AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config
Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
Container image and Kubernetes security scanning for CVEs, misconfigurations, and compliance
GCP security configuration scanning and hardening using Security Command Center, Forseti, and ScoutSuite
Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
Audit and govern Alibaba Cloud KMS key lifecycles, Certificate Manager, SSM (Secrets Manager), and HSM key operations.
Gate KMS key deletion and disable operations. All data encrypted with a deleted CMK (OSS SSE-KMS, ECS encrypted disks, RDS/PolarDB TDE) becomes permanently and irrecoverably…
Alibaba Cloud KMS Secret Management Skill. Used for managing secrets in KMS, supporting create, delete, update, query operations, version management, and rotation policy…
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative
Run targeted AWS, Azure, or GCP security and compliance audits when an agent needs actionable cloud findings instead of a generic cloud-security platform overview.
Auditing Google Cloud Platform IAM permissions to identify overly permissive bindings, primitive role usage,
Comprehensive AWS security posture assessment using AWS CLI and security best practices
Review broad AWS security posture across Security Hub CSPM, GuardDuty, Inspector, Macie, Config, CloudTrail, IAM, public exposure, vulnerability findings, and remediation…
Expert knowledge for Azure Security development including troubleshooting, best practices, decision making, security, configuration, integrations & coding patterns, and…
Azure Key Vault Keys SDK for .NET. Client library for managing cryptographic keys in Azure Key Vault and Managed HSM.
Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working…
Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.
Use when implementing Kubernetes security patterns including RBAC, NetworkPolicies, Pod Security Standards, secrets management, image scanning with Trivy, Cosign signing, and Dapr…
Sécurité cloud incluant IAM, encryption, networking, compliance, secrets management et CSPM. Se déclenche avec "sécurité cloud", "cloud security", "IAM", "encryption at rest",…
Use when assessing cloud infrastructure for security misconfigurations, IAM privilege escalation paths, S3 public exposure, open security group rules, or IaC security gaps.
Implement comprehensive cloud security across AWS, Azure, and GCP with IAM, encryption, network security, compliance, and threat detection.
Sécurité cloud incluant IAM, encryption, networking, compliance, secrets management et CSPM. Se déclenche avec "sécurité cloud", "cloud security", "IAM", "encryption at rest",…
Activate when users need help setting up cloud security monitoring for AWS, Azure, or GCP, including adapter configuration, detection rules, and threat response.
Cloud Security Posture - Auto-activating skill for Security Advanced. Triggers on: cloud security posture, cloud security posture Part of the Security Advanced skill category.
Multi-cloud security assessment and penetration testing capabilities. Execute Prowler/ScoutSuite assessments, analyze IAM policies, identify cloud misconfigurations, test…
Comprehensive container security guidance including vulnerability scanning with Trivy, image hardening, secrets management, and CIS benchmark compliance.
Container Security Auditor - Auto-activating skill for Security Advanced. Triggers on: container security auditor, container security auditor Part of the Security Advanced skill…
Container escape is a critical attack technique where an adversary breaks out of container isolation to access
Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file
Use when configuring access controls, sharing, or site security for authenticated or guest Experience Cloud (community) users: external OWD, Sharing Sets, Share Groups, CSP,…
Security and type safety standards for FinWiz including API key management, input validation, and mypy strict mode.
Audit and govern Cloud KMS key lifecycles, Secret Manager secrets, CMEK configurations across GCP services (Cloud SQL, BigQuery, GCS, Compute), key rotation schedules, and…
Review GCP security posture via Security Command Center findings, CIS GCP Benchmark gaps, org policy enforcement baseline, Assured Workloads controls, Binary Authorization, and…
Use when hardening the Experience Cloud guest user profile, controlling unauthenticated access to records and Apex, or investigating data exposure through guest SOQL.
Manage Huawei DEW (Data Encryption Workshop) — KMS key lifecycle and rotation, CSMS secret rotation automation, CBH (Cloud Bastion Host) privileged access session management, and…
Gate DEW/KMS key deletion and disable operations — all CSMS secrets and DBSS-encrypted database data become permanently unrecoverable once the key deletion window passes.
Iam Policy Reviewer - Auto-activating skill for Security Advanced. Triggers on: iam policy reviewer, iam policy reviewer Part of the Security Advanced skill category.
Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues
Implementing AWS Security Hub to aggregate security findings across AWS accounts, enable compliance standards
Implementing Cloud Security Posture Management (CSPM) to continuously monitor multi-cloud environments for misconfigurations,
Implementing AWS CloudTrail log analysis for security monitoring, threat detection, and forensic investigation
Implementing and auditing GCP VPC firewall rules to enforce network segmentation, restrict ingress and egress
Pod Security Standards (PSS) define three levels of security policies -- Privileged, Baseline, and Restricted
Comprehensive guide for implementing NetworkPolicy, PodSecurityPolicy, RBAC, and Pod Security Standards in Kubernetes.
Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security.
Perform comprehensive security audits on Node.js, JavaScript, and TypeScript codebases. Scans source code for OWASP Top 10 vulnerabilities, insecure patterns, dependency risks,…
Cloud security attack methodology covering AWS, Azure, and GCP. Includes credential harvesting (IMDS, ~/.aws, env vars, leaked CI secrets, instance roles), enumeration with…
Master OCI IAM policy syntax, common policy patterns, and API key management. Use when writing IAM policies, granting access to compartments, or managing API keys.
Expertise on OSCAL (Open Security Controls Assessment Language) — what document types exist, when to use each, schema versioning, FedRAMP/eMASS/CSPM integration, round-trip…
Perform comprehensive cloud asset inventory and relationship mapping using Cartography to build a Neo4j security
Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed
Performing comprehensive security assessments of Google Cloud Platform environments using Forseti Security,
Enables a multi-region AWS CloudTrail trail with S3 log storage, CloudWatch Logs integration, and CloudWatch Logs Insights queries for security monitoring and compliance auditing.
Configure Shield Platform Encryption with customer-supplied (BYOK) or customer-held (Cache-Only Key Service) tenant secrets, rotate them, and recover.
Integrates Aqua Security Trivy CLI for comprehensive container image vulnerability scanning. Detects OS package CVEs, language-specific dependency vulnerabilities, and IaC…
Manage multiple Alibaba Cloud accounts and batch-export Security Center (SAS) baseline and vulnerability reports via the aliyun CLI and Python scripts.
Use this skill for Azure security posture review, baseline hardening, managed identity adoption, Key Vault posture, private access decisions, Azure Policy guardrails, and logging…
Creates and manages secrets in AWS Secrets Manager following security best practices. Always use this skill when creating secrets — it sets up dedicated KMS encryption keys,…
This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection
This skill covers deploying AWS Security Hub as a centralized cloud security posture management platform that