What types of scanning does this skill perform?

It supports a wide range of analysis including SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), dependency scanning, and specialized checks for vulnerabilities like XSS and SSRF.

Does it support visual threat modeling?

Yes, it integrates with the Excalidraw MCP server to generate visual threat models, architecture maps, and incident response flows based on natural language descriptions.

Can it detect secrets leaked in my repository?

Yes, it includes specialized routines for secrets detection, rotation recommendations, and minimizing your overall attack surface by identifying exposed credentials.

How does the Security Assistant handle compliance?

The skill uses predefined checklists and reference guides for frameworks like GDPR, HIPAA, PCI-DSS, and SOC 2 to audit your code and infrastructure against specific regulatory requirements.

Security Assistant

Name: Security Assistant
Author: diegouis

bydiegouis

•

보안 및 테스팅

Secures software and infrastructure through automated vulnerability scanning, compliance enforcement, and comprehensive threat modeling.

The Security Assistant skill equips Claude with advanced capabilities to audit codebases, enforce industry-standard compliance frameworks like HIPAA and GDPR, and implement Zero Trust architectures. It provides structured workflows for SAST/DAST scanning, secrets management, and OWASP Top 10 protection, while enabling the generation of visual threat models and incident response runbooks using Excalidraw. This skill is essential for security teams and developers looking to integrate security into their development lifecycle, from risk classification to smart contract auditing.

주요 기능

01Multi-framework compliance enforcement for GDPR, SOC 2, HIPAA, and PCI-DSS

022 GitHub stars

03Visual security architecture mapping and incident response diagramming via Excalidraw

04Comprehensive threat modeling using STRIDE and PASTA methodologies

05Automated vulnerability scanning including SAST, DAST, and dependency audits

06Secrets management, credential auditing, and rotation strategy development

사용 사례

01Conducting a security audit on a new feature to identify OWASP Top 10 vulnerabilities before deployment

02Preparing a project for SOC 2 or HIPAA compliance using automated checklists and infrastructure hardening

03Implementing Zero Trust architecture and agent sandboxing for high-stakes infrastructure components

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add diegouis/provectus-marketplace security-assistant

For use in Claude.ai and ChatGPT

Download Skill