Runtime enforcement of file system boundaries and tool access restrictions. Blocks unauthorized operations and logs violations.
Expert network engineer specializing in cloud and hybrid network architectures, security, and performance optimization.
Real-time access control decision engine for 0xagentprivacy swordsman agents. Activates when evaluating incoming data requests against consent preferences, designing…
Specialist persona for amnesia-aware operations and reflection without memory. Activates for systems requiring structural forgetting, orbit maintenance, tidal boundary…
Classify whether a requested action is safe to proceed, requires explicit approval, or should not be executed.
Strategy layer for resilient Apex HTTP callouts: bounded retry with backoff, queueable async retry chains, circuit-breaker via Platform Cache, idempotency keys, dead-letter…
Verify code correctness before claiming done or committing. Run 6-dimension checklist: requirements coverage, concurrency safety, error handling, resource management, boundary…
Expert in Cilium eBPF-based networking and security for Kubernetes. Use for CNI setup, network policies (L3/L4/L7), service mesh, Hubble observability, zero-trust security, and…
Diagnose and fix runtime errors in Lightning Web Components including wire adapter failures, shadow DOM boundary violations, event propagation mistakes, async rendering timing…
Analyzes events through cybersecurity lens using threat modeling, attack surface analysis, defense-in-depth, zero-trust architecture, and risk-based frameworks (CIA triad, STRIDE,…
Analyzes events through cybersecurity lens using threat modeling, attack surface analysis, defense-in-depth, zero-trust architecture, and risk-based frameworks (CIA triad, STRIDE,…
Decide and audit the security boundary a Flow runs at — System Context With Sharing, System Context Without Sharing, or User Context — plus the per-element runInMode override and…
Use when reasoning about the pattern where a language model emits, as structured output, a description of UI components or a UI sub-tree that an application then renders for the…
Git security best practices for 2025 including signed commits, zero-trust workflows, secret scanning, and verification
Compares Trailmark code graphs at two source code snapshots (git commits, tags, or directories) to surface security-relevant structural changes.
Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based
Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing…
Checks application security boundaries: secrets, injection, XSS, input validation, and sensitive env defaults. Use when auditing exploitable code paths.
Presents a risk framework for every configurable security control in NemoClaw. Use when evaluating security posture, reviewing sandbox security defaults, or assessing control…
ISTQB Foundation Level (CTFL) aligned QA toolkit for manual and automated testing. Use when asked to create test plans, test strategies, test conditions, test cases, bug reports,…
Secure credential intake via local web form. Spin up a one-page server on Tailscale, paste keys, upload PEM/JSON files, hit submit — secrets land in .hex/secrets/ with 600 perms…
Architecture Zero Trust — never trust always verify, micro-segmentation réseau, approche identity-centric et accès conditionnel.
Use when designing or reviewing Server Actions: the 'use server' directive contract, how a server-side function becomes invokable from the browser without an API route, form…
Security audit and vulnerability scanning for AI agent skills before installation. Detects prompt injection in SKILL.md files, dangerous code patterns (eval, exec, subprocess),…
Domain knowledge for the tachi orchestrator agent: input format detection, DFD classification, trust boundary notation, STRIDE-per-Element dispatch rules, coverage requirements…
AI実行環境のシークレット境界設定。settings.json permissions.denyルールを生成し、シークレットへの事故的アクセスを防止する。