Which compliance frameworks does this skill support?

The skill provides expert guidance and audit patterns for GDPR, HIPAA, SOC 2, PCI-DSS, ISO 27001, and the NIST Cybersecurity Framework.

Does it support cloud-native security?

Absolutely. It handles cloud security posture, IAM policy auditing, and Kubernetes security across AWS, Azure, and Google Cloud Platform.

Can this skill help with automated security scanning?

Yes, it specializes in integrating SAST, DAST, IAST, and container scanning tools like Snyk, SonarQube, and OWASP ZAP into your CI/CD pipelines.

Is this skill suitable for manual code reviews?

Yes, it is designed to perform manual verification of high-risk areas, focusing on secure coding standards and business logic vulnerabilities that automated tools might miss.

Security Auditor & DevSecOps Expert

Name: Security Auditor & DevSecOps Expert
Author: rmyndharis

byrmyndharis

•

504

•

安全与测试

Performs comprehensive security audits, vulnerability assessments, and DevSecOps integrations to ensure application resilience and regulatory compliance.

The security-auditor skill equips Claude with the expertise of a senior cybersecurity professional specializing in DevSecOps, application security, and infrastructure hardening. It enables deep-dive risk assessments, threat modeling (STRIDE/PASTA), and the implementation of secure authentication protocols like OAuth2 and OIDC. Designed for proactive security, it helps developers 'shift-left' by integrating SAST/DAST tools into CI/CD pipelines and ensuring systems meet rigorous compliance standards such as GDPR, HIPAA, and SOC2. Whether you are remediating OWASP Top 10 vulnerabilities or designing a zero-trust architecture, this skill provides actionable remediation steps and automated security validation.

主要功能

01Expertise in modern auth protocols (OAuth 2.1, OIDC, SAML, WebAuthn)

02Compliance mapping for GDPR, HIPAA, SOC2, and PCI-DSS

03DevSecOps CI/CD integration with SAST, DAST, and dependency scanning

04Cloud security posture management for AWS, Azure, and GCP

05504 GitHub stars

06Comprehensive threat modeling and risk assessment (STRIDE, PASTA)

使用场景

01Auditing microservices architectures for authentication flaws and insecure design

02Implementing automated 'Security as Code' policies within Kubernetes environments

03Conducting pre-audit compliance readiness checks for regulatory frameworks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add rmyndharis/antigravity-skills security-auditor

For use in Claude.ai and ChatGPT

Download Skill