating security risks. It helps to ensure code and systems adhere to security best practices and compliance standards. Activates when you request "performing security audits" functionality.

This skill analyzes HTTP security headers of a given domain to identify potential vulnerabilities and misconfigurations. It provides a detailed report with a grade, score, and recommendations for improvement. Use this skill when the user asks to "analyze security headers", "check HTTP security", "scan for security vulnerabilities", or requests a "security audit" of a website. It will automatically activate when security-related keywords are used in conjunction with domain names or URLs.

Generate secure and memorable passwords that are grammatically correct sentences or phrases. Scope: password generation, passphrase creation. Triggers: "password", "passphrase", "secure password", "memorable password".

Write and optimize Bash, Zsh, and shell scripts with best practices for error handling, argument parsing, portability, and security. Use when writing shell scripts, debugging scripts, implementing command-line tools, or improving shell script maintainability and security.

This skill enables Claude to seamlessly integrate with various secrets managers like HashiCorp Vault and AWS Secrets Manager. It generates configurations and setup code, ensuring best practices for secure credential management. Use this skill when you need to manage sensitive information, generate production-ready configurations, or implement a security-first approach for your DevOps infrastructure. Trigger terms include "integrate secrets manager", "configure Vault", "AWS Secrets Manager setup", "manage credentials securely", or requests for secure configuration generation.

This skill enables Claude to identify potential security misconfigurations in various systems and configurations. It leverages the security-misconfiguration-finder plugin to analyze infrastructure-as-code, application configurations, and system settings, pinpointing common vulnerabilities and compliance issues. Use this skill when the user asks to "find security misconfigurations", "check for security vulnerabilities in my configuration", "audit security settings", or requests a security assessment of a specific system or file. This skill will assist in identifying and remediating potential security weaknesses.

Creates response procedures for security incidents with containment steps, communication templates, and evidence collection. Use for "incident response", "security playbook", "breach response", or "IR plan".

This skill uses the pci-dss-validator plugin to assess codebases and infrastructure configurations for compliance with the Payment Card Industry Data Security Standard (PCI DSS). It identifies potential vulnerabilities and deviations from PCI DSS requirements. Use this skill when the user requests to "validate PCI compliance", "check PCI DSS", "assess PCI security", or "review PCI standards" for a given project or configuration. It helps ensure that systems handling cardholder data meet the necessary security controls.

Use when reviewing code for security vulnerabilities, implementing authorization, or ensuring data protection.

This skill implements backup strategies for databases and applications. It generates configuration files and setup code to ensure data protection and disaster recovery. Use this skill when the user requests to "implement backup strategy", "configure backups", "setup data recovery", or needs help with "backup automation". The skill provides production-ready configurations, best practices, and multi-platform support for database and application backups. It focuses on security and scalability.

This skill enables Claude to audit access control implementations in various systems. It uses the access-control-auditor plugin to identify potential vulnerabilities and misconfigurations related to access control. Use this skill when the user asks to "audit access control", "check permissions", "assess access rights", or requests a "security review" focused on access management. It's particularly useful for analyzing IAM policies, ACLs, and other access control mechanisms in cloud environments, applications, or infrastructure. The skill helps ensure compliance with security best practices and identify potential privilege escalation paths.

Performs comprehensive reviews of git diffs, commits, branches, and pull requests. Use when the user asks to review code, a commit hash, a branch, or a PR, especially for security, best practices, performance issues, or dependency vulnerabilities.

This skill enables Claude to automatically check for HIPAA (Health Insurance Portability and Accountability Act) compliance issues in codebases, infrastructure configurations, and documentation. It leverages the hipaa-compliance-checker plugin to identify potential violations related to data privacy, security, and access controls. Use this skill when the user explicitly requests to "check HIPAA compliance", "scan for HIPAA violations", "assess HIPAA readiness", or similar phrases related to HIPAA audits and security best practices. It is useful for projects handling protected health information (PHI) and requiring adherence to HIPAA regulations.

This skill enables Claude to identify potential security misconfigurations in various systems and configurations. It leverages the security-misconfiguration-finder plugin to analyze infrastructure-as-code, application configurations, and system settings, pinpointing common vulnerabilities and compliance issues. Use this skill when the user asks to "find security misconfigurations", "check for security vulnerabilities in my configuration", "audit security settings", or requests a security assessment of a specific system or file. This skill will assist in identifying and remediating potential security weaknesses.

Reviews authentication and authorization implementation for session management, CSRF, cookie security, and auth flow vulnerabilities with findings, severity assessment, and fix recommendations. Use for "auth review", "session security", "CSRF protection", or "authentication audit".

This skill enables Claude to manage Kubernetes network policies and firewall rules. It allows Claude to generate configurations and setup code based on specific requirements and infrastructure. Use this skill when the user requests to create, modify, or analyze network policies for Kubernetes, or when the user mentions "network-policy", "firewall rules", or "Kubernetes security". This skill is useful for implementing best practices and production-ready configurations for network security in a Kubernetes environment.

Generate comprehensive multi-tenant security and operational reports from LimaCharlie. Provides billing summaries, usage roll-ups, detection trends, sensor health monitoring, and configuration audits across multiple organizations. Supports both per-tenant detailed breakdowns and cross-tenant aggregated roll-ups. Built with strict data accuracy guardrails to prevent fabricated metrics. Supports partial report generation when some organizations fail, with transparent error documentation. Time windows always displayed, detection limits clearly flagged, zero cost calculations.

This skill empowers Claude to build reusable Terraform modules based on user specifications. It leverages the terraform-module-builder plugin to generate production-ready, well-documented Terraform module code, incorporating best practices for security, scalability, and multi-platform support. Use this skill when the user requests to create a new Terraform module, generate Terraform configuration, or needs help structuring infrastructure as code using Terraform. The trigger terms include "create Terraform module," "generate Terraform configuration," "Terraform module code," and "infrastructure as code."

Implement authentication, authorization, and security controls. Use for JWT handling, API key management, RBAC, OAuth integration, and security policies. Triggers on "authentication", "authorization", "JWT", "API key", "RBAC", "OAuth", "security", "permissions", or when implementing spec/006-security-governance.md.