Security

Set up the Globalize CLI, create a translation project, and connect a GitHub or GitLab repository. Use this skill when the user asks to set up Globalize, install the Globalize CLI, authenticate with Globalize, or connect their project to the Globalize translation platform. Also use when the user mentions @globalize-now/cli-client or globalise-now-cli. This skill handles installation, authentication, project creation, and repository connection. For managing existing projects (glossaries, style...

Detect and test for OWASP API3:2023 Broken Object Property Level Authorization

'Detects and analyzes Bluetooth Low Energy (BLE) security attacks including

Detect and investigate Azure service principal abuse including privilege

'Detecting exposed AWS credentials in source code repositories, CI/CD

'This skill covers detecting cyber attacks targeting Supervisory Control

'Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition,

Detect and prevent API enumeration attacks including BOLA and IDOR exploitation

Deploy and configure Tailscale as a WireGuard-based zero trust mesh VPN

Deploy a Software-Defined Perimeter using the CSA v2.0 specification

'Deploys and configures osquery for real-time endpoint monitoring using

'Deploying Cloudflare Access with Cloudflare Tunnel to provide zero trust

'Deploys deception-based honeytokens in Active Directory including fake

'Executes containment strategies to stop active adversary operations

'Configuring Zscaler Private Access (ZPA) to replace traditional VPN

Writes security user stories and security-aware acceptance criteria that fit a Scrum backlog, converting threats, scan findings, and compliance requirements into INVEST-compliant stories with Given/When/Then criteria and regression tests. Use this (not general story writing) whenever the story or criteria concern a security control, vulnerability, or compliance requirement. Triggers on: "write a security story", "security acceptance criteria", "acceptance criteria for rate limiting/auth/valid...

Use when the user wants to check, understand, or harden the security of their Mac, or asks whether their laptop is secure and what to fix. Runs a full macOS security audit, explains each finding in plain language (what it is, why it matters, what changing it would affect), and applies only the fixes the user approves. Also produces SOC 2 / ISO 27001 / NIST / CIS evidence on request. Triggers on phrases like "is my Mac secure", "audit my laptop", "harden my Mac", "what security gaps do I have"...

This skill should be used when the user asks to \"pentest WordPress sites\", \"scan WordPress for vulnerabilities\", \"enumerate WordPress users, themes, or plugins\", \"exploit WordPress vu...

This skill should be used when the user asks to \"escalate privileges on Windows,\" \"find Windows privesc vectors,\" \"enumerate Windows for privilege escalation,\" \"exploit Windows miscon...

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use for security architecture r...

This skill should be used when the user asks to \"pentest SSH services\", \"enumerate SSH configurations\", \"brute force SSH credentials\", \"exploit SSH vulnerabilities\", \"perform SSH tu...

This skill should be used when the user asks to \"test for SQL injection vulnerabilities\", \"perform SQLi attacks\", \"bypass authentication using SQL injection\", \"extract database inform...

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementin...