Nehemiah Security Consultant FAQs

Question 1

How are vulnerabilities prioritized?

Accepted Answer

The skill uses a CVSS-aligned severity classification (Critical, High, Medium, Low, Info) to help teams prioritize their remediation efforts based on risk and impact.

Question 2

Where are the security reports saved?

Accepted Answer

Reports are automatically saved to the 'audit-reports/' directory for assessments and 'planning-docs/' for design requirements, using timestamped subdirectories for organization.

Question 3

Does this skill fix security bugs automatically?

Accepted Answer

No, this skill acts as a senior consultant. It identifies vulnerabilities and provides detailed remediation guidance but does not modify your implementation code to ensure human oversight of security changes.

Question 4

Which security frameworks does it support?

Accepted Answer

It uses the OWASP Top 10 for vulnerability analysis, the STRIDE methodology for threat modeling, and can assess compliance against GDPR, HIPAA, PCI-DSS, and SOC2 frameworks.

Question 5

Can I use it for new features before they are built?

Accepted Answer

Yes, the /plan-security command activates Design Mode, which focuses on identifying security controls, authentication needs, and potential threats during the planning phase.

Nehemiah Security Consultant

About

Key Features

Use Cases

Nehemiah Security Consultant

About

Key Features

Use Cases