安全性

Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.

Validate CSRF protection implementations for security gaps. Use when reviewing form security or state-changing operations. Trigger with 'validate CSRF', 'check CSRF protection', or 'review token security'.

Attack Surface Analyzer - Auto-activating skill for Security Advanced. Triggers on: attack surface analyzer, attack surface analyzer Part of the Security Advanced skill category.

Password Strength Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: password strength analyzer, password strength analyzer Part of the Security Fundamentals skill category.

Process use when you need to automate database backup processes with scheduling and encryption. This skill creates backup scripts for PostgreSQL, MySQL, MongoDB, and SQLite with compression. Trigger with phrases like "automate database backups", "schedule database dumps", "create backup scripts", or "implement disaster recovery for database".

Soc2 Compliance Checker - Auto-activating skill for Security Advanced. Triggers on: soc2 compliance checker, soc2 compliance checker Part of the Security Advanced skill category.

Configure this skill configures service meshes like istio and linkerd for microservices. it generates production-ready configurations, implements best practices, and ensures a security-first approach. use this skill when the user asks to "configure service ... Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.

Incident Response Planner - Auto-activating skill for Security Advanced. Triggers on: incident response planner, incident response planner Part of the Security Advanced skill category.

Jwt Token Validator - Auto-activating skill for Security Fundamentals. Triggers on: jwt token validator, jwt token validator Part of the Security Fundamentals skill category.

Expert research tool for Model Context Protocol implementations. PROACTIVELY use when reviewing MCP server code, planning new MCP tools/resources/prompts, investigating protocol compliance issues, or validating architecture. Specializes in protocol compliance (JSON-RPC 2.0), security patterns, transport layers, and production best practices. Current spec: 2025-06-18.

Comprehensive code review with security, performance, and quality analysis. Use when users ask to review code, analyze code quality, evaluate pull requests, or mention code review, security analysis, or performance optimization.

Use when you need to work with security and compliance.This skill provides security scanning and vulnerability detection with comprehensive guidance and automation.Trigger with phrases like "scan for vulnerabilities", "implement security controls",or "audit security".

Validate PCI-DSS compliance for payment card data security. Use when auditing payment systems. Trigger with 'validate PCI-DSS', 'check payment security', or 'audit card data'.

Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.

Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.

Execute inspect and validate Vertex AI Agent Engine deployments including Code Execution Sandbox, Memory Bank, A2A protocol compliance, and security posture. Generates production readiness scores. Use when asked to "inspect agent engine" or "validate depl... Trigger with relevant phrases based on skill purpose.

Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.

Use when you need to track database changes for compliance and security monitoring.This skill implements audit logging using triggers, application-level logging, CDC, or native logs.Trigger with phrases like "implement database audit logging", "add audit trails","track database changes", or "monitor database activity for compliance".

Automate SOC 2 audit preparation including evidence gathering, control assessment, and compliance gap identification.Use when you need to prepare for SOC 2 audits, assess Trust Service Criteria compliance, document security controls, or generate readiness reports.Trigger with phrases like "SOC 2 audit preparation", "SOC 2 readiness assessment", "collect SOC 2 evidence", or "Trust Service Criteria compliance".

Detect and analyze SQL injection vulnerabilities in application code and database queries.Use when you need to scan code for SQL injection risks, review query construction, validate input sanitization, or implement secure query patterns.Trigger with phrases like "detect SQL injection", "scan for SQLi vulnerabilities", "review database queries", or "check SQL security".