BagelHole/DevOps-Security-Agent-Skills Skills

Conduct periodic access reviews and certifications. Implement access governance and recertification workflows. Use when managing access compliance.

Build automated evaluation suites for AI agents using golden datasets, rubrics, and regression gates.

Instrument AI agents with tracing, token metrics, latency, and cost visibility. Use for reliability and debugging.

Orchestrate AI/ML pipelines for data ingestion, model training, batch inference, and RAG indexing using Prefect, Airflow, or Dagster. Build reliable, observable, and retriable workflows for production AI systems.

Build AI-focused SRE incident response practices for LLM outages, degraded quality, runaway cost events, and safety regressions.

Maintain IT asset inventory and configuration management database. Track hardware, software, and cloud resources. Use when managing IT assets.

Implement centralized audit logging and SIEM integration. Configure log retention and security monitoring. Use when implementing audit trail requirements.

Configure AWS CloudTrail for audit logging. Set up organization trails and event analysis. Use when auditing AWS activity.

Configure Azure Monitor and Activity Log for auditing. Set up diagnostic settings and log analytics. Use when auditing Azure activity.

Develop business continuity plans and impact analysis. Implement BCP testing and communication procedures. Use when building organizational resilience.

Implement change management processes. Configure CAB reviews, change windows, and rollback procedures. Use when managing production changes.

Implement disaster recovery strategies and runbooks. Configure RPO/RTO targets and failover procedures. Use when planning for business continuity.

Implement FedRAMP requirements for federal cloud services. Configure NIST 800-53 controls and continuous monitoring. Use when providing cloud services to US federal agencies.

Configure GCP Cloud Audit Logs for compliance. Set up log routing and BigQuery analysis. Use when auditing GCP activity.

Implement GDPR data protection requirements. Configure consent management, data subject rights, and privacy by design. Use when processing EU personal data.

Implement HIPAA security and privacy rules. Configure PHI protections and BAA requirements. Use when handling healthcare data.

Implement incident management processes and escalation procedures. Configure on-call schedules and post-incident reviews. Use when managing production incidents.

Implement ISO 27001 Information Security Management System. Configure ISMS controls and risk management. Use when implementing enterprise security frameworks.

Implement multi-layer LLM caching with exact match, semantic similarity, and provider-side prompt caching. Reduce API costs by 30–70%, cut latency, and improve throughput using Redis, GPTCache, and provider caching APIs.

Reduce LLM API and infrastructure costs through model selection, prompt caching, batching, caching, quantization, and self-hosting strategies. Track spend by team and model, set budgets, and implement cost-aware routing.

Build production LLMOps platforms with CI/CD, model promotion workflows, evaluation gates, rollback, and governance across cloud and self-hosted inference.

Establish model registry standards, governance controls, metadata schemas, approvals, and lifecycle policies for enterprise AI deployments.

Implement PCI DSS requirements for payment card data. Configure cardholder data environment and security controls. Use when processing payment cards.

Implement policy as code with OPA, Sentinel, and Kyverno. Automate policy enforcement in CI/CD and infrastructure. Use when enforcing compliance through automation.