Does it support incident response?

Yes, it includes a structured incident response workflow covering identification, containment, eradication, and recovery to help teams manage security breaches effectively.

How does it assist with secure code reviews?

The skill offers automated scan patterns for secrets and manual checklists to verify input validation, authentication logic, and secure cryptographic implementations.

What is STRIDE analysis in this skill?

STRIDE is a methodology used within this skill to systematically identify threats across categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Can this skill help with OWASP compliance?

Yes, it provides specific workflows and checklists aligned with the OWASP Top 10 to help developers identify and mitigate common web application vulnerabilities early in the lifecycle.

Senior Security Engineer

Name: Senior Security Engineer
Author: zhangzhang-111-i

byzhangzhang-111-i

0•

보안 및 테스팅

Provides a comprehensive security engineering toolkit for threat modeling, vulnerability analysis, and secure architecture implementation.

The Senior Security Engineer skill integrates advanced security protocols directly into the development workflow, offering structured methodologies for threat modeling, vulnerability assessments, and secure code reviews. It utilizes the STRIDE framework for risk identification and DREAD scoring for prioritization, while providing actionable guidance on OWASP standards, cryptographic implementations, and defense-in-depth architecture. This skill is ideal for teams looking to automate security audits, remediate CVEs, and establish robust incident response procedures within their AI-assisted coding environment.

주요 기능

010 GitHub stars

02OWASP-aligned vulnerability assessment and remediation workflows

03STRIDE-based threat modeling and DREAD risk scoring

04Structured incident response playbooks and severity triage

05Comprehensive secure code review checklists and pattern detection

06Secure architecture design using defense-in-depth and Zero Trust principles

사용 사례

01Developing a remediation plan for identified vulnerabilities and CVEs using risk-based scoring

02Automating the detection of hardcoded secrets and insecure cryptographic patterns in source code

03Conducting a pre-deployment security audit of a new application architecture

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zhangzhang-111-i/claude-skills111 senior-security

For use in Claude.ai and ChatGPT

주요 기능

010 GitHub stars

02OWASP-aligned vulnerability assessment and remediation workflows

03STRIDE-based threat modeling and DREAD risk scoring

04Structured incident response playbooks and severity triage

05Comprehensive secure code review checklists and pattern detection

06Secure architecture design using defense-in-depth and Zero Trust principles

사용 사례

01Developing a remediation plan for identified vulnerabilities and CVEs using risk-based scoring

02Automating the detection of hardcoded secrets and insecure cryptographic patterns in source code

03Conducting a pre-deployment security audit of a new application architecture

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zhangzhang-111-i/claude-skills111 senior-security

For use in Claude.ai and ChatGPT