Security
2492 skills in Testing & Security > Security
implementing-database-audit-logging
Use when you need to track database changes for compliance and security monitoring.This skill implements audit logging using triggers, application-level logging, CDC, or native logs.Trigger with phrases like "implement database audit logging", "add audit trails","track database changes", or "monitor database activity for compliance".
assisting-with-soc2-audit-preparation
Automate SOC 2 audit preparation including evidence gathering, control assessment, and compliance gap identification.Use when you need to prepare for SOC 2 audits, assess Trust Service Criteria compliance, document security controls, or generate readiness reports.Trigger with phrases like "SOC 2 audit preparation", "SOC 2 readiness assessment", "collect SOC 2 evidence", or "Trust Service Criteria compliance".
detecting-sql-injection-vulnerabilities
Detect and analyze SQL injection vulnerabilities in application code and database queries.Use when you need to scan code for SQL injection risks, review query construction, validate input sanitization, or implement secure query patterns.Trigger with phrases like "detect SQL injection", "scan for SQLi vulnerabilities", "review database queries", or "check SQL security".
auditing-wallet-security
Audit crypto wallet security including private key management and transaction signing.Use when auditing wallet security practices.Trigger with phrases like "audit wallet", "check security", or "verify signatures".
responding-to-security-incidents
Guide security incident response, investigation, and remediation processes.Use when you need to handle security breaches, classify incidents, develop response playbooks, gather forensic evidence, or coordinate remediation efforts.Trigger with phrases like "security incident response", "ransomware attack response", "data breach investigation", "incident playbook", or "security forensics".
checking-hipaa-compliance
Check HIPAA compliance for healthcare data security requirements. Use when auditing healthcare applications. Trigger with 'check HIPAA compliance', 'validate health data security', or 'audit PHI protection'.
finding-security-misconfigurations
Identify security misconfigurations in infrastructure-as-code, application settings, and system configurations.Use when you need to audit Terraform/CloudFormation templates, check application config files, validate system security settings, or ensure compliance with security best practices.Trigger with phrases like "find security misconfigurations", "audit infrastructure security", "check config security", or "scan for misconfigured settings".
scanning-database-security
Use when you need to work with security and compliance.This skill provides security scanning and vulnerability detection with comprehensive guidance and automation.Trigger with phrases like "scan for vulnerabilities", "implement security controls",or "audit security".
generating-compliance-reports
Generate comprehensive compliance reports for security standards. Use when creating compliance documentation. Trigger with 'generate compliance report', 'compliance status', or 'audit compliance'.
analyzing-security-headers
Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations.Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications.Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".
building-api-authentication
Build secure API authentication systems with OAuth2, JWT, API keys, and session management.Use when implementing secure authentication flows.Trigger with phrases like "build authentication", "add API auth", or "secure the API".
logging-api-requests
Log API requests with correlation IDs, performance metrics, and security audit trails.Use when auditing API requests and responses.Trigger with phrases like "log API requests", "add API logging", or "track API calls".
validator-expert
Validate production readiness of Vertex AI Agent Engine deployments across security, monitoring, performance, compliance, and best practices. Generates weighted scores (0-100%) with actionable recommendations. Use when asked to "validate deploymen... Trigger with phrases like 'validate', 'check', or 'verify'.
generating-api-docs
Create comprehensive API documentation with examples, authentication guides, and SDKs.Use when creating comprehensive API documentation.Trigger with phrases like "generate API docs", "create API documentation", or "document the API".
analyzing-dependencies
Check dependencies for known security vulnerabilities and outdated versions. Use when auditing third-party libraries. Trigger with 'check dependencies', 'scan for vulnerabilities', or 'audit packages'.
automating-database-backups
Use when you need to automate database backup processes with scheduling and encryption.This skill creates backup scripts for PostgreSQL, MySQL, MongoDB, and SQLite with compression.Trigger with phrases like "automate database backups", "schedule database dumps","create backup scripts", or "implement disaster recovery for database".
checking-session-security
Analyze session management implementations to identify security vulnerabilities in web applications.Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security.Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".
generating-security-audit-reports
Generate comprehensive security audit reports for applications and systems.Use when you need to assess security posture, identify vulnerabilities, evaluate compliance status, or create formal security documentation.Trigger with phrases like "create security audit report", "generate security assessment", "audit security posture", or "PCI-DSS compliance report".
validating-authentication-implementations
Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.
scanning-api-security
Scan APIs for security vulnerabilities including injection, broken auth, and data exposure.Use when scanning APIs for security vulnerabilities.Trigger with phrases like "scan API security", "check for vulnerabilities", or "audit API security".