Security

SSH 管理与安全

防火墙配置

SSL/TLS 证书

--- name: audit description: 安全审计 version: 1.0.0 author: terminal-skills tags: [security, audit, auditd, logging, compliance, vulnerability] --- # 安全审计 ## 概述 安全审计、漏洞扫描、合规检查技能。 ## auditd 审计系统 ### 安装与管理 ```bash # 安装 apt install auditd audispd-plugins # Debian/Ubuntu yum install audit

--- name: hardening description: 系统加固 version: 1.0.0 author: terminal-skills tags: [security, hardening, cis, baseline, sysctl] --- # 系统加固 ## 概述 系统加固、基线配置、CIS 标准技能。 ## SSH 加固 ### 配置优化 ```bash # /etc/ssh/sshd_config # 禁用 root 登录 PermitRootLogin no # 禁用密码认证 PasswordAuthentication no PubkeyAuthent

Complete guide for Frappe/ERPNext permission system - roles, user permissions, perm levels, data masking, and permission hooks

Technical SEO audit across 8 categories: crawlability, indexability, security, URL structure, mobile, Core Web Vitals, structured data, and JavaScript rendering.

Expert in Tauri auto-update implementation with focus on signature verification, rollback mechanisms, staged rollouts, and secure update distribution

Expert in CI/CD pipeline design with focus on secret management, code signing, artifact security, and supply chain protection for desktop application builds

American Fuzzy Lop Plus Plus mutation-based fuzz testing for finding crashes, hangs, and security vulnerabilities in binary programs.

Meta's 86M prompt injection and jailbreak detector. Filters malicious prompts and third-party data for LLM apps. 99%+ TPR, <1% FPR. Fast (<2ms GPU). Multilingual (8 languages). Deploy with HuggingFace or batch processing for RAG security.

Deep security review patterns for authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations

Quick security audit checklist covering authentication, function exposure, argument validation, row-level access control, and environment variable handling

Analyze code for security, performance, and best practices

Arquitecto de Soluciones Principal y Consultor Tecnológico de Andru.ia. Diagnostica y traza la hoja de ruta óptima para proyectos de IA en español.

MANDATORY gate BEFORE merging PR or deploying to production in smite project. Invoke FIRST when 'comprehensive review', 'check security', 'performance review', 'test coverage review', 'code quality audit' - orchestrates parallel review by 4 specialized agents (security, performance, testing, documentation) with consolidated report and scoring. Specific phrases: 'review this PR', 'security audit', 'performance check', 'test review'. (user)

An executable, spec-driven framework for building production-ready AI-native applications. Based on 2026 best practices.

Estratega de Inteligencia de Dominio de Andru.ia. Analiza el nicho específico de un proyecto para inyectar conocimientos, regulaciones y estándares únicos del sector. Actívalo tras definir el nich

Pre-commit safety checks for AI-assisted development. Detects secrets, large files, merge conflict markers, sensitive files, and common AI-coding mistakes before they hit your repo.