4. Security & Compliance

Deprecated umbrella skill for cross-cutting security reviews covering XSS sanitization, remote content safety, and store compliance. Prefer specific sub-skills.

Enables creation of custom security or compliance rules for policy enforcement in regulatory frameworks.

Enforces security best practices including input validation, SQL injection prevention, XSS mitigation, and secure logging for user data and authentication workflows.

Validates collector bot packages for compliance using eight parallel specialized agents to ensure regulatory adherence.

Conducts comprehensive code audits focusing on quality, architecture, and adherence to best practices including Next.js/Server Actions and dependency management.

Provides a production-ready authentication system with OAuth, RBAC, multi-tenancy, and security best practices for secure user management.

Audits web code for WCAG 2.1 AA and EN 301 549 compliance, checking keyboard navigation, ARIA, color contrast, forms, and media accessibility.

Validates Moodle templates, JavaScript, and CSS for WCAG 2.1 Level AA accessibility compliance, checking semantic HTML, ARIA, keyboard navigation, and color contrast.

Enables GAMP-5/ALCOA+ compliant traceability in pharmaceutical test generation via Langfuse Cloud integration, replacing Phoenix observability.

Verifies safety and uniqueness of conditional actions before execution to prevent security risks and duplicate operations.

Detects hardcoded secrets, API keys, and credentials in source code to prevent security leaks during audits.

Runs Bandit security analysis to identify common vulnerabilities and security issues in Python code through static scanning.

Provides dynamic lookup of Fannie Mae underwriting guidelines for income, assets, credit, and collateral verification to ensure regulatory compliance.

Manages security protocols, vendor relations, and emergency response codes to ensure operational safety and regulatory compliance.

Provides comprehensive client and server-side input validation with sanitization to prevent security vulnerabilities such as SQL injection and XSS.

Configures security settings for Claude Code, including permissions, environment variables, and tool restrictions to secure the environment.

Validates and enforces TAG policy compliance across code, tests, and documentation to maintain system governance and integrity.

Comprehensive audit logging system for tracking file modifications, code changes, and project evolution to maintain compliance and detailed change history.

Provides frameworks for identifying and analyzing risks in technology decisions to ensure security and compliance.

Enforces secure coding practices to prevent vulnerabilities, with emphasis on OWASP Top 10 compliance, authentication, and encryption standards.

Provides security assessments for web applications including OWASP Top 10, SAST/DAST, dependency checks, and secrets management.

Validates code adherence to TRUST governance principles: 85%+ test coverage, readability, security, and traceability.

Applies WordPress security best practices to review code and prevent vulnerabilities such as SQL injection and XSS.

Reviews WordPress themes and elements for WCAG 2.1 compliance, ensuring keyboard navigation, screen reader compatibility, and proper ARIA implementation.